TY - GEN
T1 - Securing the Unprotected
T2 - 2024 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, PACRIM 2024
AU - Hughes, Isabel
AU - Pupo, Adriel
AU - Wynd, Jenna
AU - Thurlow, Zachary
AU - Ivancik, Connor
AU - Wang, Ying
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Despite MAVLink's broad adoption and its flexible architecture that encourages vendor-specific customization, the flexibility introduces substantial cybersecurity vulnerabilities. This paper presents a novel security design aimed at reinforcing the MAVLink protocol against these vulnerabilities, focusing particularly on protecting the heartbeat function, which is essential for maintaining communication links yet previously overlooked in security considerations. Focusing on the vulnerability in heart- beat messaging, we propose a multifaceted security approach that includes a detailed vulnerability analysis, development, and simulation of specific countermeasures such as physical controls, advanced encryption, token authentication, and the use of short-lived tokens for dynamic security. Utilizing a simulated flight plan via QGroundControl for our experiments, we rigorously assess the efficacy of these strategies. Our research significantly advances the conversation on UAV cybersecurity, underscoring the necessity for comprehensive security frameworks that address every aspect of communication protocols, even those previously considered non-critical. By enhancing the security of heartbeat messages within the MAVLink protocol, our work establishes a foundation for more secure and reliable UAV operations across various applications, thus bolstering the overall integrity and reliability of these indispensable systems.
AB - Despite MAVLink's broad adoption and its flexible architecture that encourages vendor-specific customization, the flexibility introduces substantial cybersecurity vulnerabilities. This paper presents a novel security design aimed at reinforcing the MAVLink protocol against these vulnerabilities, focusing particularly on protecting the heartbeat function, which is essential for maintaining communication links yet previously overlooked in security considerations. Focusing on the vulnerability in heart- beat messaging, we propose a multifaceted security approach that includes a detailed vulnerability analysis, development, and simulation of specific countermeasures such as physical controls, advanced encryption, token authentication, and the use of short-lived tokens for dynamic security. Utilizing a simulated flight plan via QGroundControl for our experiments, we rigorously assess the efficacy of these strategies. Our research significantly advances the conversation on UAV cybersecurity, underscoring the necessity for comprehensive security frameworks that address every aspect of communication protocols, even those previously considered non-critical. By enhancing the security of heartbeat messages within the MAVLink protocol, our work establishes a foundation for more secure and reliable UAV operations across various applications, thus bolstering the overall integrity and reliability of these indispensable systems.
KW - communication protocol
KW - control
KW - heart-beats
KW - security
KW - UAV
UR - http://www.scopus.com/inward/record.url?scp=85206852634&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85206852634&partnerID=8YFLogxK
U2 - 10.1109/PACRIM61180.2024.10690216
DO - 10.1109/PACRIM61180.2024.10690216
M3 - Conference contribution
AN - SCOPUS:85206852634
T3 - 2024 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, PACRIM 2024
BT - 2024 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, PACRIM 2024
Y2 - 21 August 2024 through 24 August 2024
ER -