Security analysis and enhancements of UAS architecture

Abstract

ABSTRACT Unmanned Aerial Vehicles, known as UAVs, are controlled by the autopilot system remotely and autonomously. It is a component of Unmanned Aerial System (UAS) which contains a UAV, a Ground Control System (GCS), and Air link. They are used vastly in all applications; however, over a period of time, a number of security flaws have surfaced in UASs. While considerable research has been undertaken to propose secure solutions for UAS, the prior work on the subject fails to consider a holistic treatment of the security issues. Thereby, keeping in view the lack of a structured approach for UAS security, we have proposed an ISO 18028 standard-based framework for defining security architecture of UAS. ISO standard provides generic guidelines for the security architecture of a network; yet, the same has been extended in this work to propose a holistic security architecture for UASs, which effectively mitigates all the associated risks. Furthermore, the architecture has been used to evaluate two case studies: Commercial UAS based on Cube and Commercial UAS based on DJI A3. The appraisal undertaken in the case studies indicated a number of security limitations in the considered commercial solutions, thus leading to corresponding recommendations for security enhancements.