Cyber security with Flybility products

Here is an overview of all the measures we you can implement to preserve the integrity of your data. Whether it’s a matter of intellectual property or the sensitivity of the asset from a national security perspective, some applications require the data gathered by operators to be secure.
 

Best practices

To prevent data theft,  the drone and the GCS should be kept safe when on site. Additionally, avoid keeping the SD cards out of the drone and on your person, as well as keeping the hardware box locked with a padlock during transport. We recommend deleting all data from the Camera and the Log SD cards after downloading them to your computer. Once the data is securely downloaded, we also recommend deleting any backup footage that may be on the tablet if this option was enabled.

For inspection service providers, we recommend entering client assets with empty and formatted SD cards and immediately uploading the data from the drone after the mission. This allows the operator to delete the SD cards and tablet backup so as to leave the site with no data from the client.

For operators working in public safety, the drone can be flown with no video SD card to ensure all the data remains safe should the drone be destroyed, lost or taken while in flight.

 

Data Storage Locations

Flyability drones are designed for indoor uses in signal-deprived environments with no external signal reception. This means that the only device connected to the drone is the Ground Control System (GCS). This makes it easy to secure from a data security standpoint.

The data gathered by the drone is stored on SD cards on the drone. Operators have the option to save a screen-recording on the tablet as a back-up. These are the only two places where flight data is stored automatically.

 

DJI components

Both the Elios 1 and the Elios 2 are equipped with a DJI Lightbridge 2 radio link. The Ground Control System (GCS), is composed of a DJI controller and a Samsung tablet. The Cockpit app, which is installed on each GCS, communicates with the transmission system of the controller through an SDK provided by DJI. In order to activate the DJI SDK, a one-time internet connection is required to exchange a token with DJI’s IT infrastructure. This operation is part of our production process and is done during the post-production test performed at the end of the process. After this, neither the Cockpit app, the controller, nor the Elios 1 or Elios 2 drones ever need to communicate with any of DJI’s IT infrastructure again.

cyberdji-1-1

The DJI components are highlighted in the figure above. Their function is described below:
  • The DJI Lightbridge 2 Air Unit, the transmission system on board the drone, maintains a bidirectional communication link with the drone.
  • The DJI Lightbridge 2 Ground Unit, the hand held transmission system and controller. It communicates to the tablet via USB to display the live video feed, it transmits the pilot control inputs to the the drone.
  • The DJI Mobile SDK, this Android library is allows the Cockpit application on the Samsung tablet to communicate to the remote controller. 
  • In all these components, the only capable of sending data over the internet is the DJI Mobile SDK. However, this is only possible if an Android device hosting the application (in your case the Samsung tablet) would have to be connected to a WiFi internet enabled network. In summary, the tablet is the only access point to the internet.
 
As long as the user does not manually connect to a WiFi network, there is no physical link between the Elios system and the internet, thus completely ensuring data safety. This may be enforced by installing a third party application which locks the wifi and Bluetooth functions.
 

Link between the Ground Control System and the UAV

The uplink from the GCS is encrypted so that it is virtually impossible for an external source to take control of the drone. The downlink is not encrypted, but the receiver must be paired to the UAV to access it. The pairing can only be done by manually launching the pairing by pressing a button on the drone.

Tapping into the downlink without a paired GCS is very complex and would require an expert with a sniffer device to access the digital downlink, all while being in range of the UAV.

 

The tablet

The tablet is the only device in our UAS that can connect to the internet. This only happens if the operator connects to a WiFi network. 

The tablet connects to the Ground Control Unit with a USB-C cable. In the event where the tablet connects to the internet, the Cockpit app does not share data with third-parties. However, users have the option to save to the device screen-recordings of the Cockpit app during flights as a backup should the drone be lost or damaged in-flight. In this case, if your tablet is hacked while it is connected to the internet your device screen-recording may be exposed to a security breach. As such, if you want to ensure the highest level of security, we recommend to permanently disable the tablet’s access to the internet.

 

Offline drone management & updating

The entire drone system can be operated without ever having been connected to the internet. In these cases, updates must be done offline.  The firmware on the drone, the app on the tablet and the Inspector software are all designed in-house.

 

Data collected by Flyability

Flyability only collects data in one instance: when the drone is armed while the tablet on the GCS is connected to the internet. In these cases, we collect the unit ID, which is encrypted and can only be read by Flyability, the time of flight, and the firmware version. Operators are notified of this and have the option to opt-out.