Federal Cyber Security Blog | Cigent

Data Security for Unmanned Vehicles—both UAV and UGV

Written by Tom Ricoy | Sep 9, 2024 1:10:47 PM

Unmanned aerial vehicles as well as unmanned ground vehicles are an essential element in military and civilian operations. Accelerating innovations in programs like the DoD Replicator and AFWERX Autonomy Prime are rapidly improving capabilities leading to accelerating adoption in the field. 

UAV and UGV data security considerations 

UAV and UGV platforms possess multiple types of sensitive information in the form of operational data, including mission plans or surveillance data. Advanced unmanned vehicles have autonomous capabilities enabled by proprietary algorithms. These algorithms represent a significant investment. If compromised, they can be exploited by adversaries for their own programs. Adversaries may also study them to identify vulnerabilities. 

The diversity of unmanned aerial vehicles and ground vehicle types translates into a variety of data types and data storage options. Each presents data security issues that require specific data protection approaches. These include 2230 drives, SD and MicroSD, and embedded drives. These storage options must perform in extreme environments, which require they meet Industrial (-40 to 85C) and Automotive (-40 to 105C) temperature specifications. 

Advanced UAV and UGV data security and recovery options 

The missions that unmanned vehicles undertake leave them particularly vulnerable to an adversary gaining physical possession of the device. Legacy data at rest protections are insufficient to prevent unauthorized data access when adversaries have these devices in their physical possession. 

It is, therefore, vital to protect sensitive onboard data using advanced methods that address software and hardware vulnerabilities in UAV and UGV platforms: 

  • Cloning and Wiping 
  • Passcode Kits
  • Alternative OS Boots 
  • Other 

Cigent UGV and UAV data protection capabilities 

UAV and UGV data is definitely data at the edge and thus needs commensurate data protection measures. Cigent protects data at the edge with a patented portfolio of integrated solutions combining hardware and software security. Using a layered-protection approach to ensure data integrity, Cigent data protection solutions have been thoroughly tested and validated by leading federal agencies, including MITRE, NIST, NSA, NIAP, the Air Force, Cyber Resilience of Weapon Systems (CROWS), and NSSIF (UK).

Cigent offers the widest range of data storage for unmanned vehicles, including 2230, SD and MicroSD, and Embedded BGA supporting any O/S. Multiple options meet Industrial and Automotive Standards. All Cigent secure storage solutions are assembled in state-side facilities. 

Cigent secure storage foundations are full-drive AES 256-bit hardware encryption technology. Where applicable, Cigent also includes pre-boot authentication (PBA), a separate, secure authentication prior to initiating boot, andmultifactor Authentication (MFA), requiring the use of both a U/N Password and a smart card (CAC) for login. 

While DAR protection with full drive encryption are fundamental, Cigent complements its data security with a patented portfolio of data protection features to ensure sensitive data remains secure across the device lifecycle. Among the key capabilities: 

  • Hidden Partitions: Provide capability to create hidden enclaves to store sensitive data. Partitions lock all ranges to prevent wiping or cloning and also prevent an adversary from detecting the presence of data. 
  • Remote Data Erasure: Locally, remotely, or set automated triggers (i.e. disconnect from pilot) to initiate data erasure. Data is erased with nearly instantaneous crypto erasure, followed by block erasure. This is followed-by patented block by block analysis to ensure all data has been irrevocably destroyed.  
  • Secure Access Logs: Create immutable logs of all data activity. If retrieved, the device provides tamper-proof documentation of data actions. 
  • Enterprise Management Console: In cloud or on premises management of Cigent capabilities and key management and drive telemetry. 

Beyond the leading technical capabilities Cigent provides a team of data protection experts with government clearance to define a solution to meet your needs. Providing: 

  • Cleared facilities and SCIFs for secure conversations
  • Customized solution planning to meet specific mission requirements – including custom coding 
  • Coordination with CSfC office to define solutions to meet compliance and address issues like authentication factors 

Data security is a mission critical operational imperative

Expanding use of unmanned aerial vehicles as well as unmanned ground vehicles and advances in their capabilities provide strategic advantages, yet also create data security vulnerabilities. Data protection for unmanned vehicles should be a top priority across every program and every deployment of this technology. Schedule a demo to learn more.