Abstract
The MAVLink is a lightweight communication protocol between Unmanned Aerial Vehicles (UAVs) and ground control stations (GCSs). It defines a set of bi-directional messages exchanged between a UAV (aka drone) and a ground station. The messages carry out information about the UAV's states and control commands sent from the ground station. However, the MAVLink protocol is not secure and has several vulnerabilities to different attacks that result in critical threats and safety concerns. Very few studies provided solutions to this problem. In this paper, we discuss the security vulnerabilities of the MAVLink protocol and propose MAVSec, a security-integrated mechanism for MAVLink that leverages the use of encryption algorithms to ensure the protection of exchanged MAVLink messages between UAVs and GCSs. To validate MAVSec, we implemented it in Ardupilot and evaluated the performance of different encryption algorithms (i.e. AES-CBC, AES-CTR, RC4, and ChaCha20) in terms of memory usage and CPU consumption. The experimental results show that ChaCha20 has a better performance and is more efficient than other encryption algorithms. Integrating ChaCha20 into MAVLink can guarantee its messages confidentiality, without affecting its performance, while occupying less memory and CPU consumption, thus, preserving memory and saving the battery for the resource-constrained drone.
Abstract (translated)
MAVLink是无人机(UAV)和地面控制站(GCSS)之间的一种轻型通信协议。它定义了无人机(又称无人机)和地面站之间交换的一组双向信息。这些信息执行从地面站发送的无人机状态和控制命令的信息。然而,mavlink协议不安全,并且对不同攻击存在多个漏洞,从而导致严重威胁和安全问题。很少有研究能解决这个问题。本文讨论了MAVLink协议的安全漏洞,提出了MAVLink的安全集成机制MAVSEC,它利用加密算法来保证无人机与地面通信系统之间交换的MAVLink消息的保护。为了验证mavsec,我们在ardupilot中实现了它,并在内存使用和CPU消耗方面评估了不同加密算法(即aes-cbc、aes-ctr、rc4和chacha20)的性能。实验结果表明,chacha20比其他加密算法具有更好的性能和效率。将chacha20集成到mavlink中,可以保证消息的保密性,不影响其性能,同时占用更少的内存和CPU消耗,从而为资源受限的无人机保留内存和节省电池。
URL
https://arxiv.org/abs/1905.00265