PASTAD: A Context-Aware Threat Modeling Methodology for Unmanned Aerial Systems

Abstract

Unmanned Aerial Systems (UAS) have emerged as a transformative technology across multiple domains, including military, logistics, agriculture, and topography. However, limited attention to security during system design, combined with evolving threats and expanding attack surfaces, continues to expose UAS to significant cyber risks. Ensuring the secure operation of these systems is critical, as vulnerabilities can compromise mission success, system integrity, and public safety. To address these challenges, threat modeling is widely regarded as a fundamental practice in system security engineering. Nevertheless, the absence of methodologies explicitly developed for UAS has led practitioners to adopt approaches originally designed for IT systems. These methodologies often fail to account for the distinctive characteristics of UAS as Cyber-Physical Systems (CPS), thereby limiting their effectiveness. To bridge this gap, this study introduces the Process for Attack Simulation and Threat Analysis for Drones (PASTAD), a threat modeling methodology adapted from the PASTA framework and tailored to UAS. Built upon a layered architectural model and robust risk assessment metrics, PASTAD provides a structured, systematic, and context-aware process for identifying threats, evaluating risks, and guiding risk mitigation strategies. The methodology is demonstrated through an illustrative case study involving a fixed-wing UAS deployed in airport surveillance. This study further evaluates PASTAD, discusses its scalability and potential generalization across other UAS platforms, and outlines future directions to advance threat modeling practices and strengthen the resilience of these systems in critical applications.