Blogs

Commercial drones: 7 rules for securing data in the ecosystem

January 18, 2019

Posted by: Anasia D'mello

Drones are no longer just for hobbyists. Their soaring commercial popularity has led to the International Standards Organisation (ISO) announcing the first ever worldwide drone standards for the industry; a move that will inevitably provide the framework for global regulation and legislation moving forward.

Similar regulatory initiatives are emerging across the world on a regional and national level, says Florent Abat, Drones & IoT director at Gemalto. For instance, the EU’s U-Space initiative is designed to regulate the use of commercial drones in the European aerospace, while the UK government is planning to announce a new Drones Bill early this year. This Bill is timely given the recent drone incursion incidents at Heathrow and Gatwick which highlighted the need for tougher rules on drone use in the UK.

Uncapped industry potential

Despite the wait on the mainstream adoption of drones, the technology is already beginning to display its industry capabilities. One ongoing development in this space is the integration of SIMs and eSIMs, these enable greater data storage and processing capabilities, and drones to fly safely Beyond Visual Line of Sight to carry out longer autonomous tasks.

The public sector, in particular, is one of the primary beneficiaries of this technology. For instance, the New York Police Department, America’s largest police force, is trialling drone technology in hostage situations as well as search and rescue operations. Drones will be used to scope out incidents before officers arrive, warning of any potential hazards or emergencies. Similarly, it was recently revealed that Chinese students have designed Net Guard, drone technology that uses netting to safely rescue those who have to abandon buildings due to fire emergencies.

Florent Abat

In healthcare, commercial drones are already being used to administer aid. Zipline, a Silicon Valley start-up, is supporting medical professionals by delivering medicine to those in hard-to-reach areas. Its work has already helped deliver 1,000 blood drops in Rwanda, saving lives and providing relief. While for conservation, an international team of scientists from the Leibniz Centre for Tropical Marine Research (ZMT) has developed a new method of investigating the condition of coral reefs using drones. The accuracy and detail of the images are far superior to costly satellite images.

Building a trusted eco-system

However, while upgrading drone technologies can push the market forward, successful deployment requires trust in the drone eco-system. Data, the most valuable modern currency, must be protected and collected in accordance with data privacy laws, otherwise there will be no trust and investment. Without industry buy-in, drones will have a short, rather than long-haul stay in the public spotlight.

If the market is to see more use cases like this, each stakeholder in the drone ecosystem must trust that the flow of data is secure, and that the technology is reliable. How can they do this? They can start by following these seven key considerations:

  1. Secure pilot and drone registration: The registration of pilots and drones with public authority servers needs to be secure and reliable, otherwise the authenticity of deployment cannot be trusted.
  2. Protection of sensitive data on the drone: Each commercial drone comes with built-in firmware, which stores sensitive data on the drone, so they can be flown. An effective way to protect the integrity of this data would be to store it in hardware tamper proof devices such as secure elements.
  3. Seamless and secure connectivity: For easy global deployment, drone manufacturers need their drones to connect seamlessly and securely to networks in all countries. In this regard, GSM networks are particularly adaptable for commercial drones, due to their proven field, secure infrastructure and coverage.
  4. Reliable drone tracking: Public authorities need to be able to reliably identify drones in real-time, anywhere. This could be achieved through secure-element-based security and cryptography, which ensure the integrity and proof of origin of the tracking data.
  5. Protection of flight control commands: Drones must be controlled by authorised platforms and operated by authorised pilots on the ground, and therefore must be protected against hacking. User-authentication solutions allow for authorised pilots to access the remote-control applications used to control the drones from ground stations or mobile devices.
  6. Confidentiality of data exchange between drones and operators: Certain confidential information such as public-safety-related information during rescue operations, must be kept private.
  7. Flight traceability data: All flight-related data must be securely stored and protected, for investigation or traceability purposes. This can be achieved with the use of secure servers on the cloud.

Delivering on their potential

To truly transform our lives, commercial drones require more than industry investment. In fact, collaboration between governments, regulators and enterprises is needed to prepare the appropriate regulatory framework and create a secure and trusted environment for drones to flourish.

The correct protocols, as outlined above, can ensure that drones and their pilots are registered, that their data is secure, traceable and confidential, and their connectivity is efficient and safe, so drones can be trusted by companies, governments and citizens to deliver a return on investment. 

Here’s a link to the video.

The author is Florent Abat, Drones & IoT director, Gemalto.

Comment on this article below or via Twitter @IoTGN