Remote Sensors and Stuff

The "stuff" is doing a lot of heavy lifting.

Tag: Radio

  • Detect and Avoid Basics

    Detect and Avoid Basics

    Featured image: Simulation of Naples, Italy airspace in IVAO’s Aurora ATC simulator. Image by Giovanni Rizza, Wikimedia Commons. CC BY-SA 4.0.

    A side note about terminology: “Detect and Avoid” (DAA) and “Sense and Avoid” (SAA) are commonly used to refer to the same process. I have elected to use “Detect and Avoid” to conform to the terminology used by the FAA in their proposed Part 108, which will contain most of the regulatory basis for beyond visual line of sight (BVLOS) DAA procedures. When discussing evasive maneuvers, I have elected to use the term “sense” or “maneuver sense” to refer to a selected maneuver and its direction as with a TCAS Resolution Advisory.

    As we begin to rely more on more on large UAS platforms with hybrid electric powerplants and multiple hours of endurance, it becomes more and more difficult to carry out missions without going BVLOS. How then, when we don’t have visual contact with the UAV, do we make sure it isn’t abruptly filled with bloodlust and attempting to ram unsuspecting SR22s? That task falls to the Detect and Avoid (DAA) system.

    Detect and Avoid: Primary Functions

    There are two primary functions of a DAA system. The first is to ensure that the UAV “remains well clear” (RWC) of other aircraft and, depending on UAS design, potentially wildlife or structures. This is similar to the Part 91 requirement for a manned aircraft to not pass over, under, or in front of another aircraft unless “well clear.” To determine if the UAV is “well clear” of other aircraft, the DAA system will create an imaginary RWC area around it and its course. If an object (or a track that object is following) enters the RWC area, the DAA system will determine how the UAV can maneuver to avoid it.

    An example of an RWC action, not to scale. The RWC area is indicated in blue. The projected tracks of the UAV and target aircraft will bring the target within the RWC area, so the UAV proactively avoids it. In this example the UAV has chosen a maneuver sense that causes it to pass behind the right-of-way aircraft.

    The second primary function of the DAA system is collision avoidance (CA). Within the RWC area is a second, smaller CA area. If an object enters this CA area, the DAA system will consider it a separation loss and assume the UAV is in immediate danger. During a CA situation, the DAA system will take more drastic measures to regain separation, possibly including unauthorized airspace incursions.

    An example of a CA situation, not to scale. The RWC area is indicated in blue, and the CA area is indicated in red. The UAV has failed to detect the target aircraft in time to remain well clear of it, and must now take immediate evasive action to avoid a collision.

    Detect and Avoid: By the Numbers

    Everything discussed so far is relatively intuitive. If something is too close to us, or will be too close to us in the future, we get out of its way. Unfortunately, computers generally don’t have very good intuition, so we have to break the process down into specific tasks to be evaluated programmatically by different components of the UAS. We can use any number of DAA frameworks to keep the process human-readable, two of which are illustrated below.

    Two examples of DAA frameworks. The DoD-style Sense and Avoid Blueprint breaks the encounter down into more granular tasks while the Conflict Detection and Resolution framework is focused on the broad processes involved.

    For the remainder of this post I will be focused on the observe – orient – decide – act encounter timeline due to its higher granularity, but much of the information also applies to the CDR framework.

    Observation

    The first and most obvious set of tasks is to observe our surroundings. Observation is ideally carried out at all times, and the rest of our tasks are predicated on data collected during this step. There are three components to observation:

    • Detect targets: Before we can do anything else, we must know that something is nearby.
    • Track targets: Once a target is detected, we must build a track using repeated observations of its position and speed in order to predict where it will be in the future.
    • Fuse target tracks: Ideally the UAS has multiple sensors with which to detect an object, but that means an object will generate multiple tracks. To get an accurate picture of our surroundings we must detect when multiple tracks are created by the same object and fuse them into one highly detailed target.

    Sensors

    Our UAS (hopefully) lacks eyes, so the process of observation is instead carried out by sensor systems, both onboard and remote. Sensors are broadly separated into cooperative and non-cooperative, then further into active and passive. Cooperative sensors receive information from sensors onboard the target itself, while non-cooperative sensors do not. Active sensors are emissive and must direct energy towards a target to detect it, while passive sensors only receive energy from the target and environment (Barnhart et al., 2021; Nichols et al., 2019).

    Cooperative sensors available to us vary depending on the type of target we expect to detect. Manned aircraft are often equipped with transponders that can be interrogated and ADS-B equipment that we can receive automatic broadcasts from. A UAS operating under Part 107 can’t be equipped with either of those (14 CFR § 107.52 et seq.), but can instead be equipped with a Remote ID broadcast system which serves some of the same functions (14 CFR § 89).

    At time of writing, a UAS operating BVLOS under the FAA’s proposed Part 108 would be required to yield right-of-way to “electronically conspicuous” aircraft (14 CFR Proposed § 108.195). This means that the UAS must have both the ability to detect Universal Access Transceivers (both ADS-B and handheld equivalents) and the ability to fuse tracks generated from them with those generated by its other sensors. A Part 108-compliant UAS must be able to communicate with an automated data service provider (ADSP) described in the proposed Part 146, which also acts as a type of cooperative pseudo-sensor (14 CFR Proposed §§ 108.190, 146).

    Non-cooperative sensors available to us include passive optical and thermal sensors (cameras, if you will), laser-based active rangefinding systems such as lidar, radar, and active or passive acoustic sensors (Barnhart et al., 2021; Sabins & Ellis, 2020).

    SensorEnergy CharacteristicsNetworkingNotes
    VIS CamerasPassive, visible light-basedNon-cooperativeIncludes standard and low-light amplification cameras
    IR CamerasPassive, infrared light-basedNon-cooperativeIncludes NIR/MWIR/LWIR, commonly implemented in FLIR systems
    LaserActive, UV or infrared-basedNon-cooperativeIncludes LIDAR systems and traditional laser rangefinders
    RadarActive, RF-basedNon-cooperativeIncludes onboard X-band radars, ground-based ASR, etc.
    AcousticActive or passive, sound-basedNon-cooperativeIncludes standard acoustic sensors and ultrasonic sensors
    TransponderActive, radio-basedCooperativeSystems that must be interrogated e.g. Mode C/S
    TransceiversPassive, radio-basedCooperativeAutomatic transceivers e.g. UAT/ADS-B, Remote ID
    At-a-glance comparison of sensor types theoretically available to us. Note. Data contained in the table is from Introduction to Unmanned Aircraft Systems (3rd ed.) by Barnhart et al. (2021); Unmanned Aircraft Systems in the Cyber Domain: Protecting USA’s Advanced Air Assets (2nd ed.) by Nichols et al. (2019); Remote Sensing: Principles, Interpretation, and Applications (4th ed.) by Sabins et al. (2020).

    Orientation

    Once we know that a target exists, it’s helpful to know what we’re dealing with. Orientation is the process through which we identify targets and determine what level of threat they pose. There are three components to orientation:

    • Identify target: Before we can prioritize targets we must determine what characteristics they exhibit and potentially what they are.
    • Evaluate threat: If we do nothing about this target, what will happen to us? Will we pass each other harmlessly, risk violating our RWC area, or risk a collision?
    • Prioritize threat: Which of the targets we’re currently tracking are the most dangerous? Which can be safely ignored? More significant threats must be handled before less significant ones.

    Target identification is important for deciding what level of threat the target poses and what type of evasion strategy will be used later. Information previously gathered by our sensors can be re-used by either traditional algorithms or machine learning models to determine what class of target is being tracked (Opromolla & Fasano, 2021; Said Hamed Alzadjali et al., 2024). For this purpose, target characteristics such as size, speed, emissions, presence of cooperative sensors, ADSP data, etc. can allow us to determine the target class (UAS, manned aircraft, bird, structure, terrain) with some degree of confidence (Barnhart et al., 2021).

    Decision

    Anyone familiar with TCAS is already familiar with the decision tasks, as TCAS carries out a similar process of declaring intent and selecting an evasive maneuver sense for manned aircraft. Now that we know that one or more threats are present and which are the most threatening, we can decide what to do about them. There are two components to the decision:

    • Declare intent: The DAA system informs the pilot or flight controller that a course correction or evasive maneuver is needed.
    • Maneuver sense: The DAA system determines the appropriate maneuver and sense to correct the problem and informs the pilot, flight controller, and/or ATC.

    In order to make an appropriate decision, the DAA system requires information about the target, the UAV itself, and the airspace it’s operating in. The DAA system must decide how to avoid the target while staying within its allowed airspace if possible, avoiding crossing senses (e.g. climbing or descending across the target’s altitude) if possible, and complying with yielding requirements if possible. In some situations, the DAA system may also be required to coordinate with ATC before proceeding to the final tasks.

    At time of writing, a UAS operating BVLOS under the proposed Part 108 has different maneuvering options depending on the airspace, separation, and whether or not the target is “electronically conspicuous.” Certain airspaces require the UAS to yield right-of-way to all manned aircraft, others only require it to yield to “electronically conspicuous” manned aircraft. At certain distances the UAS may only be allowed to pass behind the target, while at others the DAA may also be able to make a TCAS-style over/under sense decision (14 CFR Proposed § 108.195).

    Action

    Once we have a plan of attack, it’s time to act. There are three components to the action:

    • Command: The pilot or flight controller commands the UAS to initiate the maneuver, either through manipulating the controls or by automated process.
    • Execute: The UAV itself executes the maneuver within the specified window and the DAA system verifies its effect.
    • Return to course: The UAS decides how to return to course its original course or become established on an amended course.

    During these tasks, it’s critical that the DAA system continue to track all involved targets and re-evaluate the threats they pose. An unexpected maneuver from a target being avoided may require a different maneuver to counteract or may escalate a RWC to a CA. Similarly, a successful CA will likely provoke a follow-up RWC action, preventing the UAS from returning to course until it’s entirely clear of the target.

    At time of writing, a UAS operating BVLOS under the proposed Part 108 must inform the FAA and all other airspace users of its successful deconfliction by way of ADSP (14 CFR Proposed § 108.190).

    References

    Barnhart, R. K., Marshall, D. M., & Shappee, E. (Eds). (2021). Introduction to unmanned aircraft systems (3rd ed). CRC Press.

    Nichols, R., Mumm, H., Lonstein, W., Ryan, J., Carter, C., & Hood, J. P. (2019). Unmanned Aircraft Systems in the cyber domain: Protecting USA’s advanced air assets (2nd ed). New Prairie Press.

    Federal Aviation Administration. (2025). Normalizing unmanned aircraft systems beyond visual line of sight operations, 14 CFR Proposed §§ 108, 146. https://www.federalregister.gov/documents/2025/08/07/2025-14992/normalizing-unmanned-aircraft-systems-beyond-visual-line-of-sight-operations

    Opromolla, R., & Fasano, G. (2021). Visual-based obstacle detection and tracking, and conflict detection for small UAS sense and avoid. Aerospace Science and Technology, 119. https://doi.org/10.1016/j.ast.2021.107167

    Remote Identification of Unmanned Aircraft, 14 CFR § 89. (2026). https://www.ecfr.gov/on/2026-03-10/title-14/chapter-I/subchapter-F/part-89

    Sabins, F., & Ellis, J. (2020). Remote sensing: Principles, interpretation, and applications (4th ed). Waveland Press.

    Said Hamed Alzadjali, N., Balasubaramainan, S., Savarimuthu, C., & Rances, E. (2024). A Deep Learning Framework for Real-Time Bird Detection and Its Implications for Reducing Bird Strike Incidents. Sensors, 24 (17). https://doi.org/10.3390/s24175455

    Small Unmanned Aircraft Systems, 14 CFR § 107. (2026). https://www.ecfr.gov/on/2026-03-10/title-14/chapter-I/subchapter-F/part-107

  • UAS Threat Modeling

    UAS Threat Modeling

    When asked to imagine a potential vulnerability of any piece of robotics, most people will immediately envision a scene straight out of a cyberpunk novel where a hacker in a black coat and mirrorshades remotely seizes control of the system with a few keystrokes, turning it on its owner. While reality isn’t usually so dramatic (or stylish), UAS operators do have a number of potential threats that they must be aware of.

    Attacks on the Control Link

    Most UAS operate within the bounds of some type of control link. Depending on mission scope and the capabilities of the system, an individual drone may either be operated directly through a control link, or operate primarily autonomously but respect control link inputs in case of emergency. Both setups provide a potential attack vector that can be exploited by an adversary.

    Small black electronic component with an antenna
    Example of a common ExpressLRS receiver. This device translates radio signals (2.4 GHz in this case) into pulse width modulation signals used to directly control electric motors or LEDs, such as those on a fixed wing drone. These are simple, cheap, insecure, and common on low cost or home-built fixed wing drones.

    The most obvious goal of an attack on the control link is to seize control of the drone, either as simple theft or in order to use its onboard sensors or weapons against personnel that may be unaware that the drone is compromised. While this scenario is unlikely, it’s not impossible. For example, researchers have demonstrated that ExpressLRS, a common control link solution for low cost drones (including ones used in the ongoing conflict in Ukraine), was vulnerable to being overridden and hijacked by a dedicated attacker with relatively common equipment (NCC Group, 2022).

    The second most obvious goal of an attack on the control link is to “mission kill” it by removing an operator’s ability to direct it manually. Most drones are programmed to return to a predetermined location or make an emergency landing if they don’t receive packets from their ground control station for a certain amount of time, and lower cost systems may instead simply continue on their present courses indefinitely or cut power to motors and fall to the ground. This goal can be accomplished by much more simple methods of attack such as radio jamming, which has its own set of countermeasures such as automatic frequency/band hopping or hardwired fiber optic transmission systems seen in Ukraine (Doodle Labs, 2024).

    Attacks on Sensors

    There are two broad categories of sensors used by UAS platforms currently on the market: those used for navigation, and mission-specific payloads (Sabins & Ellis, 2020). While mission-specific payloads may be vulnerable to attack (e.g. by pointing a powerful laser at a camera or lidar sensor), attacks on navigational sensors are much larger threats.

    As drones typically lack radio navigation systems and have few if any traditional instruments onboard, they rely heavily on some combination of GNSS, magnetometers, cameras, lidar, and ultrasound for navigation. These sensors are all vulnerable to external interference and disabling them can easily cripple the drone. Some, but not all, of these sensors have built-in mitigation strategies, such as OSNMA or Chimera for GNSS systems (Rusu-Casandra & Lohan, 2025).

    Example of a common Remote ID broadcast module. This device provides GPS and magnetometric data to the drone while broadcasting a unique identifier and the drone’s location. This component allows a drone to be easily tracked and provides a single point of failure while operating BVLOS.

    Sensor attacks can be executed on their own (e.g. jamming a camera feed or lidar sensor to cause a crash), or they can be executed in tandem with other attack vectors (e.g. spoofing a GPS location while disrupting the control link, causing the drone to “return home” to a location the adversary controls). A more sophisticated adversary is less likely to rely entirely on a sensor attack, and sensor attacks vary wildly in both threat level and barrier to entry.

    Attacks on the Network

    Many drones have some form of WiFi or cellular modem onboard. These may be used for programming and maintenance tasks (e.g. changing settings on a flight controller or retrieving saved video) or as a transmission method for the control link. A network connection offers huge benefits, but also increases the UAS’ attack surface considerably.

    Network-based control links may be vulnerable to a deauthentication attack, which exploits malformed packet handling or standard commands to cause the target drone to terminate its own control link (Branco et al., 2024). They may also be vulnerable to a replay attack, where an adversary captures packets containing authentication data and retransmits them to send conflicting instructions to the flight controller.

    Network connections for other components vary in application. The Bluetooth or WiFi connection of a Remote ID broadcast module is useful to an adversary who wants to identify or track the drone or its operator. The WiFi connection of a flight controller may allow an adversary to get a shell on the device, giving them direct access to control surfaces, settings, and firmware of the drone.

    Any type of network connection that relies on infrastructure the operator doesn’t control, such as a control link operating over a cellular connection, is further vulnerable to more traditional network attacks such as denial of service or man-in-the-middle attacks.

    Network attacks are extreme threats to any UAS vulnerable to them, and can often be executed with common hardware and freely available software.

    Attacks on the Supply Chain

    One final note: a more abstract threat that an operator should still be at least aware of is the supply chain attack. The same way that you must assume that a system an adversary has physical access to is compromised, you must assume that equipment provided by an adversary is also compromised.

    Unfortunately, you can’t always tell who the adversary is until they make their move. This is the nature of so-called “advanced persistent threats,” which may silently compromise systems well in advance of the event that triggers detection (referred to as “dwell time”). In a supply chain attack, an actor can use their access to manufacturers or shipping services to compromise a system, potentially undetectably, before it ever reaches the end user.

    While supply chain attacks are difficult to detect and mitigate, an operator can consider their risks when deciding what equipment to use for what tasks. The more sensitive the payload or information onboard the drone is, the more resistant the drone should be to supply chain attacks. Drones used for sensitive tasks may require NDAA-compliant components, more trusted vendors, or (in extreme cases) documentation and certification processes for each component.

    References

    Branco, B., Silva, J. S., & Correia, M. (2024). D3S: A drone security scoring system. Information 15(12), 811. https://doi.org/10.3390/info15120811

    Doodle Labs. (2024). SENSE – Interference avoidance configuration. Doodle Labs technical library. https://techlibrary.doodlelabs.com/sense

    NCC Group. (2022). Technical advisory: ExpressLRS vulnerabilities allow for hijack of control link. https://www.nccgroup.com/research-blog/technical-advisory-expresslrs-vulnerabilities-allow-for-hijack-of-control-link/

    Rusu-Casandra, A., & Lohan, E. S. (2025). Experimental assessment of OSNMA-enabled GNSS positioning in interference-affected RF environments. Sensors 25(3), 729. https://doi.org/10.3390/s25030729

    Sabins, F., & Ellis, J. (2020). Remote sensing: Principles, interpretation, and applications. Waveland Press.