Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Unfolding Challenges in Securing and Regulating Unmanned Air Vehicles

Sonali Rout, Vireshwar Kumar

TL;DR

The paper addresses the security and regulatory challenges of civilian off-the-shelf UAVs in large-scale deployments. It develops a comprehensive taxonomy of UAV attacks and a parallel countermeasure taxonomy, linking threats to defenses and evaluating them along practical axes such as overhead, deployability, robustness, and usability. It also proposes a regulatory-authority framework to enforce dynamic no-fly zones, secure communications, and compliance auditing, including TEEs, PKI, and blockchain-based logging. By identifying gaps in hardware-software policy enforcement and outlining concrete research directions, the work aims to enable robust, policy-driven, secure drone networks.

Abstract

Unmanned Aerial Vehicles (UAVs) or drones are being introduced in a wide range of commercial applications. This has also made them prime targets of attackers who compromise their fundamental security properties, including confidentiality, integrity, and availability. As researchers discover novel threat vectors in UAVs, the government and industry are increasingly concerned about their limited ability to secure and regulate UAVs and their usage. With the aim of unfolding a path for a large-scale commercial UAV network deployment, we conduct a comprehensive state-of-the-art study and examine the prevailing security challenges. Unlike the prior art, we focus on uncovering the research gaps that must be addressed to enforce security policy regulations in civilian off-the-shelf drone systems. To that end, we first examine the known security threats to UAVs based on their impact and effectiveness. We then analyze existing countermeasures to prevent, detect, and respond to these threats in terms of security and performance overhead. We further outline the future research directions for securing UAVs. Finally, we establish the fundamental requirements and highlight critical research challenges in introducing a regulatory entity to achieve a secure and regulated UAV network.

Unfolding Challenges in Securing and Regulating Unmanned Air Vehicles

TL;DR

The paper addresses the security and regulatory challenges of civilian off-the-shelf UAVs in large-scale deployments. It develops a comprehensive taxonomy of UAV attacks and a parallel countermeasure taxonomy, linking threats to defenses and evaluating them along practical axes such as overhead, deployability, robustness, and usability. It also proposes a regulatory-authority framework to enforce dynamic no-fly zones, secure communications, and compliance auditing, including TEEs, PKI, and blockchain-based logging. By identifying gaps in hardware-software policy enforcement and outlining concrete research directions, the work aims to enable robust, policy-driven, secure drone networks.

Abstract

Unmanned Aerial Vehicles (UAVs) or drones are being introduced in a wide range of commercial applications. This has also made them prime targets of attackers who compromise their fundamental security properties, including confidentiality, integrity, and availability. As researchers discover novel threat vectors in UAVs, the government and industry are increasingly concerned about their limited ability to secure and regulate UAVs and their usage. With the aim of unfolding a path for a large-scale commercial UAV network deployment, we conduct a comprehensive state-of-the-art study and examine the prevailing security challenges. Unlike the prior art, we focus on uncovering the research gaps that must be addressed to enforce security policy regulations in civilian off-the-shelf drone systems. To that end, we first examine the known security threats to UAVs based on their impact and effectiveness. We then analyze existing countermeasures to prevent, detect, and respond to these threats in terms of security and performance overhead. We further outline the future research directions for securing UAVs. Finally, we establish the fundamental requirements and highlight critical research challenges in introducing a regulatory entity to achieve a secure and regulated UAV network.

Paper Structure

This paper contains 45 sections, 4 figures, 1 table.

Table of Contents

  1. Introduction
  2. Drone System Architecture
  3. Flight Controller
  4. Software Stack
  5. Hardware Stack
  6. Other Hardware Components
  7. Ground Control System
  8. Communication Link
  9. Limitations of Existing Literature Surveys
  10. Systematization of Attacks
  11. Methodology
  12. Impact (Confidentiality/ Integrity/ Availability)
  13. Severity
  14. Mission Disruption
  15. Irrecoverability
  16. ...and 30 more sections

Figures (4)

  • Figure 1: Illustrative architecture of a typical UAV system consisting of a flight controller and ground control with their software, hardware, and communication modules.
  • Figure 2: Attack classification: This table categorizes various attacks targeting UAV systems based on their attack target, type, method, target, and potential damage. It also highlights the impact on confidentiality (C), integrity (I), and availability (A), along with associated metrics such as mission disruption, irrecoverability, stealthiness, and exploitation complexity.
  • Figure 3: Qualitative comparison of the countermeasures in UAV Systems in terms of their implementation overhead and performance efficiency.
  • Figure 4: Considered drone system consisting of three entities: the drone, the Ground Control System (GCS), and a proposed Regulatory Authority introduced for policy-enforcement.