https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Events
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
  • IWCE
    • Back
    • Conference
    • WHY ATTEND
    • Exhibitor Listings
    • Floor Plan
    • Exhibiting Information
    • Registration Opens April 2019-Join Our Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Critical Infrastructure


Effective drone cybersecurity requires system-engineering approach, not just IT, panelists say

  • Written by Donny Jackson
  • 21st May 2015
It is virtually impossible to completely secure the software used to operated aerial drones or other unmanned vehicles, so it is important that these systems be designed to operate safely even when the software is compromised, panelists said during a session at the recent Unmanned Systems 2015 event in Atlanta.

What is in this article?

  • Effective drone cybersecurity requires system-engineering approach, not just IT, panelists say
  • Effective drone cybersecurity requires system-engineering approach, not just IT, panelists say

Effective drone cybersecurity requires system-engineering approach, not just IT, panelists say

It is virtually impossible to completely secure the software used to operated aerial drones or other unmanned vehicles, so it is important that these systems be designed to operate safely even when the software is compromised, panelists said during a session at the recent Unmanned Systems 2015 event in Atlanta.

Because most public attention understandably is paid to the threat of a hacker intercepting or interfering with the remote-control signal that is used to operate an unmanned vehicle, considerable encryption and authentication work has been done to try to secure the communications link when a vehicle is being operated, according to Andrew Lacher, the MITRE Corporation’s senior principal and integration lead for unmanned aircraft systems (UAS).

But drones actually may be more vulnerable to hackers when they are not in operation, because many of them get connected to the Internet, Lacher said.

“Many of the unmanned aircraft and automated driving capabilities actually are connected, even when they’re not operating,” Lacher said. “And often, they’re connected to different networks [than they are during operation]. For example, a lot of the consumer-grade unmanned aircraft connect to the Internet when they’re not flying—that’s how data is uploaded to the Internet and how software is updated on the vehicle. These vulnerabilities, when the vehicle is not in operation, are important to consider.

“For example, software updates are received over the public Internet. That’s a great opportunity for malicious code to be introduced.”

And those are the kind of opportunities that being exploited by cyber attackers that have significantly better tools at their disposal than they did just a few years ago, according to Thomas Richardson, a systems and information engineering researcher for the University of Virginia.

Whereas it used to be that only very skilled hackers could mount dangerous cyber attacks, very sophisticated threats now can launched by less-skilled hackers willing to pay for tools that are readily available and not very expensive, Richardson said.

“The tools are very, very sophisticated; the attacks are very, very sophisticated; and it doesn’t take much knowledge to launch these attacks,” Richardson said.

Frank Byrum, chief scientist for Spectrum Comm, agreed, providing an example of an attack that would be difficult for any system to combat.

 “One of the most interesting ones I’ve heard about recently had a small piece of code sitting on a system, it opened up a connection to the Internet, and it downloaded regular web pages and encoded them—on the fly—in the binary to execute an attack,” Byrum said. “That’s scary. That’s completely impossible to scan for right now in infrastructure.”

Given this likelihood that software can be compromised in almost any system, those in the unmanned-systems ecosystem should concentrate on how systems should operate if a hacker tries to issue orders to drones that would create harm, Lacher said.

“I think the key is that we need to have cyber systems that are generally robust to failure and that there needs to be built-in safety layers within our systems,” Lacher said. “So, if a system is behaving erratically, we have a way of isolating its behavior, bounding its behavior and limiting its authority to control the vehicle—and that happens whether the system is under attack or because the data being fed to it is degraded for whatever reason, including the notion that a sensor might be failing.

“I think we need to be thinking about it as a system, not just how we defend it against cyber attack … [If we think only in terms of cybersecurity], then we’re defending and we’re not thinking about how to protect the operational behavior of the system.”

1 | 2 |
Effective drone cybersecurity requires system-engineering approach, not just IT, panelists say
Tags: Critical Infrastructure Cybersecurity News Security Standards Subscriber Devices System Design System Operation Test & Measurement News

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Smart-building projects target energy efficiency as launchpad to health and safety
  • ESN official hints at potentially costly new timeline for UK public-safety broadband project
  • Ericsson, Huawei, AT&T attending Mobile World Congress in June, others not so sure

Commentary


Ransomware? Let’s call it what it really is: extortionware

21st February 2021

Redefining communications for today’s mobile workforces

18th February 2021

Hi-tech sewer can help safeguard public health, environment and economies

18th February 2021
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

How SolarWinds busted up our assumptions about code signing dlvr.it/Rv25kB

5th March 2021
UrgentComm

Senate American Rescue plan calls for more than $60 million in direct aid for counties dlvr.it/Rv1wGF

5th March 2021
UrgentComm

NTIA seeks potential new FirstNet Authority board members dlvr.it/Rv0YfL

5th March 2021
UrgentComm

Smart-building projects target energy efficiency as launchpad to health and safety dlvr.it/RtyhRY

4th March 2021
UrgentComm

ESN official hints at potentially costly new timeline for UK public-safety broadband project dlvr.it/Rttvzj

3rd March 2021
UrgentComm

Ericsson, Huawei, AT&T attending Mobile World Congress in June, others not so sure dlvr.it/RtrtT2

3rd March 2021
UrgentComm

Newscan: Klobuchar calls on Congress to get serious on tech reform dlvr.it/RtqByn

2nd March 2021
UrgentComm

The era of converged network infrastructure has officially begun dlvr.it/Rtmq62

2nd March 2021

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • Microwave/RF
  • T&D World
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X