NOTE: This is a draft version of the article "Hacking Drones" that was published in Scientific American in November 2013, 309, 54-59. The draft posted here differs significantly from the published article but includes citations to our sources. The online Scientific American article is available online under the following title, "Better Security Measures Are Needed Before Drones Roam the U.S. Airspace."

Introduction:

On August 2, 2010, a Navy helicopter entered the highly restricted airspace above Washington, D.C. without permission. The event might have passed as unre- markable but for the fact that no-one was piloting the helicopter: as an unmanned aircraft, it carried no humans onboard, and—somehow—the vital communications link to its ground operators had been lost. The 1,429-kilogram MQ-8B Fire Scout flew entirely on its own for 30 minutes, blithely drifting through the airspace near nation’s capital.

Ground operators at Naval Air Station Patuxent River in Maryland eventually regained control of the craft and ordered it to return to base, later diagnosing the cause of the unintended excursion as a “software issue.” But in fact more than one error had occurred: not only did the Fire Scout lose its communications link, it failed to execute its “return-to-base” lost-link protocol. So even as one Navy official put a good face on the incident by praising the reliability of the unmanned aircraft’s autopilot system, most saw it as a disconcerting example of the unresolved safety and security issues surrounding unmanned aircraft.

Cite and download the draft:
K. Wesson and T. Humphreys, "Unhackable Drones: The Challenges of Securely Integrating Unmanned Aircraft into the National Airspace," April 2013, draft submitted to Scientific American