Fernandez, Manuel J (University of Seville), Sanchez-Cuevas, P. J. (Universidad de Sevilla), Heredia, Guillermo (University of Seville), Ollero, Anibal (Universidad de Sevilla)

Securing UAV communications using ROS with custom ECIES-based method

Scheduled for presentation during the Regular Session "Fail-Safe Systems" (TuD24T1), Tuesday, November 26, 2019, 12:40−13:00, Room T1

2019 Workshop on Research, Education and Development of Unmanned Aerial Systems (RED UAS), November 25-27, 2019, Cranfield University, Cranfield, UK

This information is tentative and subject to change. Compiled on October 30, 2025

Abstract

This paper is about an application of a method based on the Elliptic Curve Integrated Encryption Scheme (ECIES) to improve the security against malicious attacks of the UAVs communications system. This system is focused on improving the security conditions in extreme situations and preventing the aircraft for man-made incidents and cyber attacks. The paper briefly describes the different attacks that can affect to the operation of UAVs and the security methods that, nowadays, are used to guarantee the security during the operations. Moreover, it presents a solution to a strong vulnerability detected in the classical scheme used in UAV. This scheme uses ROS as the core of the communication system to interconnect different devices and nodes in this paper, it is demonstrated that if an Intruder is able to enter in the local network of the UAV system, he/she is also able to impersonate the GCS of the UAV and take control of it leading to an undesirable maneuver or even a dangerous crash against a building or a person. The security system proposed to avoid this consists of a simplified method based on ECIES sending packets, between UAV and GCS, which uses Elliptic Curve Digital Signature (ECDSA) and are ciphered in Rivest–Shamir–Adleman (RSA). Thus, it is possible to guarantee that the high level computer of the UAV is able to identify the identity of their GCS and prevent of being commanded by an unauthorized Intruder. Both, the vulnerability and the solution proposed have been experimentally tested and validated through software-in-the-loop simulations and in a outdoor scenario using a small UAV.