Steal This Drone: DEF CON 29 Aerospace Village Activity

D. Cofer, I. Amundson, E. Barker, E. Hellman, M. Podhradsky, S. Zhuang

DEF CON Aerospace Village, August 2021

As part of DARPA's High Assurance Cyber Military Systems program (HACMS), Collins Aerospace led a team of researchers developing new tools for building aircraft software that is provably secure against many classes of cyber attack. We developed system architecture models, software components for mission and control functions, and operating system software which have been mathematically analyzed to ensure key security properties. This talk describes the results of this effort, as well as their demonstration in-flight on a military helicopter.

At DEF CON 29 Aerospace Village, we will have an operational (but non-flying) version of our secure quadcopter present whose mission and telemetry software runs on the formally verified seL4 kernel. We will provide wifi access to an isolated virtual machine running on its mission computer. In the "Steal This Drone" activity, DEFCON participants will be challenged to break out of the VM environment to read or write the encryption keys used for vehicle telemetry. More information about the quadcopter software and the challenge are provided in this short paper.