The three key challenges facing today's Drone industry
The potential benefits of drones to radically accelerate and change the landscape across multiple industries alongside aspects of our society have been widely discussed. From contactless deliveries in the era of Covid-19, life saving drones which find missing people and deliver essential supplies, to ordinance survey drones (a uniquely held position of aircraft previously) which help with flood planning or protecting our oceans by detecting areas hardest hit by plastic waste. Drones in their essential form have been used in many positive aspects, some which are obvious, some less so (anti-poaching drones in wildlife preservation to name just one). On the other hand, the challenges regarding drone security issues are somewhat less discussed. In addition, as with many other new technologies and emerging industries, new regulations are being introduced to the market as well for safer usages.
As it stands, there are the 3 main challenges that the drone industry and/or drone market is facing today.
- Security : Hijacking
- Safety : Identification
- Regulation : Compliance issues
Security : Hijacking
Security is always an issue for any high-tech products and drone is no exception. Drone communications with remote controllers are often encrypted. However, the encrypted codes are often the same (i.e. static), which makes it a good and easy target for hijacking.
There are a few technical challenges when it comes to the security side of the drones.
For drones, having a lightweight solution both on a physical and digital level is essential. This relates directly with the power consumption and its battery life. In military drones, extra hardwares (CMVP) are installed to the drones to validate the security level in communications. You can imagine why this is necessary for the military. Commercial drones on the other hand are usually relatively light and small, meaning extra hardware installation is a big burden. Therefore, small commercial drones often rely on the existing encrypted communication methods which are relatively easy to hijack.
Safety : Identification
When drones are mis-used, safety is always the biggest concern. Drones are small, fast, and relatively difficult to detect in comparison to a flying jet. All it takes is just one person using a drone with bad intentions to significantly harm public safety, especially near critical infrastructure such as airports and nuclear plants etc. This is precisely the reason why there is a need for an identification system for drones and its operators.
Regulation : Compliance issues
Aviation authorities such as the Federal Aviation Administration (FAA) in the U.S have started to introduce a number of new regulations as more people own drones, and also to give guidelines on how to operate drones in a safe and useful manner.
One of the key regulations to take effect very soon is RemoteID. This is a new regulation introduced by the FAA and it is the “ability of a drone in flight to provide identification and location information that can be received by other parties”, such as law enforcement. To comply with this upcoming regulation, drone manufacturers are having to implement a solution to embed identification capabilities on the drone in accordance with the standards given by the FAA. The drone pilots/operators must also register themselves with the FAA before they can legally fly the drones.
swIDch has developed a handy solution to tackle all of the 3 challenges listed above; swIDch Drone. This is a software and hardware based solution that can perform the following:
- Pilot ID : Identify, verify and authenticate the pilot flying the drone(s);
- Command : Secure commands between drones and the remote controller, and;
- IFF : Identify and evaluate friendliness of the drone in the airspace.
swIDch Pilot ID allows the pilot to securely access their drone remote system just like swIDch’s other existing access management solutions, which ensures the highest level of security together with convenience. The pilot uses swIDch’s mobile app to authenticate themselves, and generate a One-Time-Authentication-Code (OTAC) which can be used to securely access the drone control system.
Once the pilot securely accesses the control system via Pilot ID, the pilot can have full confidence in the security level of the command communication to the drone. Thanks to swIDch command, every single command generated from the remote controller will be in a ‘one-time, dynamic’ form. This means that every single command is unique, and even if a hacker obtains the command information, the command will be different next time round, meaning it prevents any risk of drone hijacking.
Any critical infrastructures and law enforcements can also benefit from the solution. swIDch combines the unique information from the Pilot ID and swIDch Command as a chained protocol to generate swIDch IFF (Identification of Friendly or Foe), a unique set of codes that contain the identification and verification codes of the flying drone. This evaluates whether or not a flying drone is a legitimate and registered drone and pilot, together with the permission rights within the airspace, in order to evaluate and share the ‘friendliness’ of the drone. The uniqueness here is that this is a chained protocol. This means that if EITHER the Pilot ID or Command is compromised in anyway by the hacker, the system immediately re-evaluates the friendliness of the drone, which will then register as an unfriendly/invalid drone, whereby the law enforcements can take action to take it down.
The drone industry is growing fast, and the challenges around the industry will only grow faster. It is important that the industry is well aware of the challenges and to prepare beforehand to minimize any potential damages. As with many new advanced technologies, the objective is often to utilize them as a cause for good, however the ability for people to exploit these new technologies remains apparent. As they learn to exploit, we must also adapt.
swIDch is going GLOBAL. Meet swIDch LIVE at one of our many upcoming exhibitions including London, Paris, Madrid, San
The assumption that hackers take control of the internet of things (IoT) and cause serious problems to our society is
For many 2022 has been highlighted as critical in terms of IoT security, with The PSA Certified 2022 Security Report