Wagner Comin Sonaglio

Henrique Curi de Miranda, Ágney Lopes Roth Ferraz, Wagner Comin Sonaglio et al.

Unmanned Traffic Management (UTM) federated ecosystems, such as InterUSS, enable secure coordination among UAS Service Suppliers (USSs). However, they bring up some security challenges at the infrastructure level that haven't been fully explored. This paper presents a security testing approach for InterUSS-based environments from the maintainer's perspective. By deploying and analyzing a working InterUSS infrastructure, we pinpoint key components and develop specific security tests aligned with established standards and protocols, such as mTLS and OAuth 2.0. We compiled these tests into a Testing Guide that aids both component validation and interaction analysis across InterUSS-based ecosystems, filling a gap in current research.

Wagner Comin Sonaglio, Ágney Lopes Roth Ferraz, Lourenço Alves Pereira Júnior

UAVs are increasingly deployed in critical applications and rely on 5G networks for long-range command-and-control (C2) connectivity. As the C2 channel is safety-critical, disruptions or manipulation of this communication channel may lead to loss of control, mission failure, or safety incidents. The architectural complexity of 5G standalone (SA) introduces logical attack surfaces that may affect such applications, yet the impact of logical vulnerabilities in the 5G architecture on UAV command-and-control carried over cellular infrastructure has received little attention. In this work, we develop a reproducible testbed that emulates 5G SA and integrates a UAV C2 channel using MAVLink over the 5G User Plane through Open5GS and UERANSIM. We define three threat models (rogue UE in the same slice and DNN, insider with access to the N4 interface, compromised gNodeB) and implement representative attacks. Our evaluation shows that a rogue UE can inject C2 commands and force the UAV to land; an insider can tear down PDU sessions via PFCP and trigger UAV failsafe; a compromised gNodeB can alter MAVLink navigation commands and redirect the UAV. The results demonstrate that logical attacks on the 5G architecture can compromise UAV C2 without breaking air-interface encryption, revealing cross-layer vulnerabilities between cellular infrastructure and UAV communication protocols. We provide a threat-model framework, experimental evidence, and mitigations (MAVLink signing, integrity protection on N3 and N4 interfaces) for operators and system designers deploying UAVs over 5G.