Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New CS proposal: Drone Security #1412

Open
godfreynolan opened this issue May 24, 2024 · 14 comments
Open

New CS proposal: Drone Security #1412

godfreynolan opened this issue May 24, 2024 · 14 comments
Assignees
@pUrGe12
Labels
ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. NEW_CS Issue about the creation of a new cheat sheet.

Comments

@godfreynolan
Copy link

What is the proposed Cheat Sheet about?

This drone security Cheat Sheet aims to ensure the safe and secure operation of unmanned aerial vehicles (UAVs) in various mobile, web and cloud applications.

What security issues are commonly encountered related to this area?

Insecure Communication Links, data transmitted can be intercepted
Weak Authentication Mechanisms, default or weak passwords can allow unauthorized access
Firmware Vulnerabilities, unencrypted firmware and vulnerable bootloaders can lead to unauthorized modifications
Insufficient Physical Security, need to secure physical access to USB ports and other interfaces to prevent data theft or tampering
Insecure Supply Chain, compromised components from suppliers can introduce hidden vulnerabilities
Unsecured Third Party Components, third-party software libraries and components can compromise drone security
Inadequate Logging and Monitoring, insufficient monitoring of drone operations can delay the detection of security breaches or operational anomalies
Insecure Data Storage, sensitive data stored on drones can be accessed if not encrypted
Spoofing and Replay Attacks, GPS or ADS-B data spoofing or command replay attacks could mislead or take control of the drone
RF Interference and Jamming, drones can be disrupted or controlled through intentional RF interference or jamming
Sensor Vulnerabilities, cameras, GPS and other sensors can be exploited to feed incorrect data to the drone systems.
Cloud Storage and Data Management Vulnerabilities, inadequate security controls for drone data stored in the cloud (e.g., videos, logs, images) can lead to unauthorized access and data breaches
End of Life Decommissioning Risks, inadequately secured decommissioning processes can leave residual data accessible, or hardware could be reused maliciously
Interoperability and Integration Issues, integrating various systems and technologies without a cohesive security strategy can introduce vulnerabilities, e.g. web servers on cameras
Third Party Services and API Security, external APIs used by drones or GCS might be insecure, providing a pathway for attacks
User Error and Misconfiguration, incorrect configuration of drone systems by users can expose them to risks of unauthorized access or malfunction

What is the objective of the Cheat Sheet?

To provide developers working on mobile apps, websites, cloud systems and firmware for drones to understand the wide ranging risks.

What other resources exist in this area?

https://dronewolf.darkwolf.io/intro
https://github.com/nicholasaleks/Damn-Vulnerable-Drone
https://github.com/dhondta/dronesploit
https://github.com/jezzab/DUMLdore
@godfreynolan godfreynolan added ACK_WAITING Issue waiting acknowledgement from core team before to start the work to fix it. HELP_WANTED Issue for which help is wanted to do the job. NEW_CS Issue about the creation of a new cheat sheet. labels May 24, 2024
@jmanico
Copy link
Member

jmanico commented May 27, 2024

I think this is a fantastic idea for a cheatsheet. Let's do it. You are welcome to issue a new PR and if you need help with the directory structure of similar let me know!

@szh szh added ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. and removed ACK_WAITING Issue waiting acknowledgement from core team before to start the work to fix it. HELP_WANTED Issue for which help is wanted to do the job. labels May 28, 2024
@godfreynolan
Copy link
Author

godfreynolan commented May 31, 2024 via email

@szh
Copy link
Collaborator

szh commented Aug 7, 2024

@godfreynolan Hey are you still working on this?

@godfreynolan
Copy link
Author

godfreynolan commented Aug 7, 2024 via email

@pUrGe12
Copy link
Contributor

pUrGe12 commented Feb 6, 2025
edited
Loading

I have learnt of a novel approach to solving the issue of sensor hijacking especially in case of drone hordes where such a thing will be extremely risky. Its called Dynamic Watermarking for autonomous vehicles, attaching the paper herein. I think its a pretty cool approach and can be added to drone security protocols.

@jmanico
Copy link
Member

jmanico commented Feb 6, 2025

I would love to author a drone security cheat sheet. Would you like to help or get it started?

@pUrGe12
Copy link
Contributor

pUrGe12 commented Feb 6, 2025

Yeah sure! I will look into a some details mentioned by @godfreynolan as well and post a draft here soon!

@pUrGe12
Copy link
Contributor

pUrGe12 commented Feb 6, 2025

I am thinking of something like this. Lemme know what you think @jmanico.

Drone Security Cheat Sheet

Introduction

Drone security is crucial due to their widespread adoption in industries such as military, construction, and community services. With the increasing use of drone swarms, even minor security lapses can lead to significant risks.

This cheat sheet provides an overview of vulnerable endpoints in drone systems and strategies to mitigate security threats.

Drone System Components

A typical drone architecture consists of three main components:

  1. Unmanned Aircraft (UmA) – The physical drone itself, including its sensors and onboard systems.
  2. Ground Control Station (GCS) – The interface used to control and monitor drone operations.
  3. Communication Data-Link (CDL) – The network connection between the drone and the GCS

The communication between the drone and the GCS is vulnerable to interception and attacks. This will be made evident in the future sections as well. It is important to understand that peripherals attached to drone may be vulnerable too! To explain this, we have made a list of vulnerable endpoints below.

Vulnerable Endpoints & Security Risks

1. Communication Security

  • Insecure Communication Links – Data transmitted between the drone and GCS can be intercepted if not properly encrypted. Use standard protocols for encryption of any data being sent over.
  • Spoofing and Replay Attacks – If the drone uses a GPS module then data spoofing and command replay attacks can also become a reality. Again encrpyted data transfer is the best way to go forward. There are many more methods, which have been discussed here
  • Wi-Fi Weaknesses – Weak authentication or unprotected channels can allow unauthorized access. This is even possible through simple microcontrollers like ESP8266!
    • Use 802.11w MFP (Management Frame Protection) to prevent WiFi deauthentication attacks. Don't worry, if your Wi-Fi systems are up to date, then this is a default protocol now.

2. Authentication & Access Control

Most drone controllers use 2 sets of computers,

  1. The main chip that performs the PID control and handles motors
  2. An additional SoC (called the companion computer) to manage peripherals (like the cameras, LiDARs etc.) and send telemetry data.

Thus, it becomes very important to maintain their security as well. The possible risks in this case are:

  • Companion Computers – Open ports (e.g., SSH, FTP) can be exploited if not securely configured.
  • User Error and Misconfiguration – Misconfigured security settings can expose the drone to risks.

3. Physical Security

If you're done is ever captured or lost, you should ensure that its not physically possible to steal data from it. This may happen under the following conditions:

  • Insufficient Physical Security – Unsecured USB ports or exposed hardware can lead to data theft or tampering.
  • Insecure Supply Chain – Compromised components from suppliers can introduce hidden vulnerabilities.
  • End-of-Life Decommissioning Risks – Improperly decommissioned drones may retain sensitive data or be repurposed maliciously.

4. Sensor Security

With drones implementing control logic depending on how close they are to other drones or aerial vehicles, manipulating sensor data is extremely disastrous!

Yes, attackers can manipulate drone sensors (GPS, cameras, altimeters) to feed incorrect data. Think of this more like how struxnet changed the temperatures of the Uranium holdings in Iran.

To prevent this, there is new research being developed involving watermarked signals whose entropy can be used to determine if the sensor values are correct of not. Read more about this method here.

5. Logging & Monitoring

  • Inadequate Logging and Monitoring – Without sufficient monitoring, security breaches or operational anomalies may go undetected.
  • Integration Issues – The cameras require webserver configurations, and if poorly integrated, these web servers on cameras or telemetry systems may expose vulnerabilities that can be used to gather sensitive information.

To prevent this, ensure that your credentials are strong! Additionally you may choose to implement SecOps softwares like DefectDojo for continous monitoring of your systems.

Secure Communication Protocols

Below are some protocols used by drone systems to communicate. This can be either between each other (if in a horde) or with the ground stations. We have mentioned what can go wrong with each protocol and also provided recommendations.

  1. MAVLink 2.0 – A widely used protocol for communication between drones and ground control stations (GCS).

    • Implement message signing to prevent spoofing and replay attacks.
    • You must secure heartbeat messages to avoid command injection vulnerabilities. A heartbeat message is usually a single byte that is sent at a certain frequency to all other nodes, informing of the device's existence. The frequency is important here!
    • Tools like ArduPilot and PX4 support MAVLink 2.0 security enhancements. There are thoroughly tested softwares and hence recommended.
    • Utilize end-to-end encryption! Either through TLS or DTLS is fine and good.

  2. CAN (Controller Area Network) Bus – A communication protocol used between internal drone system components (e.g., flight controllers, ESCs, GPS modules).

    • Most attacks require physical access to exploit CAN. It works on differentially signals and hardware hacking may be possible by tapping into them.
    • There exist tools like DroneCAN which make using secure CAN communications easy.

  3. ZigBee – A low-power wireless protocol often used for telemetry and sensor communication in backup systems.

    • This has a way to enable AES-128 encryption to secure transmissions. Make sure you do that.
    • Deploy network keys with frequent rotation to prevent key compromise. Read more about key rotations here.
    • Monitor for ZigBee packet sniffing attacks using SDR-based tools like HackRF or YARD Stick One.

  4. Bluetooth – Used for device connections, such as drone controllers or mobile applications.

    • You must enforce Strict Pairing Modes that is LE (Low Energy) Secure Connections over Bluetooth 4.2+. This uses the Elliptic curve Diffie-Hellman cryptosystem to generate keys. Essentially, its state of the art.
    • Pairing methods such as Just works are vulnerable to MITM attacks! Do not use them if you're setting up your own Bluetooth adapters.

  5. WiFi (802.11a/b/g/n/ac/ax) – A common method for FPV (First Person View) video transmission and drone control.

    • Make sure that you are using WPA3 encryption for the highest level of security. Note that protocols like WEP are vulnerable!
    • Use 802.11w Management Frame Protection (MFP) to mitigate deauthentication attacks (these are crafted packets that emulate a server and cause deauthentication).
    • Disable SSID broadcasting and use MAC filtering where feasible. This is advisable because it essentially hides your drone's wifi adapters from simple scans.

By implementing these security measures, drone operators can significantly reduce the risks of cyberattacks and unauthorized access to UAV communication systems.

Summary

The following table summaries the different attack vectors for a drone system.

Table showing attack vectors

There are multiple GitHub repos that help with drone attack simulations and actual exploits. Be sure to check them out too for a deeper understanding of drone security.

References

@jmanico
Copy link
Member

jmanico commented Feb 6, 2025

This is remarkable. I'd like some other folks to review it carefully first but wow!

@godfreynolan
Copy link
Author

godfreynolan commented Feb 6, 2025 via email

@jmanico
Copy link
Member

jmanico commented Feb 6, 2025

Let me know how if there's anything I can do to help.

Please give it a careful review!!!

@pUrGe12
Copy link
Contributor

pUrGe12 commented Feb 7, 2025

I ran link checker (lychee) and one link to sciencedirect.com works because I have institutional access but others might not. Should I drop that link?

@jmanico
Copy link
Member

jmanico commented Feb 7, 2025

Yes please drop it

@pUrGe12
Copy link
Contributor

pUrGe12 commented Feb 7, 2025

Alright, done. Have updated index.md too. Will wait for people to review it.

@pUrGe12 pUrGe12 mentioned this issue Feb 7, 2025
Merged
8 tasks
@mackowski mackowski assigned pUrGe12 and unassigned godfreynolan Feb 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pUrGe12 pUrGe12

Labels
ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. NEW_CS Issue about the creation of a new cheat sheet.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jmanico @szh @godfreynolan @pUrGe12