R2U2: Monitoring and Diagnosis of Security Threats for Unmanned Aerial Systems

R2U2: Monitoring and Diagnosis of Security Threats for Unmanned Aerial Systems

Johann Schumann, Patrick Moosbrugger, and Kristin Yvonne Rozier


These pages contain further details of the experiments described in " R2U2: Monitoring and Diagnosis of Security Threats for Unmanned Aerial Systems " by Johann Schumann, Patrick Moosbrugger, and Kristin Yvonne Rozier. The BibTeX for this paper is available here.


We present R2U2, a novel framework for runtime monitoring of security properties and diagnosing of security threats on-board Unmanned Aerial Systems (UAS). R2U2, implemented in FPGA hardware, is a real-time, REALIZABLE, RESPONSIVE, UNOBTRUSIVE UNIT for security threat detection. R2U2 is designed to continuously monitor inputs from the GPS and the ground control station, sensor readings, actuator outputs, and flight software status. By simultaneously monitoring and performing statistical diagnosis, attack patterns and post-attack discrepancies in the UAS behavior can be detected. R2U2 uses runtime observer pairs for linear and metric temporal logics for property monitoring and Bayesian networks for diagnosis of security threats.We detail the design and implementation that now enables R2U2 to handle security threats and present results of simulations of several attack scenarios on the NASA DragonEye UAS running ArduPilot flight software.

Our data files are compiled using the SamIam and Ace tools, which are free and open source and can be downloaded here. Documentation is packaged in the tool downloads.

Disclaimer: The files distributed on this page contain research prototype code and examples published in the paper above. The files are compatible with SamIam release 3.0 and Ace version 2.0; we make no claims regarding compatibility with any other versions. Please feel free to email me concerning clarifications, bugs, or other corrections.

Requirements for the SITL Simulation

A manual on how to setup the SITL Simulation can be found here.

Download casestudy data

Explore the Simulations Dataflash Logfiles

You can go through our simulation dataflash logfiles using APM Planner 2.0.
Start APM Planner 2.0, and as shown in the picture,
switch to the "GRAPHS" view, go on "Open Log",
and select the apm_dataflash*.bin file from the casestudy directory.

Now you can select the signals you want to display in the right pane.
Scaling can be changed by doubleclick on the vertical axis.
For example, to see some interesting signals for the GPS Spoofing casestudy,
display the signals as can be seen in the next figure.

Running the simulation scripts

In order to run the SITL Simulation, please refer to the manual here.
If you intend to run the simulation scripts from our casestudies, you will need to install the MAVProxy modifications.
Simply overwrite the files in the MAVProxy installation directory with the files you can download here
Once the SITL simulation is running, you can execute this scripts using the
modified MAVProxy application by issuing the command "script <path_to_script>".
To reproduce our results, you can follow the directions from our flight_plan.ods, which is located in each casestudy directory.

Interpreting the input traces for the R2U2 Framework (rtr2u2_uart_dump*.bin)

The data trace, that is extracted from the Flightcomputer and sent to our monitoring framework
for online monitoring, is logged in the rtr2u2_uart_dump*.bin file for each casestudy.
The trace consists of a binary stream that is sent packet by packet.
In order to interpret these packets, please have a look at the struct rtR2U2_packet,
defined in the AP_Rtr2u2.h file from the casestudy directory, where they are defined

Kristin Yvonne Rozier 2015-04-27