1

Michael Neale – RTCA SC203 Control and Communications Chair

Unmanned Aircraft Systems Communications

Security

2

Overview

• RTCA and Special Committee 203

• Unmanned Aircraft Communications

• Security Requirements

• Risk Assessment Process

• Current Status of SC 203 Security assessment

3

Who are RTCA and What is Special Committee 203?

• RTCA

– RTCA functions as a Federal Advisory Committee. Its consensus-based recommendations are used by the Federal Aviation Administration (FAA) as the basis for policy, program, and regulatory decisions and by the private sector as the basis for development, investment and other business decisions.

• Special Committee 203

– Tasked with developing recommended standards for Unmanned Aircraft Systems (UAS), Sense and Avoid and Control and Communications.

4

The UAS Market

• UAS quantity estimates for the US National Airspace

• Substantial quantities of UA will be in operation by 2025/2030

Government market growth levels out in 2020

Commercial market growth is low until certification regulations are in place

5

Line Of Sight Operational View

MISSION UA

OPTIONAL RELAY UA

LOS DATALINK TERMINAL

DIRECT DISSEMINATION

CONTROL STATION & PILOT

MANNED AIRCRAFTDIRECT DISSEMINATION AND

PAYLOAD CONTROL

6

Beyond Line Of Sight Operational View

MISSION UA

SATELLITE

DISTANT CONTROL

STATION & PILOT

DIRECT DISSEMINATION

TAKE OFF AND LANDING CS & PILOT

MANNED AIRCRAFT DIRECT DISSEMINATION

AND PAYLOAD CONTROLSECURE NETWORK

DISTANT USERS

COMMAND CENTER

7

UAS Internal and External Information Exchange

UA PILOT

ATC Ground Surveillance

Cooperative andNon Cooperative

Objects

ATC

Owner Operatoror

Mission Controller

COMMUNICATIONS

(VOICE AND DATA)

CONTROL

TCASADS-B

Weather

Transponder

ADS-BADS-RTIS-B

FIS-BADS-C

Sense and

Avoid

ACLACMAMC

ATSA-ITPCOTRAC

D-ATISDCL

D-FLUPDLIC

D-OTISD-RVRD-TAXIFLIPNTNOTAM

VOLMET4DTRAD

AISDispatchesFlight Planning

Telecommands

Telemetry

NavigationGPS VORDME ILS

Other Airspace Users

Party Line (Voice)

UAS

ClearancesStatusFlight Plan Requests

8

Communications Security Requirements

ConfidentialityEavesdropping and

Exploitation

AvailabilityJamming and

Denial of Service

Integrity Spoofing andNon-Repudiation

Required Communications

Security Performance

Security Threat

9

Currently used Security Controls

• Intercept and Detection

– Reduce power spectral density on any particular frequency

– Reduce power spectral density in any non-required direction

• Exploitation

– Encryption - NSA Type 1, Triple DES, AES, HAIPE

• Physical Security

– Guarding Control Station and Unmanned Aircraft

10

UAS Control Link Security

• What level of communications security will be required?– FAA currently does not have clear UAS security

policy so cannot provide guidance on required levels of risk

– No national or international agreement on likelihoods of exploitation of UAS Control Link vulnerabilities

– Some encryption methods may not be viable Shared key systems may be impractical to use in

commercial applications due to key management logistics

11

Security Law and Regulations

• Federal Information Security Management Act (FISMA)

• Federal Information Processing Standards (FIPS)

– Publication 199 - standards for security

– Categorization of federal information and information systems

• National Institute of Standards and Technology Special Publication series SP-800

• FAA Order 1370.82

• UAS have not yet been considered as a core element of current aviation security development work

• Safeguarding International Civil Aviation Against Acts of Unlawful Interference (SARP)

– ICAO Annex 17 to the Convention on International Civil Aviation on Security

• Security Assessment Methodology in NATO/ Eurocontrol ATM Security Coordination Group (NEASCOG)

USA EUROPE

12

FISMA Security Assessment Process

• Determine security category for the UAS system– Impact on confidentiality, integrity and availability– High, moderate or low

• Determine the accreditation boundary• Select security controls• Perform risk assessment

– Identify threats, vulnerabilities, likelihoods, impacts– Determine risk and recommend security controls

• Develop security plan• Implement security controls

• Assess security controls

• Authorize system operation

• Monitor ongoing performance

13

Risk Assessment

• Can a Threat exploit a Vulnerability?– Given enough time and money vulnerabilites can

be exploited– Can the security control be strong enough to deter

the threat from exploiting the vulnerability

• Risk is a combination of Likelihood and Impact– Likelihood of a threat exercising a

vulnerability Frequent, Probable, Remote, Extrememly Remote, Extremely

Improbable.

– Impact if vulnerability is exploited High-Catastrophic, High-Severe, Medium, Low, None

14

Risk Assessment

• Must protect against any vulnerability where impact is high even if likelihood is extremely improbable– NAS safety levels are very high– Focussed malevolent activity

• Must protect against vulnerabilites where likelihood is frequent even if impact is low– Nuisance hacker

15

UAS Security Considerations

• Assess threats from operational scenarios – Define levels of risk required to maintain National

Airspace safety based on threat likelihood and impact effect on confidentiality, availability and integrity

• Evaluate Mitigations– Crypto security strength

– Key distribution

– Impact on bandwidth requirements

– Infrastructure, logistics and cost• Security

– Gain concensus on international security levels– Agree on likelihoods and impacts

16

Support Your Standards Development Organization

• This presentaion is based on the work of a number of people. Further detail can be found in the following RTCA SC-203 documents;

• RTCA SC-203 WG2 002 - UAS Control and Communicaitions Security Considerations

• RTCA SC-203 WG2 010 - Approach for Certification and Accreditaiton Analysis for Security of the Control and Communications Link for Unmanned Aircraft Systems.

• RTCA SC-203 Control and Communications Working Group

– Contact Michael Neale - michael.neale@uav.com