All the European aeronautical forecasts suggest a vast adoption of UAS in many industrial areas, from land monitoring to zones patrolling. The integration of UAS in non-segregated airspace raises challenges with regards to cybersecurity. Cyber-attacks on a UAS could affect its operations, impact airspace safety, cause serious damages and threaten people safety on the ground or in the air. CRUISE intents are to design, develop and validate a CyberSec Test Range, a technological framework combining ICT, EO and SATCOM, in the Grottaglie Airport (Italy). The test range will be a facility that experiments UAS (Unmanned Airplane System) and studies their integration into non-segregated airspace; it will be a place where the overall assessment on vulnerability and resilience of UAS with respect to cyber-attacks can be led. The Test Range will aim at evaluating the overall vulnerability of UAS, including the analysis of flight platforms, on board avionics and payload sensors. Quality, consistency and integrity of data collected during VLOS, RLOS, and BRLOS operations will be verified. The following categories of cyber-attacks will be assessed:
- Hardware attacks – the hacker has direct access to the UAS;
- Wireless attacks – the hacker uses wireless communications in order to attack command, control and communication systems;
- Sensor Spoofing – The hacker substitutes actual signal with fake signal
Users and their needs
CRUISE CyberSec Test Range will provide risks and vulnerability assessment of UASs/RPAS and their subcomponents.
The exploitation of CRUISE will offer the possibility to customers to validate their own aeronautical products (complete RPAS system, communication channels, avionics, payload, GNSS…) and/or identify potential sources of risks (i.e. Point of Penetration) for the system and fix them. Such assessment can be done during the system design or development phase or with real products, thanks to a combination of simulation, emulation and real physical tests (i.e. on the ground and in flight). Main target customers of CRUISE are UAV manufacturers and ATM/UTM solution providers (and association of operators), UAV Service providers, TelCom/SatCom/SatNav devices manufacturers; a secondary customer target group is represented by Remote sensors (payload) manufacturers, Cyber Security solutions developers, EO application developers and providers, Government entities. In addition end users of RPAS based services (e.g. civil protection agencies, municipalities…) can be interested in CRUISE assessment outcomes, in order to validate the quality and trustfulness of data collected during RPAS missions.
Service/ system concept
The CyberSec Test Range, expected outcome of the project, will be an infrastructure composed of IT systems and applications exploiting EO and SatCom, within the airport of Grottaglie (Taranto, Italy). The airport has been declared of national interest for UAV tests and has been associated with a segregable airspace.
The main benefits for the customers using CyberSec Test Range services are the reduction of risks coming from cyber-attacks by improving resistance to attacks, and the increase of the resilience in case of attacks during aerial missions.
The Core Services to be provided by the CyberSec Test Range are:
- assessment in simulation environment
- assessment in simulation environment, including flight emulation and real SatCom
- assessment in real flight environment
- assessment in real flight environment, including SatCom
Figure 1: Grottaglie test range services
The customer will receive reports generated during the data analysis phase, and vulnerabilities mitigation guidelines.
Figure 2: Points of possible attacks (courtesy of Leonardo SpA)
Space Added Value
CRUISE architecture relies on Satellite telecommunication services (SatCom), GNSS, Earth Observation (EO) data (i.e. Copernicus, COSMO-SkyMed).
Satcom is used as telecommunication channels for both UAS Command, Control (C2) and ATC (C3) and payload communications in case of Beyond Radio Line of Sight (BRLOS) operations. GNSS is used to support UAS position and navigation. EO is used in support of mission simulation and preparation, and in real environment (as an on-board countermeasure technique to assess GNSS performance comparing acquired data with EO data).
The added-value of using the above different space assets, in complement to terrestrial assets are:
- to extend the scenarios from LOS to BRLOS, supporting ATM, surveillance and monitoring gathered data, and Command and control communications
- to use updated reference maps, in order to be used by the on-board SW of the UAV as countermeasure to GNSS performance degradation
The project started on January 2019. The first phase dedicated to the consolidation of the user needs, services portfolio, preliminary design and business modelling for the CyberSec Test Range was successfully completed in November 2019. The second phase of the project during which the detailed design, implementation, deployment and demonstration will be performed started in November 2019 and will end in summer 2021. The demonstration activities will take place in 2021.