30 June 2012

Researchers hack and commandeer drone

by Will Parker

For the first time, researchers have demonstrated that the GPS navigation system of an unmanned aerial vehicle (UAV), or drone, can be commandeered by an outside source. The team, from the University of Texas at Austin, says their GPS guidance hack could influence the planned federal mandate to allow thousands of civilian drones into U.S. airspace by 2015.

School of Engineering Assistant Professor Todd Humphreys said he and his students were invited by the U.S. Department of Homeland Security to attempt the GPS hack. The demonstration took place at White Sands, New Mexico, where the team took control of a UAV from about a kilometer away. Next, the team plan to perform a similar demonstration on a UAV from 10 kilometers away.

Known as spoofing, the hack relies on creating fake GPS signals that trick the vehicle's GPS receiver into flying a new course while thinking nothing is amiss. The GPS signals transmitted by satellite are of a very low power, making them relatively easy to override from a less distant terrestrial location.

The researchers say their White Sands demonstration is the first to show that commandeering a UAV via GPS spoofing is technically feasible. The demonstration comes in the wake of dire warnings from civil authorities on the risks posed by GPS attacks.

"I think this demonstration should certainly raise some eyebrows and serve as a wake-up call of sorts as to how safe our critical infrastructure is from spoofing attacks," said Milton R. Clary, a senior Department of Defense Analyst at Overlook Systems Technologies, which is working with the federal government to develop programs that identify and mitigate spoofing attacks.

The Department of Defense's drone navigation systems hit the headlines last year when a UAV disappeared over Iran and showed up a week later, intact, and in the care of Iranians who claimed to have brought the vehicle down with spoofing.

Humphreys said his research team wanted to demonstrate the potential risks associated with spoofing early on in the Federal Aviation Administration's task to write the mandated rules that will allow government and commercial drones in the U.S. airspace by 2015. "We're raising the flag early on in this process so there is ample opportunity to improve the security of civilian drones from these attacks."

Related:
Discuss this article in our forum
Supersonic UAV with sub-$100k price tag mooted
Clever vibrational hack turns iPhone into spyPhone
GPS open to attack, say researchers

Source: University of Texas at Austin