Reverse Engineering and Control-Aware Security Analysis of the ArduPilot UAV Framework
Yasaswini Konapalli, Lotfi Ben Othmane, Cihan Tunc, Feras Benchellal, Likhita Mudagere
TL;DR
This paper analyzes the ArduPilot UAV framework's architecture and control models to identify vulnerabilities and potential misuse, emphasizing security risks in open-source UAV systems.
Contribution
It reconstructs ArduPilot's software architecture and control models, providing insights into security vulnerabilities and potential attack vectors.
Findings
Identification of communication subsystem vulnerabilities
Analysis of control model misuse potential
Insights into security risks in open-source UAVs
Abstract
Unmanned Aerial Vehicle (UAV) technologies are gaining high interest for many domains, which makes UAV security of utmost importance. ArduPilot is among the most widely used open-source autopilot UAV frameworks; yet, many studies demonstrate the vulnerabilities affecting such systems. Vulnerabilities within its communication subsystems (including WiFi, telemetry, or GPS) expose critical entry points, and vulnerabilities in Ardupilot can affect the control procedure. In this paper, we reconstruct the software architecture and the control models implemented by ArduPilot and then examine how these control models could potentially misused to induce malicious behaviors while relying on legitimate inputs.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsUAV Applications and Optimization · Air Traffic Management and Optimization · Smart Grid Security and Resilience