DARPA Unveils Hack-Proof Drone

What's going on here?The Pentagon’s research arm unveiled a new drone built with secure software that prevents the control and navigation of the aircraft from being hacked.

The program, called High Assurance Cyber Military Systems, or HACMS, uses software designed to thwart cyber attacks. It has been underway with the Defense Advance Research Project Agency for several years after originating at the University of California, San Diego and the University of Washington, said Kathleen Fischer, HACMS program manager for DARPA.

“The software is designed to make sure a hacker cannot take over control of a UAS. The software is mathematically proven to be invulnerable to large classes of attack,” Fisher said.

QuadcopterThe mini drone is engineered with mathematically assured software making it invulnerable to cyber attack. Citing the success of mock-enemy or “red-team” exercises wherein cyber experts tried to hack into the quadcopter and failed, Fisher indicated that DARPA experts have referred to the prototype quadcopter as the most secure UAS in the world.

“We started out with the observation that many vehicles are easy for malicious hackers to tamper with the software and take control remotely. We’ve replaced all the software with our high assurance software that was developed using the tools and techniques that were invented in the program,” Fisher said.

The drone prototype was among more than 100 projects and 29 advanced research programs on display in the Pentagon’s courtyard Wednesday in what was billed as DARPA Demo Day.

The HACMS program develops system architecture models, software components and operating system software, DARPA officials said.

Vulnerabilities or security issues can arise when drones or other military aircraft are “networked” to one another such that they can share information in real time. Security risks can emerge through network protocols, software bugs or unintended interactions between otherwise correct components, DARPA officials explained.

“Many things have computers inside and those computers are networked to talk to other things. Whenever you have that situation, you have the possibility for remote vulnerabilities where somebody can use the network connection to take over and get the device to do what the attacker wants instead of what the owner wants,” Fisher explained.

The software tools used for the HACMS program can be adjusted to larger platforms. In fact, DARPA plans to transition the secure software to Boeing’s Unmanned Little Bird helicopter, DARPA officials said.

“The software is foundational so it could be used for a large number of systems,” Fisher added.

About the Author

Kris Osborn
Kris Osborn is the managing editor of Scout Warrior.
  • Nathan

    now lets integrate this into an RQ-180 and fly it over Iran to see if they can hack it haha.

    • ROFLMAO

      Why? Didn’t the US military make it clear that the drone brought down in Iran was due to mechanical / electronic problems rather than Iranian hacking?

    • IRAN

      Too late
      we already did something that you cant even imagine .we hacked that and now we have your drone please just for the god sake fly it over my country one more time to make sure your system is UNHACKABLE :))))))))))))))))))))))

  • JohnB

    Unhackable until it gets hacked.

  • tee

    Nothing is “Unhackable” given enough time.

    • Me

      One Time Pad encryption is absolutely unbreakable. Period.

      That said, you jam the GPS and command channel frequencies and it falls back to terrain maps. Jam the radar on a foggy night… All this jamming isn’t as easy as it used to be though.

      So just jam the radar, fly up behind it, and lasso it by the tail.

  • hibeam

    These unhackable drones can sit idle on the flight line with our regular drones. Waiting for someone with the political will to use them to come along. I know where the bad guys winter. Rhymes with Worth Naziristan. Call me.

  • BlackOwl18E

    I don’t think anything is fully hack-proof. This sounds like a marketing gimmick.

  • “The mini drone is engineered with mathematically assured software making it invulnerable to cyber attack..”

    I wonder what that means.

    • blight_

      I guess it means some kind of encryption algorithm that will take forever to brute force..yeah right.

      Did the NSA tell them that?

    • ROFLMAO

      Don’t cut the sentence off. It says ” … invulnerable to … large classes of attack.”

      Translation: the drone is hackable by small classes of attack.

      So the point of contention is really what “large” means.

      As for “mathematically proven”, since it’s being used by the US govt / military, so statistically it means this: BS.

  • Rob

    Don’t need to hack it if you are able to block/interrupt signals to and from it. No easy solution for this scenario. If make it self destruct it’s a total loss of money. If make it auto-return to base, it may get tracked back. If do nothing, it can just be modified and used against us. Maybe consider booby trapping it or attempt to virus any computer connected to it. A dormant system that puts out a GPS ping an hour after signal lost. Maybe even spontaneously combust after so it’s ruined.

    • Beno

      Agree, the only way to realistically deal with this is a return to safe point on inertial guidance. Trident can be 10m accurate on inertial guidance systems. And they require no external input.
      Im doubting this would be cheap tho ?
      Beno

  • Bernard

    The weakest link in most secure systems are the people using them. If you can hack the people then you don’t need to hack the equipment. Regardless, no system is unhackable although they can certainly be engineered to higher standards to lower the risks of being hacked.

  • In my old encryption school
    when I was in the military
    There was a signed that said:
    NEVER TRUST NO ONE
    NOT EVEN YOURSELF

  • Bill

    Guess it’s not using Windows software then.

  • john boomer

    I was thinking a 750 pound iron gravity bomb would be totally unhackable.

  • hooliman

    our ww2 planes were unhackable… oh the problems we create for ourselves.

  • Vincent

    “Yeh the Iranians didn’t hack our RQ170, that’s why we made a hack-proof drone”

  • Shakes

    Where’s that digital iceberg?

  • voodkokk

    See this is exactly why our security sucks and the people in charge need to be removed. There is no such thing as a 100% secure system and it just has not been hacked yet.

  • deanegilmour

    And how many times have we heard that “hack proof” statement. Just a challenge to the criminals on the web around the globe

  • JJ Murray

    First, there is no such thing as “hack proof” and anyone who makes a claim like that is either showing their arrogance, ignorance, or is trying to sell you a bill of goods.
    Second, no need to hack a drone. All you need is a basic noise jammer between the drone and the controller and get it on the right frequency and the controller no longer has control. A bunch of guys in a cave might not pull this off, but individuals in the US have already built jammers in their garages that jam police radar guns for example so how hard would it be for a group with some money behind them to do, let alone a government.

    • Brian B. Mulholland

      Would it be that hard to give a drone a go-home automated command in the event that command transmissions are lost?

      Midsize and larger drones usually navigate via GPS. Jamming that signal would require either or both of a big transmission or a jammer placed between the satellite(s) and the UAV. Large UAVs are not cheap and a digital map wouldn’t be that bad a cost, per unit, so that the UAV could go home in the event someone did manage to block the GPS signal. Would you agree?

  • Kaleb

    If this so called “hack proof” drone has software that cant be hacked and controlled by hostile solders; why don’t they use it in the war; that’s my problem. What do you think please reply.

  • Kaleb

    This is just a lie; nothing with software is NOT hack proof; bring out the real truth U.S.

  • Jack Bauer

    24….

    • rangedsp

      dude, exactly what i had in mind

  • John

    I’m pretty sure I know a way to key these in an innovative way. I just need to talk to the right person. @Blackacre

  • Anon

    By “mathematically proven” the article means “formally verified” (see https://en.wikipedia.org/wiki/Formal_verification ) and it means that there is a machine-check mathematical proof that states that under certain assumptions (hardware is correct, etc), the software on the system would fullfill its specifications, regardless of anything and everything else that may be going on. This can be hacked only if the attacker is able to either subvert some of the assumptions, or if the specification itself is too weak. Both are at least a theoretical possibility, but it is indeed “hack-resistent” (while not necessarily 100% hack-proof). And by the way, the code is all open source – see http://smaccmpilot.org/

  • Thunder350

    Countdown to some kid easily hacking this (like all the other “hackproof” things) for fun has begun.

  • ONTIME

    I wonder if they put a self destruct on this flying bolt package, if it’s swiped and goes off course without reason then why give it away again?

    • spec

      uhmmm, probably because none of drones produced in the US can stay on course all the time, not even on take off sometimes!

  • Shamrock5472

    But if the chips are from China …. it can be hacked in a heartbeat.

  • Gary

    If it detects hacking attempts it should fail safe to plan “B”: target a much more critical larger target and adjust the warhead for copious amounts of collateral damage thusly discouraging future attempts at messing with our drone.

  • Rob C.

    One can only hope they keep tight lid on how this software works or how to duplicate it. A lot of US secrets seem to get nabbed due to leaks in the companies and US State departments who develop and maintain them. Its been big concern of mine about hacking, of these flying aresenals and being turned on us the users or render incapable of fighting.

    I do however suspect eventually, a new cyber-race will need to begin to maintain this “invulernablity”. Nothing is unknowable forever, people are too darn determined not over come a challenge.

  • Wildman

    Why not use BlackBerry to encrypt the data? Even the president STILL uses a blackberry.