Key points are not available for this paper at this time.
The Department of the Defense has transitioned smart devices into the battlefield as a portable hand-held unmanned aerial vehicle ground control station without adequate cyber security protections, putting critical mission data at risk to cyber security attacks. Industry has developed software apps for smart phones and tablets that allows soldiers to not only pilot unmanned aerial vehicles (UAVs) but to share and receive intelligence and reconnaissance videos and images remotely from the ground control station (GCS) or directly from the UAV. The Department of Defense has not developed a secure communication network that will support a large quantity of smart devices, nor certification, standards or policies for operation of secure smart devices. Therefore, mission critical information will be shared through unsecured, mobile and wireless networks and through unclassified, unsecure smart technology that are vulnerable to cyber security risks. Lack of security of the mobile and wireless networks and smart devices could result in the unintentional sharing of data as well as loss of control of the UAV to enemies. The Department of Defense has failed to develop a threat model and risk assessment to identify the cyber security threats and ensure the proper security countermeasures are in place. This paper will analyze the cyber security vulnerabilities within the communication links, smart devices hardware, specifically smart phones and tablets, and software applications to develop a risk model of the threat profile of the GCS networking hub. This model will help designers and users of the military and civilian UAV communities to understand the threat profile of the GCS networking hub to develop a secure communication network based upon the vulnerabilities identified for smart phones and tablets.
Mansfield et al. (Fri,) studied this question.