By Walter Capitani
The use of drones is expected to skyrocket in the coming years. The commercial market alone is expected to grow by 32% around the world every year through 2026. FAA records show 868,421 drones are registered for use in the U.S. and 215,364 pilots are certified for remote operation.
With drones being autonomous or “self-flying”, they depend on software to carry out nearly 100% of their tasks. This makes them a ripe attack target just like any other cyber physical devices. As such, drone software safety and security will become more closely scrutinized in the near term.
That’s because not all drones need a pilot, at least not a human one. Remotely piloted aircraft (RPA) answer to a pilot (think of military drones carrying out air strikes), but the real growth opportunity is in autonomous and self-flying drones. These are piloted by software that sets them on a course or a task; autonomous drones follow a preset route, while self-flying drones are programmed to run a task, such as a mapping drone or a security drone that scans an area at regular intervals. And self-flying drones run by artificial intelligence are the next step.
The effort to use autonomous drones for delivery has picked up some steam during the COVID-19 pandemic, as a way to make speedy, contactless deliveries. For example, Walgreens tested a delivery service in Christiansburg, Virginia, using drones from Wing, Alphabet’s drone subsidiary. The drones operate following a traffic management system that plots their route, gets them airborne, and directs them to hover 23ft above the delivery destination. The drone lowers the package on a tether and once the customer has received the package, it climbs back to cruising altitude and returns to base.
You would think the most obvious safety challenge would be a customer forgetting to release the tether and yanking the drone down, but that is only one issue, and the software can correct for it. More seriously, the code running that drone air traffic system needs to be secure. Any programming error could affect the operation of the drone itself.
Keeping drones from crashing is an obvious concern, as is keeping bad actors from taking over a drone for their own purposes. Stealing a drone for its cargo is not like the mobsters in “Goodfellas” hijacking cargo trucks at the airport. Drones typically are not carrying anything valuable enough that would make theft a problem. For example, the Wing drone carries a load of up to 3.3 lb. But their loads are often critical; some of the earlier tests for the use case of delivery drones have involved sending medications to remote areas.
Another dimension to drone safety is federal – or lack of federal regulation. The only regulation on the operations of drones in the United States is part 135 of Title 14 of the Code of Federal Regulations (14 CFR part 135) which puts the FAA in charge of regulating drone pilot certifications. The FAA also requires registering all drones over 0.55 lb used for commercial and recreational use.
The FAA has not defined the drone industry clearly yet, so the regulations of Part 135 are pretty fluid. The rules at the moment are mainly just a question of staying under aircraft altitude and away from airports, to avoid interfering with air traffic. But wider regulation will follow as drones expand their reach, and some companies begin testing them for passenger use – as air taxis, for example.
Just as the operating certification owes to the pilot certification process, the requirements for the code behind drones is also an offshoot of aircraft regulation. The FAA applies DO-178C, Software Considerations in Airborne Systems and Equipment Certification, an international standard for aviation software systems established in 2012 to update DO-178B, the standard since 1991.
Once drones begin carrying more than packages, or carrying people, regulation will have to follow. Software will need the flexibility to adapt to new rules and new requirements. It’s not there today, but drone operators know it might come in the future.
For now, the FAA has not specified requirements for developers, which is part of the problem they face when building drone management systems. In anticipation of the FAA delivering some regulation stating, “you have to do this,” some drone companies have been performing static application security testing by default, or they may have shifted security left in the development cycle. These organizations are painting the picture that they are ahead of others in anticipation of the regulations and safety/security concerns.
A new industry with high visibility doesn’t have much room for error. One drone air taxi crash will bring consequences in both regulation and business. And when an emerging business is moving fast, developers can’t sit around waiting for quality assurance (QA), they need a way to test code security efficiently. No matter where your drone fits in the industry spectrum, whether delivering three pounds of drugstore items or an air taxi passenger, expect tighter specifications for security and safety soon. This will require enhanced code safety and security analysis capabilities earlier in the application development process, not just at the test phase.
About the author: Walter Capitani is Director, Technical Product Management for GrammaTech Inc., a developer of software-assurance tools and advanced cyber-security solutions. A recognized expert in embedded and enterprise software security, Capitani has led global product development teams focused on safety-critical and secure software, SaaS application performance, file distribution applications for broadcast television and cinema, and 3D video compression and transmission technology.