Securing UAV communications using ROS with custom ECIES-based method

This paper is about an application of a method based on the ECIES (Elliptic Curve Integrated Encryption Scheme) to improve the security against malicious attacks of the UAVs (Unmanned Aerial Vehicles) communications system. This system is focused on improving the security conditions in extreme situations and preventing the aircraft for man-made incidents and cyber attacks. The paper briefly describes the different attacks that can affect to the operation of UAVs and the security methods that, nowadays, are used to guarantee the security during the operations. Moreover, it presents a solution to a strong vulnerability detected in the classical scheme used in UAV. This scheme uses ROS (Robot Operating System) as the core of the communication system to interconnect different devices and nodes in this paper, it is demonstrated that if an Intruder is able to enter in the local network of the UAV system, he/she is also able to impersonate the GCS (Ground Control Station) of the UAV and take control of it leading to an undesirable maneuver or even a dangerous crash against a building or a person. The security system proposed to avoid this consists of a simplified method based on ECIES sending packets, between UAV and GCS, which uses ECDSA (Elliptic Curve Digital Signature) and are ciphered in RSA (Rivest–Shamir–Adleman). Thus, it is possible to guarantee that the high level computer of the UAV is able to identify the identity of their GCS and prevent of being commanded by an unauthorized Intruder. Both, the vulnerability and the solution proposed have been experimentally tested and validated through software-in-the-loop simulations and in a outdoor scenario using a small UAV.