Closed KarelD closed 8 years ago
Hi Karel,
This isn't really the place to bring this up, so maybe post to diydrones? Not sure if this is appropriate for drones-discuss. I'd be happy to respond wherever you post this to, though.
Hi Squilter,
First of all many thanks for the response. I did post my question on DIYDrones first (in "my project"), but in anticipation of a response, I posted it here too. Maybe this is indeed not the right place to bring it up, but my thesis is going to be completely about drones (their firmware).
As you say that the security of Mavlink depends on the transport layer, it could be an idea to de research about the inclusion of encryption in Mavlink. No idea whether or not this has been investigated before, but I will take a look at it.
About GPS spoofing, there are many research papers discussing this topic and as you say it's illegal, so this will be out of scope of the thesis.
Once again thank you for the response and I hope to further talk about it on another forum.
Yes, authentication is being considered for the next version of mavlink on the tsc mailing list. Not encryption. Can you post the link to the diydrones post, so we can keep talking about it there?
Yes, coincidentally, Tridge was talking about MAVLink and encription just yesterday.
There you go. I've found that they issued a RFC about Secure MAVLink in 2013. In Another project, Galois added encryption to Mavlink to protect against forgery, replay attacks, and snooping. Did not yet find the time to read it in detail, but will do it soon. Link to paper.
Hi, I am a computer science student (KU Leuven - Belgium), specialization secure software. For my thesis, I will perform a security analysis of the software/firmware running on drones. After a lot of reading, I have found that there has been a lot of research on the hardware and communication aspect (Wifi-hacks, GPS spoofing, bluetooth, Zigbee, ...), but it seems like much of the secure software part has been untouched. I have found some articles about DARPA and Galois creating hack-proof drone software (commercial). I am willing to further investigate whether or not some common vulnerabilities are present, whether or not they can be exploited and what the consequences can be, particular on open source software (ref. Dronecode project). Is there someone who can bring me into contact with a researcher or interested person who has done some research in the field of security of drone software?
I would like to further refine the topic or goal depending on the 'demands' of the community and be up to date with the current state of the art on the safety of drone software.
Best regards, Karel