Pascal Tran-Huu is Retired officer of the French Army. For more than 31 years, he was in charge to collect or to analyze intel in various military units, including foreign units.
He is, now, Senior advisor for private companies developing UAVs as well as Director for International and Public Affairs of “La Vallée de l’énergie” which is a cluster in the domain of Energy. As an expert, he lectures at the University of Franche-Comté in the Master 2 business intelligence.
The Vulnerability of UAVs to Cyber Attacks
Unmanned Aerial Vehicles (UAVs) are one of the most flexible and useful solutions adopted by the military and private industries. Drones could be used in commercial contexts as in high critical environments, and the production of even more sophisticated models is expanding their possibilities of use. UAVs are considered technological jewels, the military research on their design is providing significant improvements, and recent conflicts were characterized by a large use of Unmanned Aerial Vehicles in critical missions.
Reconnaissance of wide areas like national borders, as well as strikes, are the principal uses of drone technology in military industry. UAVs can be used for civilian missions such as auditing, monitoring of pipelines or electricity transmission lines but also for archaeological research or geomatics.
The electronic component is pushed to the highest levels of technology as well as the materials used in their construction. It is clear that security plays a vital role. Military use is playing a driver role for drone technology, and many governments, including the US and Israel, use UAVs for offensive purposes. Use of drones also hides many pitfalls. Unmanned vehicles could be targeted by hackers who could steal the information they manage, or in the worst case, to sabotage them.
Another factor to consider is the significant difference between UAVs in military and civil industries; the opening to drones for commercial uses is raising a heated debate on the level of security and privacy offered by their architecture. Attackers could easily compromise civil drones, and hackers could hijack or destroy them, with serious repercussions on public security and on the continuity of the services they provide.
Drones could be destroyed by cyber-attacks, but in the most worrying scenario, attackers could hack them to gain complete remote control of them.
Due to the increasing governmental and military reliance on UAVs to protect national security, the necessity of a methodical and reliable analysis of the technical vulnerabilities becomes apparent. UAVs are presumed to be reliable, automated and autonomous machines, providing their services at any time.
However, reviewing UAVs from a technical point of view, UAVs must be classified as highly exposed, multiply linked, complex pieces of hardware with high strategic and economic value. It is interesting and bizarre that there is more research done regarding the security of modern cars incorporating car-to-car- and car-to-infrastructurecommunication
than research regarding the security of UAVs.
Or as you know system security should never be considered as a state, but rather as a process. In order to support this process, it is important to be capable of describing and judging the current security status. Furthermore, it is desirable to be able to compare system configurations in terms of security levels. In order to fulfil these tasks, we are confronted with the questions: What is security and how is it measured?