Abstract
We present R2U2, a novel framework for runtime monitoring of security properties and diagnosing of security threats on-board Unmanned Aerial Systems (UAS). R2U2, implemented in FPGA hardware, is a real-time, Realizable, Responsive, Unobtrusive Unit for security threat detection. R2U2 is designed to continuously monitor inputs from the GPS and the ground control station, sensor readings, actuator outputs, and flight software status. By simultaneously monitoring and performing statistical reasoning, attack patterns and post-attack discrepancies in the UAS behavior can be detected. R2U2 uses runtime observer pairs for linear and metric temporal logics for property monitoring and Bayesian networks for diagnosis of security threats. We discuss the design and implementation that now enables R2U2 to handle security threats and present simulation results of several attack scenarios on the NASA DragonEye UAS.
This work was supported in part by NASA ARMD 2014 I3AMT Seedling Phase I, NNX12AK33A and the Austrian Josef Ressel Center (VECS).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Conversation with an Ikhana/Global Hawk pilot, NASA, 2011.
- 2.
In this paper, we do not model attack scenarios via compromised flight software.
- 3.
- 4.
References
Adapteva: The Parallella Board. https://www.parallella.org/board
Ahmed, A., Lisitsa, A., Dixon, C.: TeStID: a high performance temporal intrusion detection system. In: Proceedings of the ICIMP 2013, pp. 20–26 (2013)
APM:Plane, Open Source Fixed-Wing Aircraft UAV. http://plane.ardupilot.com
Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the CCS 2012, pp. 833–844 (2012)
Bushnell, D., Denney, E., Enomoto, F., Pai, G., Schumann, J.: Preliminary recommendations for the collection, storage, and analysis of UAS safety data. Technical report NASA/TM-2013-216624, NASA Ames Research Center (2013)
Eulich, W.: Did Iran just down a US drone by ‘spoofing’? Christian Science Monitor (2012). http://www.csmonitor.com/World/Security-Watch/terrorism-security/2012/1204/Did-Iran-just-down-a-US-drone-by-spoofing-video
GAO: Air Traffic Control: FAA Needs a More Comprehensive Approach to Address Cybersecurity As Agency Transitions to NextGen. Technical report GAO-15-370, United States Government Accountability Office (2015). http://www.gao.gov/assets/670/669627.pdf
Geist, J., Rozier, K.Y., Schumann, J.: Runtime observer pairs and Bayesian network reasoners on-board FPGAs: flight-certifiable system health management for embedded systems. In: Proceedings of the RV 2014, pp. 215–230 (2014)
Humphreys, T.: Statement on the Vulnerability of Civil Unmanned Aerial Vehicles and Other Systems to Civil GPS Spoofing. University of Texas at Austin (2012)
Javaid, A.Y., Sun, W., Devabhaktuni, V.K., Alam, M.: Cyber security threat analysis and modeling of an unmanned aerial vehicle system. In: Proceedings of the HST 2012, pp. 585–590. IEEE (2012)
JSBSim: Open Source Flight Dynamics Model. http://jsbsim.sourceforge.net
Karimi, N.: Iran Drone Capture Claim: State TV Airs Images Allegedly Extracted From U.S. Aircraft (video). The World Post (2013). http://www.huffingtonpost.com/2013/02/07/iran-drone-capture-claim_n_2636745.html
Kerns, A.J., Shepard, D.P., Bhatti, J.A., Humphreys, T.E.: Unmanned aircraft capture and control via GPS spoofing. J. Field Robot. 31(4), 617–636 (2014)
Kim, A., Wampler, B., Goppert, J., Hwang, I., Aldridge, H.: Cyber attack vulnerabilities analysis for unmanned aerial vehicles. Infotech@Aerospace (2012)
Lu, H., Forin, A.: The Design and Implementation of P2V, An Architecture for Zero-Overhead Online Verification of Software Programs. MSR-TR-2007-99, Microsoft Research (2007). http://research.microsoft.com/apps/pubs/default.aspx?id=70470
MAVLink: Micro Air Vehicle Protocol. https://github.com/mavlink
MAVProxy: A UAV Ground Station Software Package for MAVLink Based Systems. http://tridge.github.io/MAVProxy
Mengshoel, O.J., Chavira, M., Cascio, K., Poll, S., Darwiche, A., Uckun, S.: Probabilistic model-based diagnosis: an electrical power system case study. IEEE Trans. Syst. Man Cybern. Part A: Syst. Hum. 40(5), 874–885 (2010)
Meredith, P.O., Jin, D., Griffith, D., Chen, F., Roşu, G.: An overview of the MOP runtime verification framework. Int. J. Softw. Tools Technol. Transfer 14(3), 249–289 (2012)
Naldurg, P., Sen, K., Thati, P.: A temporal logic based framework for intrusion detection. In: de Frutos-Escrig, D., Núñez, M. (eds.) FORTE 2004. LNCS, vol. 3235, pp. 359–376. Springer, Heidelberg (2004)
Olivain, J., Goubault-Larrecq, J.: The Orchids intrusion detection tool. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 286–290. Springer, Heidelberg (2005)
Pearl, J.: A constraint propagation approach to probabilistic reasoning. In: Proceedings of the UAI, pp. 31–42. AUAI Press (1985)
Pellizzoni, R., Meredith, P., Caccamo, M., Rosu, G.: Hardware runtime monitoring for dependable COTS-based real-time embedded systems. In: RTSS, pp. 481–491 (2008)
Perry, S.: Subcommittee hearing: unmanned aerial system threats: exploring security implications and mitigation technologies. Committee on Homeland Security (2015). http://homeland.house.gov/hearing/subcommittee-hearing-unmanned-aerial-system-threats-exploring-security-implications-and
Reinbacher, T., Rozier, K.Y., Schumann, J.: Temporal-logic based runtime observer pairs for system health management of real-time systems. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014 (ETAPS). LNCS, vol. 8413, pp. 357–372. Springer, Heidelberg (2014)
Schumann, J., Mbaya, T., Mengshoel, O.J., Pipatsrisawat, K., Srivastava, A., Choi, A., Darwiche, A.: Software health management with Bayesian networks. Innovations Syst. Softw. Eng. 9(2), 1–22 (2013)
Schumann, J., Rozier, K.Y., Reinbacher, T., Mengshoel, O.J., Mbaya, T., Ippolito, C.: Towards real-time, on-board, hardware-supported sensor and software health management for unmanned aerial systems. In: Proceedings of the PHM 2013, pp. 381–401 (2013)
Schumann, J., Rozier, K.Y., Reinbacher, T., Mengshoel, O.J., Mbaya, T., Ippolito, C.: Towards real-time, on-board, hardware-supported sensor and software health management for unmanned aerial systems. Int. J. Prognostics Health Manage. 6(1), 1–27 (2015)
Shachtman, N., Axe, D.: Most U.S. drones openly broadcast secret video feeds. Wired (2012). http://www.wired.com/2012/10/hack-proof-drone/
Shepard, D.P., Bhatti, J.A., Humphreys, T.E.: Drone hack. GPS World 23(8), 30–33 (2012)
USAF: Aircraft Accident Investigation: Rq-1l, s/n 96–3023. AIB Class A Aerospace Mishaps (2000). http://usaf.aib.law.af.mil/ExecSum2000/RQ-1L_Nellis_14Sep00.pdf
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Schumann, J., Moosbrugger, P., Rozier, K.Y. (2015). R2U2: Monitoring and Diagnosis of Security Threats for Unmanned Aerial Systems. In: Bartocci, E., Majumdar, R. (eds) Runtime Verification. Lecture Notes in Computer Science(), vol 9333. Springer, Cham. https://doi.org/10.1007/978-3-319-23820-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-23820-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23819-7
Online ISBN: 978-3-319-23820-3
eBook Packages: Computer ScienceComputer Science (R0)