Vulnerability Assessment for Unmanned Systems Autonomy Services Architecture

Yu Li, Ivan Frasure, Ademola Ayodeji Ikusan, Junjie Zhang, Rui Dai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Unmanned Systems Autonomy Services (UxAS) is a set of networked software modules that collaboratively automate mission-level decision making for unmanned systems. Proposed, developed, and publicized by United States Air Force Research Laboratory (U.S. AFRL), UxAS has strong and promising implications in practice and it can be easily extended to support emulation and practical deployment of unmanned aerial vehicles (UAVs). Therefore, performing vulnerability assessment for UxAS is of significant importance. In this project, we first leveraged the threat-driven method to identify security requirements that focus on UxAS’ confidentiality, integrity, and availability. Next, we designed and developed fuzz tests to evaluate whether UxAS satisfies these requirements. Our experiments have shown that the current version of UxAS is vulnerable to a variety of attacks such as denial of service, message injection/replay, service self-destruct, and timing-based side-channel attacks. Finally, we studied the root-causes for these vulnerabilities and proposed mitigation strategies.
Original languageEnglish
Title of host publicationNetwork and System Security
Subtitle of host publication12th International Conference, NSS 2018, Proceedings
EditorsMan Ho Au, Xiapu Luo, Jin Li, Kamil Kluczniak, Siu Ming Yiu, Cong Wang, Aniello Castiglione
PublisherSpringer Verlag
Pages266-276
Number of pages11
ISBN (Electronic)978-3-030-02744-5
ISBN (Print)9783030027438
DOIs
StatePublished - 2018
Event12th International Conference on Network and System Security, NSS 2018 - Hong Kong, China
Duration: Aug 27 2018Aug 29 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11058 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Conference on Network and System Security, NSS 2018
Country/TerritoryChina
CityHong Kong
Period8/27/188/29/18

ASJC Scopus Subject Areas

  • Theoretical Computer Science
  • General Computer Science

Keywords

  • software security
  • network security
  • software engineering
  • cryptography
  • data security
  • mobile security

Disciplines

  • Information Security

Cite this