A cyber-resilient open architecture for drone control

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2024-11-23 DOI:10.1016/j.cose.2024.104205

Nicola d’Ambrosio, Gaetano Perrone, Simon Pietro Romano, Alberto Urraro

{"title":"A cyber-resilient open architecture for drone control","authors":"Nicola d’Ambrosio, Gaetano Perrone, Simon Pietro Romano, Alberto Urraro","doi":"10.1016/j.cose.2024.104205","DOIUrl":null,"url":null,"abstract":"<div><div>Unmanned Aerial Vehicles (UAVs) are becoming important tools in both military and civilian sectors. However, the prevalent use of monolithic architectures in contemporary platforms limits the swift integration of new features and significantly hampers the adaptability of UAVs to an ever-changing operational environment. Furthermore, this constantly evolving landscape highlights the inherent complexity of assessing drone safety and security since this process requires managing multiple and rapidly changing variables. Therefore, it is imperative to adopt an open system approach that relies on microservices and virtualization in order to overcome the limits of traditional drone architectures. This study presents a new method that involves breaking down the UAV monolithic system into a network of separate and virtualized components, each holding a single responsibility and designed according to the Open System Architecture (OSA) principle. Moreover, this work proposes a novel cyber-resilience model to determine cyber threats and assess their impact on the system. This approach leverages NIST 800-53, MITRE ATT&CK, STPA-Sec, and Attack Graph in order to identify the sequence of malicious actions that can lead to a specific hazardous scenario. Lastly, we demonstrate the effectiveness of this novel architectural paradigm by developing a software-in-the-loop simulation testbed for fast prototyping new features and validating the results of the cyber-resilience model.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104205"},"PeriodicalIF":4.8000,"publicationDate":"2024-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824005108","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Unmanned Aerial Vehicles (UAVs) are becoming important tools in both military and civilian sectors. However, the prevalent use of monolithic architectures in contemporary platforms limits the swift integration of new features and significantly hampers the adaptability of UAVs to an ever-changing operational environment. Furthermore, this constantly evolving landscape highlights the inherent complexity of assessing drone safety and security since this process requires managing multiple and rapidly changing variables. Therefore, it is imperative to adopt an open system approach that relies on microservices and virtualization in order to overcome the limits of traditional drone architectures. This study presents a new method that involves breaking down the UAV monolithic system into a network of separate and virtualized components, each holding a single responsibility and designed according to the Open System Architecture (OSA) principle. Moreover, this work proposes a novel cyber-resilience model to determine cyber threats and assess their impact on the system. This approach leverages NIST 800-53, MITRE ATT&CK, STPA-Sec, and Attack Graph in order to identify the sequence of malicious actions that can lead to a specific hazardous scenario. Lastly, we demonstrate the effectiveness of this novel architectural paradigm by developing a software-in-the-loop simulation testbed for fast prototyping new features and validating the results of the cyber-resilience model.

Abstract Image

查看原文本刊更多论文

无人机控制的网络弹性开放架构

无人驾驶飞行器（UAV）正在成为军事和民用领域的重要工具。然而，当代平台普遍使用的单片架构限制了新功能的快速集成，极大地阻碍了无人机对不断变化的作战环境的适应性。此外，这种不断变化的情况凸显了评估无人机安全和安保的内在复杂性，因为这一过程需要管理多种快速变化的变量。因此，必须采用一种依赖于微服务和虚拟化的开放式系统方法，以克服传统无人机架构的局限性。本研究提出了一种新方法，即把无人机单体系统分解成一个由独立和虚拟化组件组成的网络，每个组件承担单一责任，并根据开放系统架构（OSA）原则进行设计。此外，这项工作还提出了一种新型网络弹性模型，用于确定网络威胁并评估其对系统的影响。这种方法利用了 NIST 800-53、MITRE ATT&CK、STPA-Sec 和攻击图谱，以确定可能导致特定危险场景的恶意行为序列。最后，我们通过开发用于快速原型开发新功能和验证网络复原力模型结果的软件在环仿真测试平台，展示了这一新型架构范例的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.