Security Threats and Cellular Network Procedures for Unmanned Aircraft Systems: Challenges and Opportunities

Researchers and standardization bodies have raised concerns about using legacy cellular networks for supporting unmanned aerial vehicle (UAV) operations. Different from traditional user equipment (UE), an unmanned aircraft system (UAS)-capable UE - UAV-UE or controller-UE - needs additional network security measures to ensure safe airspace operation. This article introduces the security requirements and threats with respect to three major themes: authentication and authorization, location information veracity and tracking, and command and control signaling. We present the 3GPP reference architecture for network connected UASs, the new application functions of the 5G core network, and the 5G security mechanisms and procedures for meeting the established requirements. Three 5G core application functions supporting UASs facilitate the interworking between the 3GPP network and the UAS traffic management, delivering location reports, validating UAS subscriptions, and matching UAS IDs with their respective UE IDs, among others. We identify opportunities for UAS network security research and recommend critical security features and processes to be considered for standardization. We conclude that while the 5G standard introduces important security mechanisms, more security research and benchmarking are needed for cellular networks to support secure and scalable real-time control of UAVs and the emerging applications enabled by them.