Skip to main content

Security Analysis of Drone Communication Protocols

Part of the Lecture Notes in Computer Science book series (LNTCS,volume 10953)

Abstract

Unmanned aerial vehicles (UAV) are increasingly used by hobbyists, companies, and the public sector [1] for a number of purposes. Although this is good, UAVs bear the physical risks of aircrafts as well as those of unmanned systems. Taken into account the exponentially increasing number of UAVs (i.e., there will be approximately 1.26 million UAVs in Germany by 2018), these risks are becoming more likely to occur. In addition to operational risks, there are also security related risks. UAVs are typically remotely controlled, which, in turn, opens ways for cyber-attacks (e.g., denial of service or taking over control). In this paper we demonstrate that taking over control of commercially available UAVs is feasible and simple. In detail, we examine and analyze a standard UAV communication and control protocol (i.e., the DSM protocol family by Spektrum Inc.). We discuss common approaches for attacks, minor observations, and associated security vulnerabilities of this protocol. Since the number of commercially available communication components is small, these findings can easily be ported to other protocols such as (HOTT, S-FHSS, FrSky, and others). Finally, we make some recommendations which, if implemented, will significantly improve the security of UAV operations.

Keywords

  • Drone
  • UAV
  • Security
  • Wireless
  • Radio protocol
  • Reverse engineering

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-94496-8_7
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   44.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-94496-8
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   59.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.

(modified, [8])

Fig. 4.

(modified, [9])

Fig. 5.
Fig. 6.
Fig. 7.

Notes

  1. 1.

    http://www.drohnen-journal.de.

  2. 2.

    The concrete procedure is laid down in the protocol.

  3. 3.

    The Deviation project (www.deviationtx.com) lists more than 50 different protocols and subprotocols.

  4. 4.

    In the DSMX protocol, the hopping sequence is a sequence of 23 channels.

References

  1. Allianz Global Corporate: Rise of the Drones - Managing the Unique Risks Associated with Unmanned Aircraft Systems (2016). http://www.agcs.allianz.com/assets/PDFs/Reports/AGCS_Rise_of_the_drones_report.pdf

  2. Oscar Liang: RC TX RX Protocols Explained: PWM, PPM, SBUS, DSM2, DSMX, SUMD (2015). https://oscarliang.com/pwm-ppm-sbus-dsm2-dsmx-sumd-difference/

  3. Pappalardo, J.: Unmanned aircraft roadmap reflects changing priorities. National Defense 87(392), 30 (2003)

    Google Scholar 

  4. Ryan, A., Zennaro, M., Howell, A., Sengupta, R., Hedrick, J.K.: An overview of emerging results in cooperative UAV control. In: 43rd IEEE Conference on Decision and Control, 14–17 December 2004, Atlantis, Paradise Island, Bahamas (2004)

    Google Scholar 

  5. Kim, A., Wampler, B., Goppert, J., Hwang, I.: Cyber attack vulnerabilities analysis for unmanned aerial vehicles. Infotech@Aerospace J. (2012)

    Google Scholar 

  6. Valente, J., Cardenas, A.A.: Understanding security threats in consumer drones through the lens of the discovery quadcopter family. In: IoT S&P 2017, 3 November 2017, Dallas. TX, USA (2017)

    Google Scholar 

  7. Walters, S.: How can drones be hacked? the updated list of vulnerable drones & attack tools, October 2016. https://medium.com/swalters/how-can-dronesbe-hacked-the-updated-list-of-vulnerable-drones-attack-tools-dd2e006d6809

  8. Slimane, B.: Spread Spectrum. http://slideplayer.com/slide/4800123/

  9. Mietke, D.: Frequenzumtastung. http://elektroniktutor.de/signalkunde/fsk.html

  10. Pascal Langer: Protocols details. https://github.com/pascallanger/DIY-Multiprotocol-TX-Module/blob/master/Protocols_Details.md

  11. Shin, H., Choi, K., Park, Y., Choi, J., Kim, Y.: Security analysis of FHSS-type drone controller. In: Kim, H., Choi, D. (eds.) WISA 2015. LNCS, vol. 9503, pp. 240–253. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31875-2_20. https://syssec.kaist.ac.kr/pub/2015/shin_wisa2015.pdf

    CrossRef  Google Scholar 

  12. Jonathan Andersson Attacking DSMx with Software Defined Radio. https://pacsec.jp/psj16/PSJ2016_Andersson_Hacking_DSMx_with_SDR_PacSec_2016_English.pdf

  13. Cypress Semiconductor: Technical Reference Manual. http://www.cypress.com/file/136666/download

  14. PaparazziUAV: DSM. https://wiki.paparazziuav.org/wiki/DSM

  15. Multiprotocol TX Module: DSM protocol. https://github.com/pascallanger/DIY-Multiprotocol-TX-Module/blob/master/Multiprotocol/DSM_cyrf6936.ino

  16. RC Groups: DSMX Hacking. https://www.rcgroups.com/forums/showthread.php?1759502-DSMX-Hacking

  17. Multiprotocol TX Module: Multiprotocol Module Hardware Options. https://github.com/pascallanger/DIY-Multiprotocol-TX-Module/blob/master/docs/Hardware.md

  18. FrSky: Taranis X9D Plus. https://www.frsky-rc.com/product/taranis-x9d-plus-2/

  19. Goodin, D.: Drone hijacker. https://www.youtube.com/watch?v=2YjQPPc5VW4

  20. Kipkemoi, P.: Drone hacking - how safe is your drone? http://www.droneguru.net/drone-hacking-how-safe-is-your-drone/

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Sebastian Plotz .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Bunse, C., Plotz, S. (2018). Security Analysis of Drone Communication Protocols. In: Payer, M., Rashid, A., Such, J. (eds) Engineering Secure Software and Systems. ESSoS 2018. Lecture Notes in Computer Science(), vol 10953. Springer, Cham. https://doi.org/10.1007/978-3-319-94496-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-94496-8_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-94495-1

  • Online ISBN: 978-3-319-94496-8

  • eBook Packages: Computer ScienceComputer Science (R0)