Aerospace and Electronic Systems - October 2018 - 24

A Survey on Securing UAS Cyber Physical Systems

Figure 2.

CPS vulnerability taxonomy.

VULNERABILITIES OF GENERIC CPS
A vulnerability can be defined as a weakness or flaw in the system that enables misuse of the system which an exploit can take
advantage of to perform malicious activity. The vulnerabilities of
a CPS can vary depending on the application. To characterize the
vulnerabilities that exist in a CPS, a taxonomy was developed as
shown in Figure 2. Although it is not a complete taxonomy listing
all vulnerabilities in a CPS, it can be generalized to apply to most
systems. The taxonomy does not differentiate between deliberately and nondeliberately created vulnerabilities, as it demonstrates
where a vulnerability is created in a general manner. Who created
the vulnerability and for what purpose can be considered irrelevant
for the purposes of this work.
The taxonomy shows where the vulnerability lies in the various
steps of the life cycle of a CPS. There are three levels of the taxonomy: phase of creation, access point, and access type. The three
phases of creation describe where a vulnerability may be developed: development, maintenance, and operation. The development
phase is where the system is initially designed and implemented
by the development team which can have access to many parts of
the system a typical user would not have access to. This can also
be a reoccurring phase depending on the application where a system may continuously be in development. The maintenance phase
consists of system upgrades, updates, or any additional modifications to the system which can be carried out by a technician or the
user. Vulnerabilities can be induced by the software developer or
engineer performing the update to the software or modifications to
the system. Lastly, the operational phase refers to vulnerabilities
introduced during the operation of the system, such as a communications link that transmits and receives when the system is up and
running or external factors that can only be introduced during operation or an attack on the human system interface. Vulnerabilities
may exist during the operational phase; however, the taxonomy
24

encapsulates the creation of vulnerabilities, not when the vulnerability is exposed.
The access points describe where a malicious attacker would
exploit the vulnerability, such as through hardware by modifying
the physical components, or software through exploiting a programming bug or inserting malicious code, or eavesdropping on
a wireless communication. At the bottom of the taxonomy lies the
access types which describes more specifically the type of access
a malicious adversary would perform to exploit the vulnerability,
e.g. inserting an intentional bug into the code during the development stage, updating the autopilot with corrupt firmware code, or
replacing physical components on the FCS.
The taxonomy in Figure 2 provides an attack classification
scheme for CPS exploits. An exploit or attack requires a vulnerability which is an internal flaw that enables an external misuse
of the system causing deviation from the expected operation. An
assessment on CPS exploits performed in [4] aided in the development of the following list of CPS exploits. The exploits can be
placed into three main categories: network, firmware, and sensor.
The first series of exploits consist of network attacks, a network
attack can include any type of wired or wireless communications
attack. Second are the firmware attacks: the firmware attacks are
related to the exploits on the software/firmware executing on the
main processor of the system. Lastly, the sensor exploits refer to
the firmware on the physical sensors and/or external reference manipulation. The exploits are shown in Table 1.

MAPPING CPS VULNERABILITIES FOR UAS
This section presents a survey of the various cyber security issues
related to UASs that have been identified and studied. Traditionally, the UAS flight control system (i.e., autopilot) software and
hardware developers are not fully aware of CPS cyber security
vulnerabilities. Cyber threat analysis is typically conducted at a

IEEE A&E SYSTEMS MAGAZINE

OCTOBER 2018

Aerospace and Electronic Systems - October 2018

Table of Contents for the Digital Edition of Aerospace and Electronic Systems - October 2018