Embed Size (px)
Citation preview
1
Secure UAS Communications Panel
Dr. Paul B. Losiewicz Cyber Security and Information Systems
Information Analysis Center 26 October 2015
Unclassified // Distribution A: Unlimited Distribution
2 2
BACKGROUND
• Cyber Security and Information Systems IAC (CSIAC) is a DoD-funded Information Analysis Center
• CSIAC has a Core Analysis Task with AFRL/RI, Rome, NY, to develop an experimental suite to conduct Autonomous UAS C2 R&D
‒ AFRL maintains the Stockbridge Controllable Contested Environment Facility, used for development and evaluation of advanced RF/optical communications systems, radar imaging systems, foliage penetration studies, and for communications link experiments with small unmanned aircraft systems.
‒ The facility provides a controllable RF interference environment for time varying analysis and evaluation of communications systems. A Small Unmanned Aerial System (SUAS) airfield is also operational within the facility.
3 3
CSIAC UAS R&D Partners
• Griffiss FAA UAS Test Site Rome, NY
• Northeast UAS Airspace Integration Research
Alliance (NUAIR)
– Will be flight testing Lockheed Martin Desert Hawk IIIs flying under
autonomous control
4 4
AgentFly • AFRL/RI-funded P2P
– Agent-based cooperative airspace deconfliction and mission execution
• Autonomous
– Onboard C2 suite for exploring cooperative C2
• Self-negotiated
– Demonstration of cooperating agents (aircraft) to avoid collision, maintain safe flight separation, and carry out mission tasking
*
*
* In US will use 900MHz
5 5
Underlying Thesis of the Panel
The standard architecture circa 2010 for a UAS relied upon
a common data link or control link (CDL) for C2 and a
payload data link such as a video data link (VDL)
• Cybersecurity concerns for such links address:
– Confidentiality – e.g., link interception and no encryption
– Integrity – e.g., link content modifiable by a third party
– Availability – e.g., link subject to jamming
• The so-what: safe aircraft operation
– “the most accident prone manned aircraft lost five aircraft
for every 100,000 flight hours as opposed to the least
accident prone UAS losing 40 aircraft for every 100,000
flight hours” (MQ-1B Predator) (YOCHIM, 2010)
6 6
Fight Safety and Comms Security
• UAS integration into the National Airspace (NAS) proceeding
‐ Six FAA UAS Test Sites approved ‐ NASA kicking off a national UAS Traffic Management effort
in November (NASA UTM) • UAS reliability data is sparse
‐ New technical Civilian domain – little operational history ‐ Military reliability data is also sparse, depends upon UAS
size and employment ‐ Military MQ-1B Predator 2009 reliability data estimates
11% of MQ-1B accidents result from “communications failure”
“Vulnerabilities of Unmanned Aircraft System Common Data Links to Electronic Attack” MAJ Jaysen A. Yochim, U.S. Army Command and General Staff College, 2010
(available on DTIC)
7 7
Developments in Secure UAS Communications
• Confidentiality ‒ Encryption ‒ Low Probability of Intercept modulation types (OAM,
Laser, Quantum)
• Integrity ‒ Adoption of network Identification and Access
Management (IDAM) standards
• Availability ‒ Counter ECM integration in UAS ‒ Severe Size Weight and Power (SWAP) constraints ‒ Low probability of intercept modulations
8 8
Mitigating Developments for control link loss
• Primary impact of loss of Comms in 2010 was loss of C2 ‒ Loss of CDL equated with mission abort or aircraft loss
• Increased autonomy of UAS will offset impact of loss of CDL ‒ Reduced processor/storage SWAP constraints allow for ‒ increased onboard autonomous capability ‒ Advances in artificial intelligence hardware/software ‒ Cognitive Approaches
‒ Software Defined Radio (SDR) ‒ Software Defined Networks (SDN)
• Decentralized C2 architectures allow for greater resilience ‒ Reduction in link single point of failure
9 9
Decentralized Architectures and UAS
• Decentralization and Distributed C2 benefits ‒ Less reliance on CDL uptime for mission completion ‒ Distribution of computational assets ‒ More appropriate for autonomous systems ‒ More resilient to attack ‒ Rapid recovery
• Costs of Distributed C2 and increased autonomy ‒ Complex adaptive systems not deterministic ‒ Emergent property studies required ‒ Newly awarded AFOSR CAT for FY 16 in emergence in
distributed control systems ‒ Socialization of reduced HITL in autonomous C2
10 10
Technology Convergences for UAS Security
• Confidentiality ‒ Increased processing power for data link encryption
• Integrity ‒ Increasingly lower SWAP processing power for SDN capabilities ‒ Increasingly lower SWAP processing power for IDAM within
decentralized architectures
• Availability ‒ Increasingly lower SWAP for SDR link load balancing in distributed
architectures ‒ Increasingly lower SWAP processing power for frequency management
within decentralized architectures ‒ New Modulation types for ECM resilience and increased bandwidth ‒ Distributed storage for rapid recovery and data loss resilience
11 11
Example 1 Aerial Net Encryption
CyDANT: Cyber-Defensible Aerial Networking Technology. • AFRL/RI SBIR effort
applicable to secure UAS networking R&D
• To include software enhancements to a ruggedized ViaSat KG-250X High assurance IP encryptor
FY2014 AFRL/RI Annual Review with an Economic Impact Analysis Approved for public release [88ABW-2015-0729] distribution unlimited
12 12
Example 2
UAS Security
Management
Secure Regenerative Keying (SRK) by enrGies • Works in a
distributed C2 environment
• Provides IDAM management during mission
• Compatible with Autonomous UAS
• Supports integrity and confidentiality under low SWAP conditions Slide used by permission of enrGies
13 13
Contact information:
Dr. Paul B. Losiewicz
Senior Scientific Advisor
Cyber Security and Information Systems IAC [email protected]
Mr. Michael Weir
Director
Cyber Security and Information Systems IAC [email protected]
Mr. Thomas Gillespie
Acting Director of DTIC – Technical (DTIC-T)
Defense Technical Information Center [email protected]
The Cyber Security and Information Systems Information Analysis Center (CSIAC) is operated by Quanterion Solutions Incorporated under DTIC Contract FA8075-14-D-0001.
