Hi,

I am a computer science student (KU Leuven - Belgium), specialization secure software.
For my thesis, I will perform a security analysis of the software/firmware running on drones. After a lot of reading, I have found that there has been a lot of research on the hardware and communication aspect (Wifi-hacks, GPS spoofing, bluetooth, Zigbee, ...), but it seems like much of the secure software part has been untouched. I have found some articles about DARPA and Galois creating hack-proof drone software (commercial). I am willing to further investigate whether or not some common vulnerabilities are present, whether or not they can be exploited and what the consequences can be, particular on open source software (ref. Dronecode project). Is there someone who can bring me into contact with a researcher or interested person who has done some research in the field of security of drone software?

I would like to further refine the topic or goal depending on the 'demands' of the community and be up to date with the current state of the art on the safety of drone software.

Best regards,
Karel

You need to be a member of diydrones to add comments!

Join diydrones

Email me when people reply –

Replies

  • I want to configure my autopilot APM 2.6. So I have to compile this source code mavlink_helpers.h To implement encryption to secure the MAVLink protocol, the files mavlink helpers.h and mavlink types.h found in “ArduPlane2.76→libraries→GCS MAVLink→ include→mavlink→v1.0” will need to be modified in Notepad++ to include the encryption and decryption functions. What are the modifications made in mavlink_helpers.h code in notepad ++ ? 
  • Security is being discused right now for mavlink 2.0.  You should subscribe to the tsc mailing list, and look at this doc https://docs.google.com/document/d/1ETle6qQRcaNWAmpG2wz0oOpFKSF_bcT...

    MAVLink packet signing proposal
    MAVLink 2.0 packet signing proposal There has been some considerable previous discussion on this topic. Most notably: https://docs.google.com/docu…
    • Thank you for the response,

      I did subscribe to the mailing list and the proposal / rfc does seem very promising. 

      In the mean time, I am still looking for a research topic. Someone suggested a vulnerability analysis of the MAVLink protocol, but Joseph Marty already did a great job in his thesis "vulnerability analysis of the MAVLink protocol for command and control of unmanned aircraft" last year.

      The vulnerabilities he demonstrated in his paper can be countered by cryptographic solutions. The MAVLink 2.0 proposal looks very promising in this case.

      Any suggestions regarding further research on the MAVLink protocol (or other parts of the DroneCode project) are appreciated. 

This reply was deleted.

Activity