支持物理交互的无人机飞控系统安全测试方法

习宁; 周晓琳; 孙聪; 李乔杨; 马建峰; 郭鑫玉

doi:10.12263/DZXB.20240890

您当前的位置：

首页 >

文章列表页 >

支持物理交互的无人机飞控系统安全测试方法

学术论文 | 更新时间：2025-12-08

- 支持物理交互的无人机飞控系统安全测试方法
- Security Testing Method for Unmanned Aerial Vehicle Flight Control System Supporting Physical Interaction
- 电子学报 2025年53卷第3期页码：765-781
- 作者机构：
  
  1.西安电子科技大学网络与信息安全学院，陕西西安 710071
  2.中国航空工业集团西安航空计算技术研究所，陕西西安 710065
- 作者简介：
  
  [ "习宁男，1986年10月出生，陕西省渭南人.西安电子科技大学网络与信息安全学院教授，博士生导师.主要研究方向为无人系统安全、工业互联网安全、信息流安全. E-mail: nxi@xidian.edu.cn" ]
  [ "周晓琳女，2001年2月出生，黑龙江省齐齐哈尔人.西安电子科技大学网络与信息安全学院硕士研究生.主要研究方向为工业互联网安全，软件验证. E-mail: zhouxiaolin0223@163.com" ]
  [ "孙聪男，1982年7月出生，陕西省兴平人.西安电子科技大学网络与信息安全学院教授，博士生导师.主要研究方向为软件安全、程序分析、无人系统安全. E-mail: suncong@xidian.edu.cn" ]
  [ "李乔杨男，1985年6月出生，陕西省商洛人.西安航空计算技术研究所服务保障中心中层助理.主要研究方向为嵌入式计算机设计. E-mail: 2828884@qq.com" ]
  [ "马建峰男，1963年10月出生，陕西省西安人.西安电子科技大学网络与信息安全学院教授，博士生导师.主要研究方向为应用密码学、无线网络安全、数据安全、移动智能系统安全.中国电子学会会员编号：E190004733F. E-mail: jfma@mail.xidian.edu.cn" ]
  [ "郭鑫玉女，1998年6月出生，山西省晋中人.主要研究方向为无人系统安全、软件验证. E-mail: xinyu.g@foxmail.com" ]
- 基金信息：
  
  国家自然科学基金(92267204;62232013;U24A20243)
- DOI：10.12263/DZXB.20240890
  中图分类号： TP311;
- 收稿：2024-10-07，
  
  修回：2024-12-14，
  
  纸质出版：2025-03-25
- 稿件说明：
移动端阅览
习宁, 周晓琳, 孙聪, 等. 支持物理交互的无人机飞控系统安全测试方法[J]. 电子学报, 2025, 53(03): 765-781.

XI Ning, ZHOU Xiao-lin, SUN Cong, et al. Security Testing Method for Unmanned Aerial Vehicle Flight Control System Supporting Physical Interaction[J]. Acta Electronica Sinica, 2025, 53(03): 765-781.
习宁, 周晓琳, 孙聪, 等. 支持物理交互的无人机飞控系统安全测试方法[J]. 电子学报, 2025, 53(03): 765-781. DOI：10.12263/DZXB.20240890

XI Ning, ZHOU Xiao-lin, SUN Cong, et al. Security Testing Method for Unmanned Aerial Vehicle Flight Control System Supporting Physical Interaction[J]. Acta Electronica Sinica, 2025, 53(03): 765-781. DOI：10.12263/DZXB.20240890

摘要

作为信息物理系统（Cyber-Physical Systems，CPS）的典型设备之一，无人机使用方便、对作业环境要求低、灵活性强，已广泛应用于农业、工业、军事等领域.其中，飞行控制系统是无人机核心基础服务，保障无人机遥测感知、通信覆盖、测绘救灾等应用的有效执行.但多变的物理环境、复杂的功能结构使无人机飞行控制系统在开发过程中容易引入各类软件安全问题，导致无人机发生劫持、坠毁、失控等严重问题.如何检测无人机飞控软件系统的安全问题变得非常重要.现有的大多数无人机异常检测技术依靠数字世界构造输入，难以及时发现无人机逻辑安全的问题，本文提出一种支持物理交互的无人机飞控软件安全检测方法，将静态与动态分析方法相结合，用模糊测试方法对无人机飞行控制软件的安全性进行测试，结果表明该方法能够以97%的高覆盖率对无人机飞控任务进行安全检测，并根据测试结果进行无人机特征数据提取，基于该特征数据采用机器学习的方法训练出双重异常检测模型，在多组数据集上与现有检测方法进行对比，本文方法达到发现无人机异常状况97.5%的准确率，有效检测出无人机飞控软件系统中的已知安全问题.

Abstract

As one of the typical equipment of cyber-physical systems (CPS)

UAVs are easy to use

have low requirements for the working environment and strong flexibility

and have been widely used in agriculture

industry

military and other fields. Among them

the flight control system is the core basic service of UAV

which ensures the effective implementation of UAV telemetry perception

communication coverage

surveying

mapping and disaster relief applications. However

the changeable physical environment and complex functional structure make it easy to introduce various software security problems in the development process of the UAV flight control system

resulting in serious problems such as hijacking

crashing

and loss of control of the UAV. How to detect the security of the UAV flight control software system has become very important. Most of the existing UAV anomaly detection technologies rely on the input of digital world construction

and it is difficult to find the problem of UAV logic security in time

so this paper proposes a security detection method for UAV flight control software that supports physical interaction

combines static and dynamic analysis methods

and combines fuzzing testing methods to test the security of UAV flight control software

the results show that the method can detect the safety of UAV flight control tasks with a high coverage rate of 97%

and extract UAV feature data according to the test resultsBased on the feature data

the machine learning method is used to train a double anomaly detection model

and by comparing with the existing detection methods on multiple datasets

the proposed method finds the abnormal condition of the UAV with an accuracy rate of 97.5%

and effectively detects the known safety problems in the UAV flight control software system.

关键词

Keywords

references

王祥科 , 刘志宏 , 丛一睿 , 等 . 小型固定翼无人机集群综述和未来发展 [J ] . 航空学报 , 2020 , 41 ( 4 ): 15 - 40 .

WANG X K , LIU Z H , CONG Y R , et al . Miniature fixed-wing UAV swarms: Review and outlook [J ] . Acta Aeronautica et Astronautica Sinica , 2020 , 41 ( 4 ): 15 - 40 . (in Chinese)

高玉伟 , 韩庆 , 裴扬 . 某型无人机的易损性评估和减缩设计 [J ] . 航空计算技术 , 2007 , 37 ( 3 ): 44 - 47 .

GAO Y W , HAN Q , PEI Y . Vulnerability assessment and vulnerability reduction design of an UAV [J ] . Aeronautical Computing Technique , 2007 , 37 ( 3 ): 44 - 47 . (in Chinese)

ZHANG B B , CHEN X . Research on fault injection in UAV dynamic test [J ] . Industrial Control Computer , 2005 , 18 ( 5 ): 9 - 10 .

JHALA R , MAJUMDAR R . Software model checking [J ] . ACM Computing Surveys , 2009 , 41 ( 4 ): 1 - 54 .

HUMPHREY L R . Model checking for verification in UAV cooperative control applications [J ] . Lecture Notes in Control and Information Sciences , 2013 , 444 : 69 - 117 .

GUO H Y , WU M , ZHOU L D , et al . Practical software model checking via dynamic interface reduction [C ] // Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles . New York : ACM , 2011 : 265 - 278 .

LEESATAPORNWONGSA T , HAO M , JOSHI P , et al . SAMC: Semantic-aware model checking for fast discovery of deep bugs in cloud systems [C ] // Operating Systems Design and Implementation . Emeryvile : USENIX Association , 2014 : 1 - 16 .

YUAN B , SONG Z X , JIA Y , et al . MQTTactic: Security analysis and verification for logic flaws in MQTT implementations [C ] // 2024 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE , 2024 : 2385 - 2403 .

SHAIKH E , MOHAMMAD N , MUHAMMAD S . Model checking based unmanned aerial vehicle (UAV) security analysis [C ] // 2020 International Conference on Communications,Signal Processing,and their Applications (ICCSPA) . Piscataway : IEEE , 2021 : 1 - 6 .

TAYLOR M , CHEN H C , QIN F , et al . Avis: In situ model checking for unmanned aerial vehicles [C ] // 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) . Piscataway : IEEE , 2021 : 471 - 483 .

MOORE S , CHONG S . Static analysis for efficient hybrid information-flow control [C ] // 2011 IEEE 24th Computer Security Foundations Symposium . Piscataway : IEEE , 2011 : 146 - 160 .

FERRAIUOLO A , XU R , ZHANG D F , et al . Verification of a practical hardware security architecture through static information flow analysis [J ] . ACM SIGARCH Computer Architecture News , 2017 , 45 ( 1 ): 555 - 568 .

KIRCHNER F , KOSMATOV N , PREVOSTO V , et al . Frama-C:A software analysis perspective [J ] . Formal Aspects of Computing , 2015 , 27 ( 3 ): 573 - 609 .

LI H N , HAO Y , ZHAI Y Z , et al . Enhancing static analysis for practical bug detection: An LLM-integrated approach [J ] . Proceedings of the ACM on Programming Languages , 2024 , 8 (OOPSLA 1 ): 474 - 499 .

ALHAWI O M , MUSTAFA M A , CORDIRO L C . Finding security vulnerabilities in unmanned aerial vehicles using software verification [C ] // 2019 International Workshop on Secure Internet of Things (SIOT) . Piscataway : IEEE , 2019 : 1 - 9 .

SEREBRYANY K . OSS-Fuzz-Google’s continuous fuzzing service for open source software [C ] // 26th USENIX Security Symposium . Emeryvile : USENIX Association , 2017 : 1 - 28 .

KIM T , KIM C H , RHEE J , et al . Finding input validation bugs in robotic vehicles through testing [C ] // 28th USENIX Security Symposium (USENIX Security 19) . Emeryvile : USENIX Association , 2019 : 425 - 442 .

HAN R D , YANG C , MA S Q , et al . Control parameters considered harmful: Detecting range specification bugs in drone configuration modules via learning-guided search [C ] // 2022 IEEE/ACM 44th International Conference on Software Engineering (ICSE) . Piscataway : IEEE , 2022 : 462 - 473 .

KIM H , OZMEN M O , BIANCHI A , et al . PGFuzz: Policy-guided fuzzing for robotic vehicles [C ] // Proceedings 2021 Network and Distributed System Security Symposium . San Diego : NDSS , 2021 : 1 - 17 .

HAN R , MA S , LI J , et al . Range specification bug detection in flight control system through fuzzing [J ] . IEEE Transactions on Software Engineering , 2024 , 50 ( 3 ): 461 - 473 .

GAO J , XU Y W , JIANG Y , et al . EM-fuzz: Augmented firmware fuzzing via memory checking [J ] . IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems , 2020 , 39 ( 11 ): 3420 - 3432 .

SRIVASTAVA P , PENG H , LI J H , et al . FirmFuzz: Automated IoT firmware introspection and analysis [C ] // Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things . New York : ACM , 2019 : 15 - 21 .

MENG R J , MIRCHEV M , BÖHME M , et al . Large language model guided protocol fuzzing [C ] // Proceedings 2024 Network and Distributed System Security Symposium . Singapore : Internet Society , 2024 : 1 - 17 .

PARK J , LEE H , RYU S . A survey of parametric static analysis [J ] . ACM Computing Surveys , 2021 , 54 ( 7 ): 1 - 37 .

BALDONI R , COPPA E , D'ELIA D C , et al . A survey of symbolic execution techniques [J ] . ACM Computing Surveys , 2018 , 51 ( 3 ): 1 - 39 .

YUN J , RUSTAMOV F , KIM J , et al . Fuzzing of embedded systems: A survey [J ] . ACM Computing Surveys , 2022 , 55 ( 7 ): 1 - 33 .

GUTMANN P . Fuzzing code with AFL [C ] // Login Usenix Mag . Chicago : Computer Science , 2016 : 11 - 14 .

GRAABÆK S G , ANCKER E V , FUGL A R , et al . An experimental comparison of anomaly detection methods for collaborative robot manipulators [J ] . IEEE Access , 2023 , 11 : 65834 - 65848 .

YUEN K V , ORTIZ G A . Outlier detection and robust regression for correlated data [J ] . Computer Methods in Applied Mechanics and Engineering , 2017 , 313 : 632 - 646 .

LIU F T , TING K M , ZHOU Z H . Isolation forest [C ] // 2008 Eighth IEEE International Conference on Data Mining . Piscataway : IEEE , 2008 : 413 - 422 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据