Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security Software The Military Transportation United States Technology

DARPA Unveils Hack-Resistant Drone 107

savuporo (658486) writes with news based on the work of a DARPA project known as High Assurance Cyber Military Systems: "'The Pentagon's research arm unveiled a new drone built with secure software that "prevents the control and navigation of the aircraft from being hacked. ... The software is designed to make sure a hacker cannot take over control of a UAS. The software is mathematically proven to be invulnerable to large classes of attack,' [HACMS program manager Kathleen] Fisher said." This is currently being demoed on a quad-copter platform. It would be interesting to know the CPU architecture, chipset, programming language and the suite of communication protol this thing uses ."
This discussion has been archived. No new comments can be posted.

DARPA Unveils Hack-Resistant Drone

Comments Filter:
  • Frosty piss (Score:2, Insightful)

    by Anonymous Coward
    There ain't no such thing as 'hacker-resistant'.
    • Re:Frosty piss (Score:5, Insightful)

      by The Snowman ( 116231 ) on Saturday May 24, 2014 @09:37AM (#47082687)

      There ain't no such thing as 'hacker-resistant'.

      Yep, I especially loved this gem from the summary:

      The software is mathematically proven to be invulnerable to large classes of attack

      Anyone who knows anything about software and crypto knows you cannot make the software "invulnerable" to attacks. You can greatly decrease the number of bugs and known attack vectors. You can make it infeasible to brute-force your system using a realistic amount of computing power. But you do not know what you do now know, and the system cannot be 100% secure.

      I would love to see how they "mathematically proved" it is 100% secure (invulnerable, remember).

      • Perhaps what theyre getting at is that there is a very limited network exposed portion of the software that is isolated from everything else, and is simply responsible for the creation of a control channel-- basically, a chip that just handles establishing the VPN, and allowing VPN'd comms in and nothing else.

        It may be possible, in such a situation, to perform an audit which establishes that that code does exactly what it says it does, and nothing else. I understand such audits are possible, but generally

      • The quote reads:
        "The software is mathematically proven to be invulnerable..."
        wait for it-
        "...to large classes of attack."

        Since he does say 'mathematically proven', probably he's referring to some cryptographic subsystem of the software, maybe even just the encryption algorithm itself. But whatever he is referring to, the statement is that it is invulnerable to some types of attack (not all types of attack). This is just standard propaganda designed to give the impression of "our forces are invincible!
      • Anyone who knows anything about software and crypto knows you cannot make the software "invulnerable" to attacks.

        Well, it's a good thing they only specify 'large classes' then, right? They aren't saying it's invulnerable.

        Still, something as 'simple' as running a VPN type encryption system would make your system effectively invulnerable to 'large classes' of attacks.

        Personally, I see using 2 keys per channel, an encryption and a separate authenticator. Encrypt everything you send the plane and any plaintext transmissions look like nonesense. Sign all your packets and it can reject stuff that doesn't have the proper

      • Seems to me it's typical hubris from govt.
      • The software is mathematically proven to be invulnerable to large classes of attack

        Well they did say invulnerable to large classes of attack, which already means that it's not "invulnerable" to all attacks.

  • How long (Score:5, Insightful)

    by vikingpower ( 768921 ) on Saturday May 24, 2014 @04:52AM (#47082019) Homepage Journal
    before someone takes over one of these babies ? I mean - for a challenge, this is about the same thing as waving a kilogram of prime steak in front of a pride of lions...
    • Have they learned nothing from 24 and Jack Bauer? ...or how long until something really 'bad' is orchestrated and they will blame hackers for it?
    • by Anonymous Coward

      About a couple of hours after 1 gets downed and it's found out that they all use the same key or password. 'Mathematically assured software' is very vague, it would be nice to know more details. The red team exercises need explanation too, if it was a black box exercise then its likely that there's a bug somewhere deep in an obscure code-path.

      TL;DR secure embedded computing LOL

    • In the real World, -resistant is not the same thing as -proof.

      Many systems designed to be idiot-proof fail because they just keep making a better idiot.

    • This is DARPA we're talking about.

      One does not simply out smart DARPA.

  • by Anonymous Coward

    Either they're 50 years behind missile tech, or the abort signal of missiles can be hacked.

  • What.

    The only thing you can mathematically prove to be secure is the encryption, and strong crypto is the very least of what even a very cheap commercial drone should have.

  • This is just silly (Score:4, Insightful)

    by rebelwarlock ( 1319465 ) on Saturday May 24, 2014 @05:29AM (#47082095)
    How many ways is this ridiculous? In the summary alone, you have quite a lot of nonsense. First, they brag about secure software. Your software is supposed to be secure, especially for something like this. You don't get bonus points because you thought about security where weapons were concerned. That's like bragging about not shitting your pants. Of course their security software is designed to prevent hacking - that's the point. Then you have the mathematical proof, which is just a fancy way of saying they ran a code analysis tool and their software totes doesn't have buffer overflow vulnerabilities, guys! If they really got fancy with it, maybe they could test it against real life security penetration testers, but let's not get ahead of ourselves.
    • This is just silly (Score:5, Insightful)

      by craigminah ( 1885846 ) on Saturday May 24, 2014 @05:41AM (#47082125)
      No kidding. I wouldn't even say "he hasn't missed a field goal in 43 attempts, this is a chip shot" because you'll put a rook on it and fail somehow. Heck, the US Government can't even put up a fricking (healthcare) website so how can they expect to succeed at making a "hacker proof drone"? 'Mathematically-proven" is like using the word "clinical" in front of a toothpaste...means nothing other than to hype a product...
      • Well, I think this is a bit different. Such comments may be apt to other offerings, but this uses industrial strength military grade antibacterial hypoalergenic drone security best practices.

        • by Anonymous Coward

          So, I am a computer engineer working on this. The big 9 digit ones are very well protected by design practices that are even more anal and nitnoid than security hardened software design. The 8 digit ones pay lip service, and the smalls should never have been allowed to fly with the software they carry, nor should anyone who did any of the architecture ever be allowed near an airplane. There's a reason that an airplane GPS costs 100 times that of a handheld; there's a lot of procedure and testing to validate

      • 'Mathematically-proven" is like using the word "clinical" in front of a toothpaste...means nothing other than to hype a product...

        Er, no. Thats not what it means.

        It means someone did an audit of something, and proved that that one piece does what its supposed to. Theyre probably talking about the crypto or comms bits.

    • by AmiMoJo ( 196126 ) *

      Rather than bragging they should be hanging their heads in shame and apologising for the shoddy work they did. They already lost a few of these drones, including one hacked by Iran. Security should have been the first thing on their minds, not the last.

  • That summary says absolutely nothing. Are they implying that all previous drones have no security? Just connect to them and take over. Luckily some genius from DARPA came up with the brilliant idea of adding a password prompt.

    • by Anonymous Coward

      That has been the case with the video feeds coming out of drones: http://www.wired.com/2009/12/insurgents-intercept-drone-video-in-king-sized-security-breach/

    • Are they implying that all previous drones have no security? Just connect to them and take over.

      That's the guiding principle behind the Free War movement, as conceived by the "Make War, Not Love" anti-hippies at the DoD.

  • Your Security Certificate ran out and nobody could be bothered to renew it.


    • Jesus... sometimes this place is worse than the web hosting customers I deal with. "What do you mean the SSL expired? I didn't know it had to be renewed! Why wasn't I notified!!" "Sir, the certificates come with an expiration date the moment they're issued..."
  • by Anonymous Coward

    Mathematically proven? Since when has reality ever been that simple... Expose it to internet and make hacking contest, nice price for first to penetrate it and your have some real world testing...

    Real world hackers have much more ideas how to hack something then some pentagon development lab...

  • Perhaps the computer is built using IC's [computerhistory.org], uses tape decks for storage and communicates via CB radio...?
    • Of course it is built using ICs. You don't expect them to solder together billions of individual transistors, do you?
  • If it's properly secure then open source the code. Security is in the algorithm, not the implementation.

    Why not just use a one-time-pad? Get the launch crew to type it in on mission start?

    • by Yaur ( 1069446 )
      What, besides a OTP is "mathematically proven" to be secure? Probably that is what they are using, though hopefully with a hardware entropy source and some physical connection required to replace the key data. Biggest issue here would be getting the grunts in the field to actually replace the key unless doing so is required to get it to launch. OTOH "mathematically proven" could just be technobable that means "built on problems that are assumed to be hard."
  • The program, called High Assurance Cyber Military Systems, or HACMS

    At least they have a sense of humor.

  • Turns out they're using the same key as the old DVD players. You can get that from the usual sources, including a few slashposters' signature lines.

  • According to Bruce Schneier, anybody can write an encryption algorithm that they cannot hack, but until the algorithm is published and "in the wild", that's as much as you can say about it. So yes, let us see the protocols, algorithms, and code and then we can say whether or not it is "unhackable". My guess... not very.
    • While I agree, and in no way trust the words of defense contractors, this is a common sentiment that's usually applied a bit broadly. One must realize that all security is security through obscurity. Each bit of obscurity increases the effective security exponentially. Yes, it may very well be that not having access to the cipher algorithms in use only provides a few bits of security since they're likely using one of the existing cipher systems, however those are a few bits of security that do exist if n

  • Seriously people? (Score:4, Interesting)

    by Typical Slashdotter ( 2848579 ) on Saturday May 24, 2014 @01:49PM (#47083591)

    I admit that the article doesn't go into any technical details, but the number of comments here that are completely ignorant of what formal verification [wikipedia.org] is and reject that it is even possible is...disturbing. (See CompCert [inria.fr] for a real-world example of this practice.) Since the article was so bad, I don't know what the team actually did, but "mathematically proven to be invulnerable to large classes of attack" is exactly the sort of prudent statement I would expect from someone who has done good work making a hardened system.

    • by Anonymous Coward

      Typically formal verification is done against the specification to prove that it meets the specification correctly. That's all well and good. However, it also assumes that the formal specification contains no flaw, holes, etc. For any complex system, and this is one, designing a specification without flaws is, at least, very difficult.

      Beyond that, the biggest security threat is the wetware and testing wetware for security issues is NOT mathematically possible.

  • by Anonymous Coward

    Glad the software will be un-hackable as it crashes to earth, when someone paints it with a large antenna and car battery blasting EM noise.

  • "unveiled a new drone... built with secure software that prevents the control and navigation of the aircraft from being hacked"

    So, um, what does that imply about the *existing* drones?

    I sure do hope they explain in detail the current vulnerabilities in the current models that they've overcome with their shiny new solution.

  • The first thing I would do is have directional antennas and only accept commands from above (ie satellites)

  • I can mathematically prove that you are a figment of my imagination. This is like that old saying about logic...it's a way of going wrong with confidence. Obviously some PR flake wrote the press release, no sane engineer would ever have made such statements.
  • It can be attacked.

    The only chance you have is raising the bar so high no one can practically manage it, but never think it *cant* be done or it will bite you in the ass.

  • I wonder if they can shield these drones against an e-bomb. In a way if you knock out navigation while a drone is over friendly areas you turn the drone into a random, terror, device. I suspect that trying to shield a drone from an e-bomb would be very difficult. Apparently the Air force is able to shield war planes against electronic shock but they have many redundant systems whereas drones might not be able to carry all of the shielding and backup systems. When we invaded Iraq we proba
  • I assume you meant to write Hack Resistant Drone Control System, innit? Sounds rather useless, gimme a glaive beam and a chain ion and I will take care of the hack myself.

Garbage In -- Gospel Out.