Cybersecurity Guidance on Drones and Swarms for the FAA

15 Jul, 2025

In June 2025, our research team submitted the "Best Engineering Practices for Automated Systems" final report to the Federal Aviation Administration (FAA). The goal was simple but ambitious: provide evidence-based foundations for guidance and policy on how unmanned aircraft systems (UAS) — drones — can safely and securely operate in the national airspace.

My contribution focused on the cybersecurity and cyber-physical security aspects, with particular attention to drone swarms. Below is a short summary of the key findings.

Why Cybersecurity for Drones Matters

Unlike traditional aircraft, drones rely heavily on lightweight, commercial-off-the-shelf (COTS) sensors and components. These are:

• Easy to spoof or jam — GPS, gyroscopes, and accelerometers have known vulnerabilities.
• Resource-constrained — drones can't always carry heavy, specialized security hardware.
• Highly networked — especially in swarms, where drones coordinate with each other.

That combination makes them both powerful and vulnerable. A single compromised drone can cascade into broader failures, especially when operating in crowded urban skies.

Baseline Threats and Defenses

We catalogued a set of baseline threats for UAS, including sensor spoofing, denial-of-service, GPS jamming, and communication link hijacking. For each, we identified recommended defenses, ranging from watermarking techniques for resilient state estimation to runtime monitoring for anomaly detection.

One key takeaway:

• Resilience matters more than prevention. Drones will always operate in contested or noisy environments — we need assurance that the system behaves safely even when under attack.

Swarm Security and Tuning

Swarms — groups of drones working together — multiply the benefits of autonomy but also the risks:

• Attack amplification: A cyber-attack that would minimally affect a single drone can destabilize an entire swarm.
• Collision risk: Compromised or lagging nodes can cause cascading failures in collision avoidance.

To address this, we studied swarm tuning approaches — systematic ways to configure swarm parameters (like collision avoidance thresholds and fitness functions) to balance safety, efficiency, and resilience.

We also introduced the concept of adversarial tuning: deliberately stress-testing swarm algorithms against simulated attacks to identify fragile configurations before deployment.

Recommendations for the FAA

Based on our analysis, we recommend that FAA guidance include:

1. Baseline defenses as certification requirements – Sensor watermarking, runtime monitoring, and secure-by-default communication protocols.

2. Swarm-specific safety criteria – Certification should account for the amplified impact of attacks in cooperative flight.

3. Simulation-based assurance – Use adversarial tuning and formal specifications to validate resilience in both single-drone and swarm deployments.

4. Performance-based certification – Move beyond static checklists: reward systems that demonstrate resilience in realistic testbeds and simulations.

Closing Thoughts

Cybersecurity for drones — especially swarms — is no longer optional. As the airspace grows more crowded, resilience against spoofing, interference, and coordinated attacks will be as critical as flight control or collision avoidance.

By grounding these recommendations in empirical tests and simulation results, our aim is to help the FAA build performance-based, forward-looking guidance that keeps the skies both open and safe.

If you're curious, the full report (185 pages!) covers everything from urban weather modeling to runtime verification and perception systems — a truly multi-disciplinary effort.