As the quadcopter maneuvered through the empty theater, Rockwell Collins Fellow Dr. Darren Cofer watched as a hacker tried to infiltrate the aircraft’s controls through an unsecured data link. The unmanned aerial system (UAS) continued flying through the open space, impervious to attack, with the nearby pilot deftly controlling its every move.

This demonstration for the U.S. Defense Advanced Research Project Agency (DARPA) proved that the team’s High-Assurance Cyber Military Systems (HACMS) secure software can enable an aircraft to keep operating safely despite offboard and onboard cyberattacks. This presentation was one of several HACMS flight tests, including a showcase at DARPA’s Demo Day in May at the Pentagon in Washington, D.C.

Cofer, principal investigator for the Air Vehicle team in DARPA’s HACMS project, has been leading a team of researchers from Boeing, Data61 in Australia, Galois and the University of Minnesota. Their challenge? To create secure embedded systems software that can protect an aircraft from cyberattack.

In addition to quadcopters, the Rockwell Collins team recently tested the latest build of its secure embedded systems software on the sophisticated mission computer of Boeing’s Unmanned Little Bird (ULB) helicopter. With its new software, the ULB resisted multiple cyberattacks launched by a team of advanced hackers.

“Our world is becoming more connected every day and that includes the aviation industry,” said Cofer. “Cybersecurity used to be a concern only for traditional computing systems and networks. Now anything with embedded software can be vulnerable to cyberattack. As a result, we have to be vigilant about protecting critical systems like avionics.”

Attacks on three fronts

According to Cofer, there are three main ways an embedded system can be hacked. One way is through external interfaces by exploiting weak or nonexistent encryption. The second is by exploiting software bugs to create software vulnerabilities. The third way involves using communications and software component interfaces in a way that was not intended by developers. HACMS takes into account all three approaches, using advanced mathematical reasoning to analyze complex systems and ensure that they are functional, safe and secure.

Darren-Cofer_CyberAttack

Rockwell Collins Fellow Dr. Darren Cofer prepares to demonstrate HACMS on a small quadcopter.

“Everything we do at Rockwell Collins centers on building trust every day,” said Cofer. “The techniques and tools we’ve developed for HACMS can be used on other complex, hard-to-test systems, increasing the level of integrity, safety and functionality of platforms across the company.”

As the team wraps up the third and final phase of the HACMS program, the engineers are preparing for a final ULB demonstration. The purpose of this flight test is to show that the team’s secure design and tools can protect the helicopter’s flight control computer as well as its mission computer. At the conclusion of the program, these HACMS technologies will be integrated into future commercial and military projects.

“It’s exciting to think about the different applications for these new tools,” concluded Cofer. “It opens up new possibilities in defense and commercial sectors — from unmanned vehicles and weapons systems to command and control devices and satellites — as well as for Rockwell Collins.”

-By Kalindi Garvin

Posted by Kalindi Garvin

2 Comments

  1. I would like to add that Andrew Gacek is the hacker who “infiltrates the aircraft’s controls through an unsecured data link,” and John Backes is the quadcopter pilot “deftly controlling its every move.” Watch the video to seem them in action. 

    Liked by 1 person

    Reply

    1. Thanks for sharing those details, Darren. It’s exciting to see the team at work in the video!

      Liked by 1 person

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s