Securing unmanned autonomous systems from cyber threats

Abstract

Unmanned systems, with and without a human-in-the loop, are being deployed in a range of military and civilian applications spanning air, ground, sea-surface and undersea environments. Large investments, particularly in robotics, electronic miniaturization, sensors, network communication, information technology and artificial intelligence are likely to further accelerate this trend. The operation of unmanned systems, and of applications that use these systems, are heavily dependent on cyber systems that are used to collect, store, process and communicate data, making data a critical resource. At the same time, undesirable elements of our society and adversarial states have also realized the high value of this resource. While enormous efforts have been made to secure data and cyber systems, lack of rigorous threat modeling and risk analysis can lead to more specific, rather than generic, security solutions relevant to the cyber system to be protected. This scenario has created an urgent need to develop a holistic process for protecting data and cyber systems. This paper deals with the development of different pieces of this process. We first identify the security requirements of unmanned autonomous systems, and follow this up with modeling how attacks achieve their objectives. We argue that a large number of threats that can materialize as attacks and the costs of managing these attacks in cost effective ways require ranking threats using cyber threat modeling and cyber risk analysis techniques. The last segment of the paper describes a structured approach to mitigate high-risk threats.