improving security of autonomous uavs fleets by using new
play

Improving Security of Autonomous UAVs Fleets by Using New Specific - PowerPoint PPT Presentation

Aug 30, 2022 •339 likes •589 views

Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements A Position Paper Raja Naeem Akram 1 , Pierre-Franois Bonnefoi 2 , Serge Chaumette 3 , Konstantinos Markantonakis 4 and Damien Sauveron 2 1 Department of

  1. Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements A Position Paper Raja Naeem Akram 1 , Pierre-François Bonnefoi 2 , Serge Chaumette 3 , Konstantinos Markantonakis 4 and Damien Sauveron 2 1 Department of Computer Science, University of Waikato, Hamilton, New Zealand 2 XLIM (UMR CNRS 7252 / Université de Limoges) Département Mathématiques Informatique, Limoges, France 3 LaBRI, Bordeaux 1 University, Talence, France 4 Information Security Group Smart Card Centre, Royal Holloway, University of London, Egham, United Kingdom Damien Sauveron http://damien.sauveron.fr/ 10/09/2014 1/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  2. Roadmap ● Introduction ● Contributions ● Adversary model ● Capture of UAV by an Attacker ● Attacks on a “Captured” UAV ● Attacks on a UAV in a Network ● Rationale for the Adversary Model ● Requirements ● Functional Requirements ● Security Requirements ● Candidate Secure Elements ● Future works: Our vision on how to secure UAVs fleet ● Questions/Discussions 2/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  3. Introduction ● UAVs fleet are more effective and may be costless than a single big drone Drone predator versus UAVs fleet – Each UAV can be equiped with different sensors – They can collaborate altogether and fly in swarm – They can cover a larger geographic area – If one UAV is destroyed, others can continue the mission ● For all these reasons UAVs fleets are becoming more apparent. 3/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  4. Introduction ● Civilian applications ● Military applications 4/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  5. Introduction ● Civilian applications Security may not be an issue 5/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  6. Introduction ● Military applications UAVs may store and exchange lot of ● assets Flight-plan for the mission – Photos – Coordinates of points of interest – (enemies or allies) ADVERSARY Security is an issue! 6/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  7. Communication in UAVs fleet Application Identities: 1,2,3,4 Network Identities: A,B,C,D 4 4 2 2 1 1 3 3 Application Layer D D B B A A C C User Network Layer ● Classical security solutions from world of MANETs are not sufficient (reputation, virtual currency, etc.) for the considered adversary model 7/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  8. Contributions of this position paper ● We propose an original discussion on the adversary model for UAVs fleets ● We define the list of security requirements for UAVs fleets ● We propose some insights of how to implement these requirements with embedded secure elements ( SE ) ● We provide a comparison with existing works that proposed the deployment of “secure elements” on unmanned vehicles. 8/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  9. Adversary model ● We consider a strong adversary model with a high attack potential. – the adversary has capabilities and knowledge to capture a UAV in a functional state 9/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  10. Adversary model ● In a functional state means: – if there are self destruction mechanisms the attacker is able to bypass or deactivate them ● Worst, the attacker might perform attacks during the flight 10/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  11. Adversary model: which kind of attacks? ● Side channel attacks SPA on DES ciphering 11/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  12. Adversary model: which kind of attacks? ● Fault attacks with a laser 12/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  13. Adversary model: which kind of attacks? ● Physical attacks (microprobing, modification with a Focused Ion Beam System, etc.) ● There exist plenty other attacks referenced in the paper. 13/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  14. Adversary model: which kind of attacks? ● Attacks on a UAV in a Network – They are similar to those existing in MANets, DTN and Wireless Sensors Networks – The easiest attack is Denial-of-Service (DoS). ● It can be achieved at physical, link, network or transport level – If communications are not ciphered, the opponent can perform eavesdropping, packet injection or corruption and Man-in- the-Middle or relay attacks – The attacker can also build a rogue UAV to attempt some attacks on routing protocols (blackhole attack, selective forwarding attack, sinkhole attack, rushing attack, sybil attack, wormhole attack, etc.) – Application-specific attacks can also exist (like source authentication). 14/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  15. Adversary model: rationale ● Fault and side channel attacks are already present on other computing systems ● For instance, in 2012, A. Moradi, M. Kasper, and C. Paar. have done a Correlation Power Analysis on Virtex-4 and Virtex-5 family, i.e. Xilinx FPGAs that are widely used in UAVs (including the Predator). – They have shown that the encryption mechanism can be completely broken with moderate effort. 15/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  16. Requirements ● Functional requirements: – Autonomy: The fleet should be autonomous and should not rely on communication with its base/user ● to be more stealthy in the adversary conditions of the mission – Management: The fleet should be easy and transparent to manage both in terms of functionality and security ● management should be possible prior or during the fleet operations – Reliability: The fleet should be reliable ● each UAV with a dedicated mission may, for some reasons, decide to entrust its mission to another UAV according to the capabilities in term of equipments (e.g. sensors) and software stack of this UAV. – Efficiency: A UAVs fleet has to perform optimally in the adversely territories/environments. ● It thus must be able to analyze the situation and make decisions in real-time.  The fleet should be self-organized and should be equipped with some sort of swarm intelligence. 16/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  17. Requirements ● Security requirements: – (SR1): The UAV should be SE-driven to ensure security and privacy of its missions. – (SR2): The whole UAV should be tamper resistant, or at least a part of it (the SE) – (SR3): The UAV should provide assurance in implemented security mechanisms to its user – (SR4): The UAV at a very basic level should provide a secure unique ID on which the whole fleet can rely for its management and networking operations – (SR5): The UAV should provide secure key management and crytographic features to protect communication integrity and confidentiality among the members of the fleet 17/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

  18. Requirements ● Security requirements: – (SR6) UAV should provide a secure storage for data collected (e.g. measurements, photos) and/or those used for the purpose of the mission (e.g. flight-plan for the mission, coordinates of points of interest) – (SR7) The UAV should provide a secure multi application platform ● this requirement is justified since in the context of SE-driven UAV there will be installation of new applications, transfer or update of applications ● An additional functional requirement may be optionally added if the context of SE-driven UAV is accepted: – (FR5) the SE may have its own communication capabilities to communicate with other SEs which can form an overlay network (for specific control operations) 18/24 Improving Security of Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements - A Position Paper Damien Sauveron

Recommend

Flying Penguins Embedded Linux applications for autonomous UAVs Clay

Flying Penguins Embedded Linux applications for autonomous UAVs Clay

Flying Penguins Embedded Linux applications for autonomous UAVs Clay McClure github.com/claymation Roadmap MAV Your UAV mavros Link App ROS Linux autopilot autopilots autopilots RC input motor mixing

1.23k views • 70 slides
Masters Thesis Presentation Adaptive Sampling of Clouds with a Fleet of UAVs : Improving

Masters Thesis Presentation Adaptive Sampling of Clouds with a Fleet of UAVs : Improving

Masters Thesis Presentation Adaptive Sampling of Clouds with a Fleet of UAVs : Improving Gaussian Process Regression by Including Prior Knowledge Diego Selle (RIS @ LAAS-CNRS, RT-TUM) Masters Thesis Presentation October 12, 2016 1 / 19

776 views • 38 slides
Strategies to Harden and Neutralize UAVs using RF DEW Jos L OPES E STEVES , Emmanuel C OTTAIS

Strategies to Harden and Neutralize UAVs using RF DEW Jos L OPES E STEVES , Emmanuel C OTTAIS

Strategies to Harden and Neutralize UAVs using RF DEW Jos L OPES E STEVES , Emmanuel C OTTAIS AND Chaouki K ASMI ABOUT THE AUTHORS ANSSI: National Cybersecurity Agency of France Wireless Security Lab 10 members, 2 PhDs, 2 PhD

663 views • 40 slides
LMIs and autonomous work 1 From autonomous work to discontinuous career paths Autonomous

LMIs and autonomous work 1 From autonomous work to discontinuous career paths Autonomous

LMIs and autonomous work 1 From autonomous work to discontinuous career paths Autonomous work raises many questions in terms of continuity of income, skills development, access to the social security system, integration into the social

613 views • 14 slides
CSE 504: Project Proposal Jennifer Niederlnder 01/13/2016 Improving Security Testing

CSE 504: Project Proposal Jennifer Niederlnder 01/13/2016 Improving Security Testing

CSE 504: Project Proposal Jennifer Niederlnder 01/13/2016 Improving Security Testing Improving Security Testing or Collect security errors Derive Patterns Improving Performance Improving Performance 1. Take the code 2. Point out

423 views • 9 slides
Will Privacy & Security Concerns Stall the Adoption of Autonomous Automobiles? Dr. Larry

Will Privacy & Security Concerns Stall the Adoption of Autonomous Automobiles? Dr. Larry

Will Privacy & Security Concerns Stall the Adoption of Autonomous Automobiles? Dr. Larry Ponemon November 27, 2017 Purpose of the study We want to learn what adult-aged consumers think about the autonomous automobile. Specifically . . .

580 views • 37 slides
Improving autonomous orchard vehicle trajectory tracking performance via slippage compensation

Improving autonomous orchard vehicle trajectory tracking performance via slippage compensation

Improving autonomous orchard vehicle trajectory tracking performance via slippage compensation Dr. Gokhan BAYAR Mechanical Engineering Department of Bulent Ecevit University Zonguldak, Turkey This study was conducted under the Supervision of

446 views • 43 slides
Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE

Introduction Research Questions Proof of Concept Results Conclusions Questions? Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE University of Amsterdam & TNO Supervisors: Marc X. Makkes

408 views • 25 slides
Improving performance for Improving performance for security enabled web security enabled web

Improving performance for Improving performance for security enabled web security enabled web

Improving performance for Improving performance for security enabled web security enabled web services services - Dr. Colm higeartaigh - Dr. Colm higeartaigh Agenda Introduction to Apache CXF WS-Security in CXF 3.0.0

490 views • 44 slides
Faculty of Applied Security Sremska Kamenica SERBIA IMPROVING ACADEMIC AND PROFESSIONAL

Faculty of Applied Security Sremska Kamenica SERBIA IMPROVING ACADEMIC AND PROFESSIONAL

Improving Academic and Professional Education Capacity in Serbia in the Area of Safety & Security (by Means of Strategic Partnership with the EU) - IMPRESS EDUCONS UNIVERSITY Faculty of Applied Security Sremska Kamenica SERBIA IMPROVING

543 views • 11 slides
BGP Joeri de Ruiter Agenda BGP recap BGP security RPKI / ROA BGPsec

BGP Joeri de Ruiter Agenda BGP recap BGP security RPKI / ROA BGPsec

Advanced Network Security BGP Joeri de Ruiter Agenda BGP recap BGP security RPKI / ROA BGPsec Startng (almost) from scratch 2 Autonomous systems (AS) Internet is divided into Autonomous Systems (AS) Controlled by

815 views • 39 slides
Improving TCP/IP security through randomization without sacrificing interoperability Michael

Improving TCP/IP security through randomization without sacrificing interoperability Michael

Improving TCP/IP security through randomization without sacrificing interoperability Michael James Silbersack The FreeBSD Project Introduction Over the years, many security problems have been found in the TCP and IP protocols. This is not

539 views • 17 slides
What is Autonomous Decentralization Concept and its escalation? To Epigenesis and world

What is Autonomous Decentralization Concept and its escalation? To Epigenesis and world

Workshop on Autonomous and Cooperative Intelligent Vehicles: new safety and security challenges, or yet another critical infrastructure? What is Autonomous Decentralization Concept and its escalation? To Epigenesis and world view of the

617 views • 32 slides
2010 When the internet came out, people resisted to putting their credit cards online. And then

2010 When the internet came out, people resisted to putting their credit cards online. And then

April 17, 2019 Canadian Institute of Forestry - RMS Getting Spatial Information from UAVs or Terrestrial Laser Scanners CIF RMS | Getting Spatial Information from UAVs or Terrestrial Laser Scanners Every

355 views • 6 slides
Improving Application Software Security in Linux Sebastian Neubauer Technische Universitt

Improving Application Software Security in Linux Sebastian Neubauer Technische Universitt

Improving Application Software Security in Linux Sebastian Neubauer Technische Universitt Mnchen Computer Science Department July 19, 2017 1 Improve C/C++ applications contain bugs Security Existing security mechanisms Still

367 views • 32 slides
Desay's Cyber Security Initiative & Autonomous Vehicle

Desay's Cyber Security Initiative & Autonomous Vehicle

Desay's Cyber Security Initiative & Autonomous Vehicle Development D E S AY S V A U T O M O T I V E E w e Te i k E n g 2 9 M a r c h 2 0 1 8 Confidential Contents l INTRODUCTION l

1.1k views • 24 slides
Improving BGP routing security Job Job S Snijders NTT / / AS AS 2 2914 job ob@ntt.net

Improving BGP routing security Job Job S Snijders NTT / / AS AS 2 2914 job ob@ntt.net

Improving BGP routing security Job Job S Snijders NTT / / AS AS 2 2914 job ob@ntt.net http tps:// //tw twitter.com/ om/Job JobSnijders Why are we doing any of this routing security? Creating EBGP routing filters based on

906 views • 44 slides
Autonomous Weapon Systems: Public Opinion and Security Issues Michael C. Horowitz University of

Autonomous Weapon Systems: Public Opinion and Security Issues Michael C. Horowitz University of

Autonomous Weapon Systems: Public Opinion and Security Issues Michael C. Horowitz University of Pennsylvania and Center for a New American Security Prepared for 2015 CCW Meeting of Experts on LAWS April 2015 How does the general public think

798 views • 16 slides
Data Generated by Connected and Autonomous Vehicles: Ownership, Exploitation, Security, and

Data Generated by Connected and Autonomous Vehicles: Ownership, Exploitation, Security, and

Data Generated by Connected and Autonomous Vehicles: Ownership, Exploitation, Security, and Privacy Daniel A. Crane Frederick Paul Furth, Sr. Professor of Law, University of Michigan Counsel: Paul, Weiss, Rifkind, Wharton & Garrison LLP

676 views • 29 slides
Quadcopter UAVs Aya Anderson Background This project is working with a quadcopter. A

Quadcopter UAVs Aya Anderson Background This project is working with a quadcopter. A

The Effect of Physical Parameters on Quadcopter UAVs Aya Anderson Background This project is working with a quadcopter. A quadcopter has four equally spaced rotors, Information conventionally arranged in a square. Quadcopters

665 views • 13 slides
Improving Food Security through Sustainable Agricultural Practices and Strengthening Local

Improving Food Security through Sustainable Agricultural Practices and Strengthening Local

Land Resource Government schemes People & agriculture Forest land Right Mid Day Meal Institutional building NREGS Anganwadi Crop seed promotion Annpurna Yojana Skill enhancement PDS Improving Food Security through Sustainable

310 views • 12 slides
VISUALIZATION & ASSESSMENT OF COORDINATES AND ELEVATIONS PRECISION DERIVED FROM UAVs

VISUALIZATION & ASSESSMENT OF COORDINATES AND ELEVATIONS PRECISION DERIVED FROM UAVs

GS350 Project in geospatial Science G S 3 5 0 TWO AND THREE DIMENSIONAL VISUALIZATION & ASSESSMENT OF COORDINATES AND ELEVATIONS PRECISION DERIVED FROM UAVs IMAGES By: Tevita M Fifita S11008722 Objectives & Aims GS350

345 views • 21 slides
Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans

Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans

Improving security using data flow assertions Alex Yip, Xi Wang, Nickolai Zeldovich , Frans Kaashoek MIT CSAIL Many security vulnerabilities caused by programming errors Attack vector Percentage SQL injection 20.4% Cross-site scripting

912 views • 57 slides
Understanding the Limitations and Improving the Relevance of SPICE Simulations in Security

Understanding the Limitations and Improving the Relevance of SPICE Simulations in Security

Understanding the Limitations and Improving the Relevance of SPICE Simulations in Security Evaluations Dina Kamel, Mathieu Renauld, Denis Flandre, Franois-Xavier Standaert UCL Crypto Group PROOFS 2013 Santa Barbara, USA The cryptographic HW

584 views • 22 slides

More recommend