UAV updateFirst successful "spoofing" of UAVs demonstrated
A research team successfully demonstrated for the first time that the GPS signals of an unmanned aerial vehicle (UAV), or drone, can be commandeered by an outside source — a discovery that could factor heavily into the implementation of a new federal mandate to allow thousands of civilian drones into the U.S. airspace by 2015
Researchers demonstrate hackers can take over UAV control // Source: iran-forum.ir
A University of Texas at Austin research team successfully demonstrated for the first time that the GPS signals of an unmanned aerial vehicle (UAV), or drone, can be commandeered by an outside source — a discovery that could factor heavily into the implementation of a new federal mandate to allow thousands of civilian drones into the U.S. airspace by 2015. The experiment was performed on a civilian drone owned by the university.
Cockrell School of Engineering assistant professor Todd Humphreys and his students were invited by DHS officials to attempt the demonstration in White Sands, New Mexico in late June. Using a small but sophisticated UAV along with hardware and software developed by Humphreys and his students, the research team repeatedly overtook navigational signals going to the GPS-guided vehicle.
A University of Texas at Austin release reports that the technique, known as “spoofing,” creates false civil GPS signals that trick the vehicle’s GPS receiver into thinking nothing is amiss — even as it steers a new navigational course induced by the outside hacker. Because spoofing fools GPS receivers’ on both their location and time, some fear that most GPS-reliant devices, infrastructure and markets are vulnerable to attacks. That fear was underscored — but not proven — when a U.S. military drone disappeared over Iran late last year and showed up a week later, intact, and in the care of Iranians who claimed to have brought the vehicle down with spoofing.
The recent demonstration by University of Texas at Austin researchers is the first known unequivocal demonstration that commandeering a UAV via GPS spoofing is technically feasible.
“I think this demonstration should certainly raise some eyebrows and serve as a wake-up call of sorts as to how safe our critical infrastructure is from spoofing attacks,” said Milton R. Clary, a senior Department of Defense (DoD) Aviation Policy Analyst at Overlook Systems Technologies, which is working with the federal government to develop programs that identify and mitigate spoofing attacks.
Humphreys said his research team wanted to demonstrate the potential risks associated with spoofing early on in the Federal Aviation Administration’s task to write the mandated rules that will allow government and commercial drones in the U.S. airspace by 2015.
“We’re raising the flag early on in this process so there is ample opportunity to improve the security of civilian drones from these attacks, as the government is committed to doing,” Humphreys said.
The release notes that
