Security Engineering: System Aware Cyber Security for an Autonomous Surveillance System On Board an Unmanned Arial Vehicle
Report Number: SERC-2013-TR-036-2
Publication Date: 2013-11-18
Project: Security Engineering – Design Patterns and Operational Concepts
Dr. William Melvin
Dr. Kevin Skadron
Dr. Ronald Williams
The Systems Engineering Research Center (SERC) has developed a novel cyber security concept for
embedding security solutions into systems called System-Aware cyber security. The goal of the SystemAware
program is to develop low cost methods of protection against cyber exploits by our adversaries.
Working through the SERC, the University of Virginia (UVa) and the Georgia Tech Research Institute
(GTRI) have advanced the System-Aware cyber security concept and evaluated a number of specific
design patterns that are intended to be reusable across a variety of applications. These patterns include,
but are not limited to, employing diverse redundant components in critical subsystems, using voting
techniques across diverse redundant components for real-time discovery and elimination of infected
components, dynamically modifying the configuration of software components in systems through
virtual configuration hopping techniques, dynamically modifying the configuration of the
hardware/software components in systems through physical configuration hopping techniques, using
system specific data consistency-checking to determine if critical system information has been
manipulated, and where applicable, use of analog components as trusted elements to perform critical
security functions in systems. Furthermore, a decision support framework has been developed for use
by systems engineering teams in selecting a subset of available design patterns for integration into a
cyber-security system architecture.
To demonstrate the effectiveness of the System-Aware design patterns, specific ones were developed
for an unmanned aerial vehicle (UAV) application. The application to UAV-based systems was inspired
by the wide variety of subsystems that are used in UAV configurations, the range of potential cyberattacks
that can seriously impact the critical missions of these systems, and the significant power, space
and performance constraints that System-Aware designs must address in order to operate in UAV-based
During the Phase I effort the UVa/GTRI team achieved a number of accomplishments including:
• Creation of software and hardware in the loop simulators and emulators to enable the
testing of System-Aware cyber security solutions.
• Identification, selection, and design of potential cyber-attacks that could be utilized to
compromise the UAV’s ability to carry out its mission.
• Design of a prototype smart security Sentinel to host System-Aware cyber security solutions
to protect against the cyber-attacks.
• Design of a Sentinel for airborne use based on the SiCore SHIELD secure single board
The Phase II effort for conducting a flight demonstration of the System-Aware Sentinel has been
planned. Phase II will consist of the activities necessary to integrate the results of the Phase I effort into
the GTRI Aerial Unmanned Sensor System (GAUSS) aircraft in order to create a flight-ready
demonstration. The GAUSS platform is a small research UAV with a widely used, commercial off-theshelf
autopilot system and camera gimbal. The demonstration will show how the System-Aware
approach can be used to thwart cyber-attacks against autopilot systems and sensor systems.