Pierluigi Paganini
March 19, 2015
The drone industry is growing at a rapid pace. Aerospace research company Teal Group has estimated that sales of military and civilian drones will total over $89 billion in the next 10 years. The possible fields of application for UAVs are unlimited. In this scenario security and privacy related the use of drones are the principal concerns of the security community.
Unmanned aircraft are complex systems that could be theoretically hacked becoming a weapon in the hand of attackers, manufacturers and Intelligence agencies are working on a new generation of drones that are resilient to cyber attacks.
Two years ago the DARPA launched the HACMS (High-Assurance Cyber Military Systems) program with the main goal to develop a software without pervasive vulnerabilities, one of the most interesting applications was the creation of a platform for unmanned vehicles.
Boeing has announced its project for the production of an unhackable drone, dubbed Boeing Little Bird, which should be in flight around the end of 2017 according to the company and the Defense Department.
Official sources refer that Boing has already developed a secure drone that could exchange control data and information with control centers in secure way.
“The intent is to conduct an experiment to prove that these new coding techniques can create secure code at full scale,” said John Launchbury, program manager for the Defense Advanced Research Projects Agency (DARPA).
Boing is working with National ICT Australia, Rockwell Collins and computer science firm Galois on the hacking-prof software to use for its drones.
Boeing officials confirmed that the company’s “goal is to enhance all Boeing developed Unmanned Little Bird aircraft software using [the new] technologies by the end of the program.”
According to Nextgov, the experts explained that nearly 100,000 lines of code, corresponding to 70 percent of the code, have to be replaced within this summer.
“Boeing is on track to replace all the code on the vehicle by the end” confirmed Launchbury.
According to Launchbury the Little Bird does not carry any weapons systems, it will be used mainly for reconnaissance and control of the territory.
The participants to the project confirmed that the software isolate all communications between the ground station and the drone avoiding any external interference.
“Its main purpose is to rewrite and secure the mission computer on board the Little Bird,” Launchbury said.
The approach of the research team is considerable innovative, they developed from scratch a programming language free from security vulnerabilities.
“We’ve developed a new programming language that is provably free from those vulnerabilities,” he said. “The approach is to transition the programming language we’ve developed, called Ivory, to Boeing so that they can rewrite their systems.” said Lee Pike, Galois research lead for cyber-physical systems.
As Fisher highlighted, the Hack-proof software despite is designed to be resilient to external attacks, exactly like any other software could be affected by design errors, for this reason it is crucial the adoption of coding best practices.
The Little Bird “could still crash, but that would be because the system as it was shipped had a flaw — it wouldn’t be crashing because a malicious party did something to manipulate it,” she said. “Somebody from the outside can’t break in and access it, and then cause it to do something that it wasn’t supposed to do.”
(Security Affairs – drone, UAV)
