Reverse Engineering and Control-Aware Security Analysis of the ArduPilot UAV Framework
Yasaswini Konapalli, Lotfi Ben Othmane, Cihan Tunc, Feras Benchellal, Likhita Mudagere
TL;DR
This work reverse-engineers the ArduPilot ArduCopter stack to reveal a hierarchically cascaded PID control framework with EKF-based state estimation and a deterministic scheduler that translates MAVLink commands into motor actuation. It demonstrates how legitimate inputs—commands, configuration changes, and sensor feeds—can be manipulated to induce unsafe yet plausible flight behavior without firmware exploits, validated through SITL and hardware experiments. By outlining four attack surfaces—MAVLink command injection, parameter tampering, sensor manipulation, and exception-handling weaknesses—the paper highlights the necessity for control-aware safeguards and estimator-resilience measures to preserve flight integrity in adversarial conditions.
Abstract
Unmanned Aerial Vehicle (UAV) technologies are gaining high interest for many domains, which makes UAV security of utmost importance. ArduPilot is among the most widely used open-source autopilot UAV frameworks; yet, many studies demonstrate the vulnerabilities affecting such systems. Vulnerabilities within its communication subsystems (including WiFi, telemetry, or GPS) expose critical entry points, and vulnerabilities in Ardupilot can affect the control procedure. In this paper, we reconstruct the software architecture and the control models implemented by ArduPilot and then examine how these control models could potentially misused to induce malicious behaviors while relying on legitimate inputs.