Security analysis and enhancements of UAS architecture

• Published in: Information security journal. Vol. 32; no. 3; pp. 173 - 186
• Main Authors: Akhtar, Bilal, Masood, Ammar
• Format: Journal Article
• Language: English
• Published: Abingdon Taylor & Francis 04.05.2023; Taylor & Francis Ltd
• Subjects: Automatic pilots; Case studies; Security; security analysis; security architecture; UAS; UAV; Unmanned aerial vehicles
• ISSN: 1939-3555; 1939-3547
• DOI: 10.1080/19393555.2021.1977873

Unmanned Aerial Vehicles, known as UAVs, are controlled by the autopilot system remotely and autonomously. It is a component of Unmanned Aerial System (UAS) which contains a UAV, a Ground Control System (GCS), and Air link. They are used vastly in all applications; however, over a period of time, a number of security flaws have surfaced in UASs. While considerable research has been undertaken to propose secure solutions for UAS, the prior work on the subject fails to consider a holistic treatment of the security issues. Thereby, keeping in view the lack of a structured approach for UAS security, we have proposed an ISO 18028 standard-based framework for defining security architecture of UAS. ISO standard provides generic guidelines for the security architecture of a network; yet, the same has been extended in this work to propose a holistic security architecture for UASs, which effectively mitigates all the associated risks. Furthermore, the architecture has been used to evaluate two case studies: Commercial UAS based on Cube and Commercial UAS based on DJI A3. The appraisal undertaken in the case studies indicated a number of security limitations in the considered commercial solutions, thus leading to corresponding recommendations for security enhancements.