Date of Award
Master of Science
Department of Electrical and Computer Engineering
Barry E. Mullins, PhD.
The MAVLink protocol is an open source, point-to-point networking protocol used to carry telemetry and to command and control many small unmanned aircraft. This research presents three exploits that compromise confidentiality, integrity, and availability vulnerabilities in the communication between an unmanned aerial vehicle and a ground control station using the MAVLink protocol. The attacks assume the configuration settings for the data-link hardware have been obtained. Field experiments using MAVProxy to compromise communication between an ArduPilot Mega 2.5 autopilot and the Mission Planner application demonstrate that all three exploits are successful when MAVLink messages are unprotected. A methodology is proposed to quantify the cost of securing the MAVLink protocol through the measurement of network latency, power consumption, and exploit success. Experimental measurements indicate that the ArduPilot Mega 2.5 autopilot running the ATmega2560 processor at 16 MHz with the standard, unsecured MAVLink protocol consumes on average 0.0105 additional watts of power per second and operates with an average additional latency of 0.11 seconds while under the most resource-intensive attack than when not under attack.
DTIC Accession Number
Marty, Joseph A., "Vulnerability Analysis of the MAVLink Protocol for Command and Control of Unmanned Aircraft" (2014). Theses and Dissertations. 613.