Unmanned Aircraft Systems
Communications Security
Michael Neale – RTCA SC203 Control and Communications Chair
1
Overview
• RTCA and Special Committee 203
• Unmanned Aircraft Communications
• Security Requirements
• Risk Assessment Process
• Current Status of SC 203 Security assessment
2
Who are RTCA and What is Special Committee 203?
• RTCA
– RTCA functions as a Federal Advisory Committee.
Its consensus-based recommendations are used
by the Federal Aviation Administration (FAA) as
the basis for policy, program, and regulatory
decisions and by the private sector as the basis
for development, investment and other business
decisions.
• Special Committee 203
– Tasked with developing recommended standards
for Unmanned Aircraft Systems (UAS), Sense and
Avoid and Control and Communications.
3
The UAS Market
• UAS quantity estimates for the US National Airspace
• Substantial quantities of UA will be in operation by
2025/2030
Government
market growth
levels out in
2020
Commercial
market growth is
low until
certification
regulations are in
place
4
Line Of Sight Operational View
OPTIONAL RELAY UA
MISSION UA
LOS DATALINK
TERMINAL
MANNED AIRCRAFT
DIRECT DISSEMINATION AND
PAYLOAD CONTROL
CONTROL STATION & PILOT
DIRECT DISSEMINATION
5
Beyond Line Of Sight Operational View
SATELLITE
MISSION UA
DISTANT
USERS
SECURE
NETWORK
MANNED AIRCRAFT
DIRECT DISSEMINATION
AND PAYLOAD CONTROL
DISTANT
CONTROL
STATION & PILOT
COMMAND CENTER
TAKE OFF AND
LANDING CS & PILOT
DIRECT DISSEMINATION
6
UAS Internal and External Information Exchange
ATC
ATC Ground Surveillance
Transponder
ADS-B
ADS-R
TIS-B
Navigation
FIS-B
ADS-C
Clearances
Status
Flight Plan Requests
COMMUNICATIONS
(VOICE AND DATA)
UAS
Telecommands
UA
GPS VOR
DME ILS
CONTROL
PILOT
Party Line
(Voice)
Telemetry
TCAS
ADS-B
Weather
Sense
and
Avoid
Cooperative and
Non Cooperative
Objects
7
ACL
ACM
AMC
ATSA-ITP
COTRAC
D-ATIS
DCL
D-FLUP
DLIC
D-OTIS
D-RVR
D-TAXI
FLIPNT
NOTAM
VOLMET
4DTRAD
AIS
Dispatches
Flight
Planning
Owner Operator
or
Mission Controller
Other Airspace
Users
Communications Security Requirements
Required Communications
Security Performance
Confidentiality
Availability
Integrity
8
Security Threat
Eavesdropping and
Exploitation
Jamming and
Denial of Service
Spoofing and
Non-Repudiation
Currently used Security Controls
• Intercept and Detection
– Reduce power spectral density on any particular
frequency
– Reduce power spectral density in any nonrequired direction
• Exploitation
– Encryption - NSA Type 1, Triple DES, AES, HAIPE
• Physical Security
– Guarding Control Station and Unmanned Aircraft
9
UAS Control Link Security
• What level of communications security
will be required?
– FAA currently does not have clear UAS security
policy so cannot provide guidance on required
levels of risk
– No national or international agreement on
likelihoods of exploitation of UAS Control Link
vulnerabilities
– Some encryption methods may not be viable
 Shared key systems may be impractical to use in
commercial applications due to key management
logistics
10
Security Law and Regulations
USA
11
•
Federal Information Security
Management Act (FISMA)
•
Federal Information Processing
Standards (FIPS)
–
Publication 199 - standards for
security
–
Categorization of federal
information and information
systems
•
National Institute of Standards and
Technology Special Publication
series SP-800
•
FAA Order 1370.82
EUROPE
•
UAS have not yet been considered as a
core element of current aviation security
development work
•
Safeguarding International Civil Aviation
Against Acts of Unlawful Interference
(SARP)
–
•
ICAO Annex 17 to the Convention on
International Civil Aviation on Security
Security Assessment Methodology in
NATO/ Eurocontrol ATM Security
Coordination Group (NEASCOG)
FISMA Security Assessment Process
• Determine security category for the UAS system
– Impact on confidentiality, integrity and availability
– High, moderate or low
• Determine the accreditation boundary
• Select security controls
• Perform risk assessment
– Identify threats, vulnerabilities, likelihoods, impacts
– Determine risk and recommend security controls
• Develop security plan
• Implement security controls
• Assess security controls
• Authorize system operation
• Monitor ongoing performance
12
Risk Assessment
• Can a Threat exploit a Vulnerability?
– Given enough time and money vulnerabilites
can be exploited
– Can the security control be strong enough to
deter the threat from exploiting the vulnerability
• Risk is a combination of Likelihood and
Impact
– Likelihood of a threat exercising a
vulnerability
 Frequent, Probable, Remote, Extrememly Remote, Extremely
Improbable.
– Impact if vulnerability is exploited
 High-Catastrophic, High-Severe, Medium, Low, None
13
Risk Assessment
• Must protect against any vulnerability
where impact is high even if likelihood is
extremely improbable
– NAS safety levels are very high
– Focussed malevolent activity
• Must protect against vulnerabilites where
likelihood is frequent even if impact is low
– Nuisance hacker
14
UAS Security Considerations
• Assess threats from operational scenarios
– Define levels of risk required to maintain National
Airspace safety based on threat likelihood and
impact effect on confidentiality, availability and
integrity
• Evaluate Mitigations
– Crypto security strength
– Key distribution
– Impact on bandwidth requirements
– Infrastructure, logistics and cost
• Security
– Gain concensus on international security levels
– Agree on likelihoods and impacts
15
Support Your Standards Development Organization
• This presentaion is based on the work of a number of
people. Further detail can be found in the following
RTCA SC-203 documents;
•
RTCA SC-203 WG2 002 - UAS Control and Communicaitions Security
Considerations
•
RTCA SC-203 WG2 010 - Approach for Certification and Accreditaiton Analysis
for Security of the Control and Communications Link for Unmanned Aircraft
Systems.
• RTCA SC-203 Control and Communications Working
Group
– Contact Michael Neale - michael.neale@uav.com
16