January 2025
·
67 Reads
·
1 Citation
IEEE Access
Unmanned Aerial Vehicles (UAV), are rapidly advancing across various sectors. However, this growth is accompanied by escalating security risks, as UAV become prime targets for sophisticated cyber and physical attacks. Although several surveys on UAV security exist in the literature, there is a lack of a practical guide to assist stakeholders in assessing and mitigating security risks in diverse UAV application sectors. Motivated by this gap, the main contribution of this tutorial is to describe a hands-on security assessment methodology for UAV services, by integrating fundamental background knowledge of UAV technology with actionable security strategies. The methodology is based on established standards, combining risk assessment with penetration testing. The goal is to assist practitioners and stakeholders of UAV services in understanding threat modeling, vulnerability analysis, and targeted risk mitigation. Initially, the underlying UAV technologies, architectures, and applications are presented. Then, a taxonomy of security attacks and countermeasures for UAV is provided. Based on the presented UAV characteristics and security needs, a practical step-by-step security assessment methodology for UAV services is presented. To demonstrate the practicality of the presented methodology, it is applied to a real-world-inspired scenario, showcasing its effectiveness in identifying attack vectors, assessing risks, and deploying countermeasures.
![Fig. 2. a) Multi-Rotor Drones, b) Fixed-Wing Drones, c) Single-Rotor Drones, d) Fixed-Wing Hybrid VTOL [17]](https://www.researchgate.net/publication/378784798/figure/fig2/AS:11431281228022694@1709817327984/a-Multi-Rotor-Drones-b-Fixed-Wing-Drones-c-Single-Rotor-Drones-d-Fixed-Wing-Hybrid_Q320.jpg)
