U of M’s Mike Whalen Teams Up with DARPA to Create A Less Vulnerable Drone
A Real-World Threat
The Director of the University of Minnesota Software Engineering Center Mike Whalen has been working for the past four years with a number of research groups around the country including DARPA to find a way to make autonomous vehicles less vulnerable to systemic attacks by hackers.
“DARPA has been very concerned about vehicle attacks,” said Dr. Whalen. “The concern is that an adversary could take over a vehicle or, worse, an entire fleet of vehicles by initiating an attack through the wireless networks used by these vehicles.”
As futuristic as that sounds, this is a real problem the military and its various defense agencies have been forced to confront as warfare increasingly relies on unmanned vehicles.
“This has been carried out in real attacks,” said Dr. Whalen. “There was a case where Iran landed a brand new U.S. stealth drone on one of their airbases by jamming its communications and spoofing its GPS to convince the drone it was over a U.S. airbase in Afghanistan.”
The concern for this kind of security stretches beyond the military. For example, Dr. Whalen pointed out a much-publicized attack carried out by security researchers who demonstrated how they could manipulate a car’s braking system without ever touching the car by exploiting a vulnerability in the radio, broadcasting the attack via Wi-Fi and subsequently causing the radio to “spoof” the rest of the vehicle into thinking it was the braking system. Another security team was able to remotely kill the engine of a Jeep while it was on the road.
“The level of autonomy is a game changer because now we have situations where there’s no human in the loop,” Dr. Whalen explained. “This adds an entirely new dimension, especially with self-driving cars and commercial autonomous drones on the horizon. You have a real potential for damage if someone hacks into these systems.”
Building a Better Drone
Dr. Whalen is part of a broad multi-company and university research team that includes experts from Rockwell Collins, DARPA, Boeing, Galois Inc., Draper Labs and Data61.
“What we’re interested in is whether we can build a platform from the ground up that’s functionally equivalent to a modern vehicle, but is also secured from attacks,” said Dr. Whalen.
DARPA has divided their research into two main teams: a ground team and an air team. Dr. Whalen is part of the air team whose job is to investigate rotorcraft (helicoptors and drones), and use advanced operating systems, architecture description languages, programming languages, and verification technologies to build security into the vehicle.
“We at the U work as the integrator. Working closely with Rockwell Collins, we define the architecture of the vehicle,” said Dr. Whalen. “For example, a car that can be hacked through its radio Wi-Fi interface is poorly architected. We specify all the pieces of software and hardware and determine which ones are critical or non-critical, then make sure that none of the non-critical things can affect the critical things except in very well-defined ways.”
This has led Dr. Whalen’s team to work with unmanned vehicles ranging from hobbyists’ remote-controlled quad copters to Boeing’s 32-foot autonomous military helicopter called Little Bird.
“For the quad copter, our system controls all functions of the copter—everything it does. For the Boeing vehicle, it controls the communication stacks—all the communications in and out of the Little Bird. Eventually, it will run the entire flight control computer, so our system will actually be flying the vehicle.”
The Keys Are Partitioning and Verification
The idea behind creating a hack-proof system revolves around what researchers call partitioning. Partitioning is a way to separate or wall-off portions of an operating system that’s controlling the computer.
“Essentially, what we want to do is figure out a good architecture, then build these very strong walls between critical and non-critical things so that, if by some chance the non-critical stuff gets hacked, it doesn’t leak across the partitioning barrier.”
The other part is verification of the critical software. One way that hackers break into systems is through a buffer overflow, in which an attacker can inject malicious code into the system by sending in a malformed program input. Galois Inc. developed a programming language called Ivory that is both very efficient and does not allow programmers to write code that contains buffer overflows or other memory errors. In addition, it performs formal verification on critical components to make sure that they meet security requirements.
The scope and complexity of the project is huge. Not only does the team need to look at all the research currently out there, but the team also implements their systems into vehicles with an ultimate goal of deploying their work commercially and militarily. This ambition has led the team to seek rigorous testing.
“We’ve been working with a “Red Team” from Draper Labs who act as White Hat hackers. They break into government installations and explain where the vulnerabilities are.”
As part of the project, Dr. Whalen and his research counterparts gave to the Red Team all of their design documentation, source code and system images. They were given three months to hack it. Red Team didn’t succeed. After this test, they gave the Red Team greater access, and, again, they were unable to hack it.
“A lot of these ideas are going to transition, and hopefully some of the tools we have constructed as well,” said Dr. Whalen. “I’d like to see this technology make it out there.”
These technologies have the potential to make future systems significantly safer and more secure, especially as unmanned drones and autonomous automobiles are starting to enter the commercial sphere. “Boeing is going to be using this for sure in the Little Bird, and it’s going to be deployed in a real production vehicle in the near term. We’ve been in discussions with Amazon, and, of course, DARPA is interested,” said Dr. Whalen.
To learn more about the team’s research progress, be sure to read Wired’s article “Pentagon Looks to Fix ‘Pervasive Vulnerability’ in Drones,” Aviation Week’s “DARPA Flies Hack-proofed Unmanned Little Bird,” or New Scientists’ “Unhackable kernel could keep all computers safe from cyberattack.”
Dr. Mike Whalen is the Program Director for the University of Minnesota Software Engineering Center and is part of the Critical Systems Group (CriSys) whose research interests are in the general area of software engineering; in particular, software development for critical software applications - applications where incorrect operation of the software could lead to loss of life, substantial material or environmental damage, or large monetary losses.