UAV Integration: Privacy and Security Hurdles Todd Humphreys | Aerospace Engineering The University of Texas at Austin Royal Institute of Navigation UAV.

Slides:

Advertisements

Similar presentations

Cybersecurity and UAV Issues John Rose, Deputy-Director, Public Policy, Region VI.

Advertisements

Unmanned Aircraft Systems EUROCONTROL ATM Integration

Federal Aviation Administration International Flight Inspection Symposium June 24, 2008 James H. Washington Vice President, Acquisition and Business Services.

Air Traffic Management

BY S V SATISH GM (AIR TRAFFIC MANAGEMENT) AIRPORTS AUTHORITY OF INDIA.

Global Navigation Satellite Systems (GNSS) for Aviation United Nations International Committee on GNSS December, 2005 Ken Alexander United States.

Long RAnge Navigation version C

Challenges of Practical Civil GNSS Security Todd Humphreys, UT Austin Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September.

GPS Spoofing & Implications for Telecom Kyle Wesson The University of Texas at Austin Sprint Synchronization Conference | September 18, 2013.

GNSS Security Todd Humphreys | Aerospace Engineering The University of Texas at Austin GPS World Webinar | September 18, 2014.

Secure Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin LAAFB GPS Directorate | December 5, 2012.

NextGen GA Fund, LLC A Fund to Accelerate NextGen Equipage Benefits for the General Aviation Operator Community.

Balancing Public Safety and Privacy Rights in the Digital Age Benjamin Feist, Legislative Director ACLU of Minnesota Because Freedom Can’t Protect Itself.

Annual World Bank Conference on Land and Poverty – 2014 Integrating Land Governance into the Post Agenda Managing Mapping and Survey Records in a.

Automatic Dependent Surveillance – Broadcast (ADS-B) What is it, and how can it help improve operations in Micronesia? Captain Rocky Stone Chief Surveillance.

14/03/2005 CGSIC Meeting, Prague, Czech Republic Oscar Pozzobon Chris Wullems Prof. Kurt Kubik Security issues in next generation satellite systems.

Sense & Avoid for UAV Systems

Image Processing of Video on Unmanned Aircraft Video processing on-board Unmanned Aircraft Aims to develop image acquisition, processing and transmission.

Absolute Receiver Autonomous Integrity Monitoring (ARAIM)

Integrated Pest Management Symposium Progress and Challenges With Integrating UAS Into the National Airspace System Robin Koch Program Director, Aviation.

Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.

Forest Practices Code Transition Larry Pedersen Chief Forester, MOF.

Presented to: MPAR Working Group By: William Benner, Weather Processors Team Manager (AJP-1820), FAA Technical Center Date: 19 March 2007 Federal Aviation.

World Meteorological Organization Working together in weather, climate and water NextGen Update WMO; CAeMwww.wmo.int WMO.

Frontiers in Radionavigation Dr. Todd E. Humphreys.

Aerospace Engineering By Patrick Ferrell. Aerospace Engineering is the main branch of engineering concerned with the research, design, development, construction,

Navigational Aids Know the theory and operation of modern air navigational aids.

Thoughts on GPS Security and Integrity Todd Humphreys, UT Austin Aerospace Dept. DHS Visit to UT Radionavigation Lab | March 10, 2011.

Unmanned Aircraft Systems

Geographic Information Systems

Aviation Considerations for Multi-Constellation GNSS Leo Eldredge, GNSS Group Federal Aviation Administration (FAA) December 2008 Federal Aviation Administration.

Kyle Wesson, Mark Rothlisberger, and Todd Humphreys

AIR TRAFFIC CONTROL Presented by S.SUMESWAR PATRO Regd no:

Unmanned Aircraft Systems Communications Security

Improving the Security of GNSS Receivers Portland, Oregon | September 23, 2011.

Federal Aviation Administration Unmanned Aircraft Systems in the National Airspace System Coming soon to airspace near you…..UAS-101 Presented At: Pecora.

Massachusetts Institute of Technology 4 April 2003

Current Best Practices and Precedents Existing UAV Guidelines/Best Practices.

NTAS NextGen Videos  Satellite Based navigation  ADS-B ◦ In / Out  Performance Based Navigation ◦ RNP/RNAV  TBO  Data Link Communications.

Evaluation of Smart Grid and Civilian UAV Vulnerability to GPS Spoofing Attacks D. P. Shepard, J. A. Bhatti, T. E. Humphreys, The University of Texas at.

Rocky Mountain Section General Meeting December 10, 2009.

10/31/06 F E D E R A L A V I A T I O N A D M I N I S T R A T I O N A I R T R A F F I C O R G A N I Z A T I O N 1 Unmanned Aircraft Systems in Civil Aviation.

An Evaluation of the Vestigial Signal Defense for Civil GPS Anti-Spoofing Kyle Wesson, Daniel Shepard, Jahshan Bhatti, and Todd Humphreys Presentation.

THE STATE OF UAS REGULATION. T HE FAA M ODERNIZATION AND R EFORM A CT OF 2012 Congress Mandated Safe Integration by Sept., 2015 Why is it taking so long?

Riding out the Rough Spots: Scintillation-Robust GNSS Carrier Tracking Dr. Todd E. Humphreys Radionavigation Laboratory University of Texas at Austin.

HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.

Characterization of Receiver Response to a Spoofing Attack

Air Line Pilots Association, International Shared Skies: Safe Integration of Remotely Piloted Aircraft Captain Sean Cassidy 1 st Vice President National.

Future Directions in GNSS Research Todd Humphreys | Aerospace Engineering The University of Texas at Austin GPS World Webinar | November 15, 2012.

ADS-B An Industry Perspective New Technologies Workshop Washington, DC January 10, 2007.

Secure Civil Navigation and Timing Todd Humphreys | Aerospace Engineering The University of Texas at Austin MITRE | July 20, 2012.

Characterization of Receiver Response to a Spoofing Attack Daniel Shepard Honors Thesis Symposium 4/21/2011.

INTEGRATION OF UNMANNED AIRCRAFT SYSTEMS Into the New York Terminal Area Christopher Kennedy Anthony Peri.

William C. Withycombe March 14, 2012 Federal Aviation Administration Pacific Aviation Directors Workshop State of the FAA.

Assessing the Civil GPS Spoofing Threat

Navigation Technology

Exploring the World of Wireless James Taylor - COSC 352 Fall 2007.

FACULTY OF LAW, UNIVERSITY OF OSLO The principle of integration and its dilemmas Hans Chr. Bugge Professor of Environmental Law University of Oslo.

Mark Bontrager, VP, Spaceport OperationsJanuary 10, 2016 Spaceport Services Requirements A Spaceport Perspective.

1-800.FLY.0530.

DRONES IN AERIAL SURVEILLANCE WHAT IS A DRONE ?  A drone, in a technological context, is an unmanned aircraft.  Drones are formally known as unmanned.

By: Sambit Pulak XI-IB. Surveillance is the use of IT to monitor the actions of people. For example, monitoring may be used to track, record and assess.

Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.

Roadmap for the Application and Technology Development of UAVs in Japan The Public-Private Sector Conference on Improving the Environment for UAVs, 28th.

UNCA UAS Integration 04/23/2017 Louis Toms

Practical Cryptographic Civil GPS Signal Authentication

1 Million+ UAS Registrations

Counter-UAV Challenges: Is GNSS Spoofing Effective?

The Integration of Drones

Distributed Sensing, Control, and Uncertainty

Presentation transcript:

UAV Integration: Privacy and Security Hurdles Todd Humphreys | Aerospace Engineering The University of Texas at Austin Royal Institute of Navigation UAV Conference | February 12, 2013

University of Texas Radionavigation Lab graduate students Jahshan Bhatti, Kyle Wesson, Ken Pesyna, Zak Kassas, Daniel Shepard, and Andrew Kerns Acknowledgements

February 2012: President Obama signs an Act mandating that the FAA draw up a plan by 2015 to integrate unmanned aerial vehicles into the national airspace. Key early milestone: By August, 2012, FAA must select 6 test sites in U.S. where integration exercises can begin. Still waiting … 2012 FAA Modernization Act

Privacy: Low cost, ease of use eliminate practical privacy protections Security: (1) Secure navigation, (2) secure command and control, (3) secure sense and avoid, and (4) secure telemetry (e.g., video feed) Hurdles to Integration

U.S. Supreme Court Precedent is fairly clear: No expectation of privacy in open fields (e.g. in backyards) that are naked-eye-visible from public airways (e.g., Florida v. Riley) Surveillance of U.S. citizens from manned domestic aircraft is routine But the news is abuzz with drones; citizens nervous; Virginia has passed a broad law against drones; Texas legislators trying Why? What is new here? Privacy (1/2)

Why? Because UAVs could change the balance Could eliminate a practical privacy protection: high cost and inconvenience of manned surveillance aircraft Growing realization that citizens do, in fact, have an expectation of privacy even when in public places: an expectation to not be continuously monitored Decision and concurring opinions in U.S. v. Jones suggests that SCOTUS sympathetic to this expectation Privacy (2/2)

No blanket injunction against imagery of private citizens on private land (bad for hobbyists and researchers) Apply Peeping Tom/ Improper Photography laws “Cone of transparency” for non-hobbyist UAVs: data on owner and purpose of UAVs above you should be readily accessible If problem worsens, perhaps a Texas solution: authorize property owners to shoot at unidentified UAVs over their property Privacy Recommendations

Privacy: Low cost, ease of use eliminate practical privacy protections Security: (1) Secure navigation, (2) secure command and control, (3) secure sense and avoid, and (4) secure telemetry (e.g., video feed) Hurdles to Integration

GPS Jammers

GPS Spoofer

University of Texas Spoofing Testbed

Internet or LAN Receive AntennaExternal Reference Clock Control Computer GPS Spoofer UAV coordinates from tracking system Transmit Antenna Spoofed Signals as a “Virtual Tractor Beam” Target UAV Commandeering a UAV via GPS Spoofing

UAV Video

RAIM was helpful for spoofing: we couldn’t spoof all signals seen by UAV due to our reference antenna placement, but the Hornet Mini’s uBlox receiver rejected observables from authentic signals, presumably via RAIM. 5-8 dB power advantage is required for clean capture: A matched-power takeover leads to large ( m) multipath-type errors as the authentic and counterfeit signals interact. The UAV’s heavy reliance on altimeter for vertical position was easily overcome by a large vertical GPS velocity. Observations (1/2)

GPS capture breaks flight controller’s feedback loop; now spoofer must play the role formerly assumed by GPS. Implication: Fine control of UAV requires accurate radar or LIDAR UAV tracking system. Seamless capture (no code or carrier phase unlock) requires target position knowledge to within ~50 m and velocity knowledge better than ~2 m/s. This is quite challenging for small UAV targets at long stand- off ranges (e.g., several km). Compensating for all system and geometric delays to achieve meter-level alignment is challenging but quite possible. Observations (2/2)

Require navigation systems for UAVs above 18 lbs to be certified “spoof-resistant” Require navigation and timing systems in critical infrastructure to be certified “spoof- resistant” “Spoof resistant” defined by ability to withstand or detect civil GPS spoofing in a battery of tests performed in a spoofing testbed (e.g., TEXBAT) Recommendations From testimony to House Committee on Homeland Security, July 19, 2012

Privacy: Low cost, ease of use eliminate practical privacy protections Security: (1) Secure navigation, (2) secure command and control, (3) secure sense and avoid, and (4) secure telemetry (e.g., video feed) Hurdles to Integration

Many in the aviation community believe that the only sense and avoid (SAA) technology that is broadly applicable to all UAV will be based on Automatic Dependent Surveillance-Broadcast (ADS- B) ADS-B: Each aircraft periodically (e.g., 1 Hz) broadcasts an identifier, a position, and velocity Secure Sense and Avoid Problem: FAA introduced no provision for authentication in ADS-B broadcast

ADS-B False Injection Attack Magazu, Mills, Butts, Robinson, “Exploiting the ADS-B System via False Target Injection,” JAAP, fall 2012

ADS-B False Injection Attack Magazu, Mills, Butts, Robinson, “Exploiting the ADS-B System via False Target Injection,” JAAP, fall 2012

Altering Live ADS-B Data Magazu, Mills, Butts, Robinson, “Exploiting the ADS-B System via False Target Injection,” JAAP, fall 2012 The ability to read live ADS-B broadcasts and generate slightly altered versions of these should be of significant concern to the FAA: How will ground radar pick out the right aircraft from within a “cloud” of nearby phantom aircraft?

Root Problem FAA’s organization and culture has historically targeted safety and efficiency, not security: 96-page NextGen Implementation Plan (2011) references safety over 100 times, efficiency at least 50 times, security less than 5 times.

Recommendations Strongly consider re-designing ADS-B Broadcasts still in the clear Each broadcast signed using a public/private-key framework Revised broadcast would need to be significantly lengthened to ensure digital signature strength Update key database before flight Use Iridium satellite constellation for en-route key management (e.g., key revocation) A re-design would set NextGen back years.

Privacy: Legislate privacy protections that are acceptable to the public without stifling nascent commercial UAV industry Security: (1) Develop secure/robust navigation technology, (2) require encrypted command and control links (with master keys for law enforcement), (3) find a secure and broadly applicable sense and avoid technology (e.g., re-design ADS-B), and (4) encrypt telemetry (e.g., video feed) UAV Integration: Summary of Challenges

radionavlab.ae.utexas.edu