New Delhi, March 27: The Indian Defense Ministry has taken a significant step towards enhancing the security of indigenous drones. As drones become increasingly vital in modern warfare, their misuse poses new challenges. The Indian Army is rapidly developing drone warriors to bolster its capabilities. However, the reliance on foreign components, particularly from China, remains a major concern.
To address this, the Defense Ministry has released a draft security framework for drone testing on its official website. This comprehensive 34-page document outlines all aspects related to testing, focusing on identifying critical components based on their sensitivity and importance. It emphasizes component-level testing to ensure safety.
The framework aims not only at testing but also at producing secure drones for the armed forces. These drones must be protected against threats such as data theft, network compromise, and unauthorized access.
Currently, the framework applies to mini, micro, and small quadcopters and hexacopters. In the future, it will extend to advanced unmanned aerial systems (UAS) like Medium Altitude Long Endurance (MALE) and High Altitude Long Endurance (HALE) drones.
According to the framework, both hardware and software will undergo rigorous testing before any drone purchase. This includes vulnerability and penetration tests, encryption and secure boot tests, code signature, and firmware validation. Only drones passing these tests will enter the procurement process. Given the current limitations in fully indigenous production of microchips and communication devices, the certification and testing system is being strengthened as an interim solution.
The framework also highlights potential threats. Adversaries could intercept communication between drones and control stations, send fake commands, or take complete control of the drones. GPS jamming and spoofing could divert drones, while data theft or tampering remains a significant risk.
Key components such as flight controllers, firmware, GPS/INS systems, sensors, transmission-reception units, and ground control software are identified as the most sensitive. A weakness in any of these could jeopardize the entire drone system. The use of foreign components increases this risk, as updates or firmware could unknowingly transmit data outside.
To mitigate these risks, the government emphasizes a “Secure by Design” approach and promotes indigenous manufacturing.
The Indian Army has already procured a large number of drones, with several contracts still in progress, including logistics and surveillance drones. Strict rules and protocols are in place for procurement. Contracts involving drones with Chinese parts have been canceled. Previously, a self-certification was required from suppliers, declaring that their products contained no Chinese components. However, some products were found to have Chinese parts despite certification, leading to the cancellation of a contract for three types of logistics drones.
Chinese hackers are notorious for cyberattacks, and most drones available in the market are either Chinese or contain Chinese parts. The Army has implemented a policy requiring companies to certify that their products do not contain any malicious code that could compromise drones or networks. Certificates provided by companies undergo thorough scrutiny at multiple levels. Drones found to have Chinese parts are immediately disqualified from the procurement process, and associated contracts are canceled.
Leave a Comment