| 基于MAVLink协议的无人机系统安全通信方案 |
| |
| 引用本文: | 张凌浩,王胜,周辉,陈一凡,桂盛霖.基于MAVLink协议的无人机系统安全通信方案[J].计算机应用,2020,40(8):2286-2292. |
| |
| 作者姓名: | 张凌浩 王胜 周辉 陈一凡 桂盛霖 |
| |
| 作者单位: | 1. 国网四川省电力公司 电力科学研究院, 成都 610000;2. 国网四川省电力公司 检修公司, 成都 610041;3. 电子科技大学 计算机科学与工程学院, 成都 611731 |
| |
| 基金项目: | 国网四川省电力公司科技资助项目(521997170017)。 |
| |
| 摘 要: | MAVLink是一种应用于无人机(UAV)与地面站(GCS)之间的轻量级通信协议,它定义了一组包括UAV状态和GCS控制命令的UAV与GCS交互的双向消息。针对MAVLink协议缺乏足够的安全机制,存在可能导致严重威胁和隐患的安全漏洞的问题,提出了一种基于MAVLink协议的UAV系统安全通信方案。首先,UAV持续交替广播连接请求。然后,GCS向UAV发送公钥,双方利用DH算法进行密钥协商计算出共享密钥,并使用AES算法对MAVLink消息包进行加密通信,完成身份认证;若UAV在规定时间内未收到GCS发送的公钥或对MAVLink消息包解密错误则主动断开连接,更新公钥后重新广播连接请求。另外,针对UAV系统存在被恶意篡改的安全问题,在启动引导时对UAV系统固件进行了自校验。最后,基于形式化验证工具UPPAAL证明了所提方案具有活性、可连接性以及连接唯一性,并对UAV PX4 1.6.0与GCSQgroundControl3.5.0的通信过程进行抓包测试。结果表明,所提的UAV系统安全通信方案能够防止在UAV与GCS通信过程中存在的恶意窃听、篡改消息、中间人攻击等恶意攻击,并且对UAV性能影响较小,较好地解决了MAVLink协议存在的安全漏洞。
|
| 关 键 词: | 无人机 安全功能 安全通信 自校验 形式化验证 |
| 收稿时间: | 2019-12-24 |
| 修稿时间: | 2020-02-25 |
Secure communication scheme of unmanned aerial vehicle system based on MAVLink protocol |
| |
| ZHANG Linghao,WANG Sheng,ZHOU Hui,CHEN Yifan,GUI Shenglin.Secure communication scheme of unmanned aerial vehicle system based on MAVLink protocol[J].journal of Computer Applications,2020,40(8):2286-2292. |
| |
| Authors: | ZHANG Linghao WANG Sheng ZHOU Hui CHEN Yifan GUI Shenglin |
| |
| Affiliation: | 1. Electric Power Research Institute, State Grid Sichuan Electric Power Company, Chengdu Sichuan 610000, China;2. Maintenance Company, State Grid Sichuan Electric Power Company, Chengdu Sichuan 610041, China;3. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 611731, China |
| |
| Abstract: | The MAVLink is a lightweight communication protocol between Unmanned Aerial Vehicle (UAV) and Ground Control Station (GCS). It defines a set of mutual bi-directional messages between UAV and GCS, including UAV states and GCS control commands. However, the MAVLink protocol lacks sufficient security mechanisms, and there are security vulnerabilities that may cause serious threats and hidden dangers. To resolve these problems, a security communication scheme for the UAV system based on the MAVLink protocol was proposed. First, the connection requests were broadcasted by the UAV constantly and alternately; then the public key was sent to the UAV by the GSC, and the DH algorithm was used by both sides to negotiate a shared key, and the AES algorithm was used to encrypt the communication on MAVLink message packages, achieving identity authentication. If the UAV did not receive the public key sent by the GCS within the specified time or a decryption error on MAVLink message package happened, the UAV would actively disconnect and update a new public key to rebroadcast the connection request. In addition, concerning the security problem of the UAV system being maliciously tampered with, the system firmware was self-checked during booting. Finally, based on the formal verification platform UPPAAL, it has been proved that the proposed scheme has the security properties of liveness, connectability and connection uniqueness. Results of the communication process between UAV PX4 1.6.0 and GCS QgroundControl 3.5.0 show that the proposed secure communication scheme of UAV system can prevent malicious eavesdropping, message tampering, man in the middle attack and other malicious attacks in the communication process between UAV and GCS, and solve the security vulnerabilities of MAVLink protocol well with little effect on UAV performance. |
| |
| Keywords: | Unmanned Aerial Vehicle (UAV) security function secure communication self-checking formal verification |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
