Finding Security Vulnerabilities in Unmanned Aerial Vehicles Using Software Verification

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The proliferation of Unmanned Aerial Vehicles (UAVs) embedded with vulnerable monolithic software, involving concurrency and fragile communication links, has recently raised serious concerns about their security. Recent studies show that a 2kg UAV can cause a critical damage to a passenger jet windscreen. However, verifying security in UAV software based on traditional testing remains an open challenge mainly due to scalability and deployment issue. Here we investigate the application of software verication techniques; in particular, existing software analyzers and veriers, which implement fuzzing and bounded model checking techniques, to detect security vulnerabilities in typical UAVs.We also investigate fragility aspects related to the UAV communication link since all remaining UAV components (e.g., position, velocity and attitude control) heavily depend on it. Our preliminary results show real cyber-threats with the possibility of exploiting further security vulnerabilities in real-world UAV software in the foreseeable future.

Bibliographical metadata

Original languageEnglish
Title of host publicationIEEE International Workshop on Secure Internet of Things (SIoT)
Publication statusAccepted/In press - 26 Aug 2019
EventIEEE International Workshop on Secure Internet of Things (SIoT) - Luxembourg, Luxembourg
Event duration: 26 Sep 2019 → …

Conference

ConferenceIEEE International Workshop on Secure Internet of Things (SIoT)
Abbreviated titleSIoT 2019
CountryLuxembourg
CityLuxembourg
Period26/09/19 → …