I am a computer science student (KU Leuven - Belgium), specialization secure software.
For my thesis, I will perform a security analysis of the software/firmware running on drones. After a lot of reading, I have found that there has been a lot of research on the hardware and communication aspect (Wifi-hacks, GPS spoofing, bluetooth, Zigbee, ...), but it seems like much of the secure software part has been untouched. I have found some articles about DARPA and Galois creating hack-proof drone software (commercial). I am willing to further investigate whether or not some common vulnerabilities are present, whether or not they can be exploited and what the consequences can be, particular on open source software (ref. Dronecode project). Is there someone who can bring me into contact with a researcher or interested person who has done some research in the field of security of drone software?
I would like to further refine the topic or goal depending on the 'demands' of the community and be up to date with the current state of the art on the safety of drone software.
Security is being discused right now for mavlink 2.0. You should subscribe to the tsc mailing list, and look at this doc https://docs.google.com/document/d/1ETle6qQRcaNWAmpG2wz0oOpFKSF_bcT...
Thank you for the response,
I did subscribe to the mailing list and the proposal / rfc does seem very promising.
In the mean time, I am still looking for a research topic. Someone suggested a vulnerability analysis of the MAVLink protocol, but Joseph Marty already did a great job in his thesis "vulnerability analysis of the MAVLink protocol for command and control of unmanned aircraft" last year.
The vulnerabilities he demonstrated in his paper can be countered by cryptographic solutions. The MAVLink 2.0 proposal looks very promising in this case.
Any suggestions regarding further research on the MAVLink protocol (or other parts of the DroneCode project) are appreciated.