Galileo and EGNOS as an asset for UTM safety and security

GAUSS (Galileo-EGNOS as an Asset for UTM Safety and Security) is a H2020 project1 that aims at designing and developing high performance positioning systems for drones within the U-Space framework focusing on UAS (Unmanned Aircraft System) VLL (Very Low Level) operations. The key element within GAUSS is the integration and exploitation of Galileo and EGNOS exceptional features in terms of accuracy, integrity and security, which will be key assets for the safety of current and future drone operations. More concretely, high accuracy, authentication, precise timing (among others) are key GNSS (Global Navigation Satellite System) enablers of future integrated drone operations under UTM (UAS Traffic Management) operations, which in Europe will be deployed under U-Space [1]. The U-Space concept helps control, manage and integrate all UAS in the VLL airspace to ensure the security and efficiency of UAS operations. GAUSS will enable not only safe, timely and efficient operations but also coordination among a higher number of RPAS (Remotely Piloted Aircraft System) in the air with the appropriate levels of security, as it will improve anti-jamming and anti-spoofing capabilities through a multi-frequency and multi-constellation approach and Galileo authentication operations. The GAUSS system will be validated with two field trials in two different UTM real scenarios (in-land and sea) with the operation of a minimum of four UTM coordinated UAS from different types (fixed and rotary wing), manoeuvrability and EASA (European Aviation Safety Agency) operational categories. The outcome of the project will consist of Galileo-EGNOS based technological solutions to enhance safety and security levels in both, current UAS and future UTM operations. Increased levels of efficiency, reliability, safety, and security in UAS operations are key enabling features to foster the EU UAS regulation, market development and full acceptance by the society.Peer ReviewedPostprint (author's final draft

Mass-Market Receiver for Static Positioning: Tests and Statistical Analyses

Nowadays, there are several low cost GPS receivers able to provide both pseudorange and carrier phase measurements in the L1band, that allow to have good realtime performances in outdoor condition. The present paper describes a set of dedicated tests in order to evaluate the positioning accuracy in static conditions. The quality of the pseudorange and the carrier phase measurements let hope for interesting results. The use of such kind of receiver could be extended to a large number of professional applications, like engineering fields: survey, georeferencing, monitoring, cadastral mapping and cadastral road. In this work, the receivers performance is verified considering a single frequency solution trying to fix the phase ambiguity, when possible. Different solutions are defined: code, float and fix solutions. In order to solve the phase ambiguities different methods are considered. Each test performed is statistically analyzed, highlighting the effects of different factors on precision and accurac

Vulnerability anti-patterns:a timeless way to capture poor software practices (Vulnerabilities)

There is a distinct communication gap between the software engineering and cybersecurity communities when it comes to addressing reoccurring security problems, known as vulnerabilities. Many vulnerabilities are caused by software errors that are created by software developers. Insecure software development practices are common due to a variety of factors, which include inefficiencies within existing knowledge transfer mechanisms based on vulnerability databases (VDBs), software developers perceiving security as an afterthought, and lack of consideration of security as part of the software development lifecycle (SDLC). The resulting communication gap also prevents developers and security experts from successfully sharing essential security knowledge. The cybersecurity community makes their expert knowledge available in forms including vulnerability databases such as CAPEC and CWE, and pattern catalogues such as Security Patterns, Attack Patterns, and Software Fault Patterns. However, these sources are not effective at providing software developers with an understanding of how malicious hackers can exploit vulnerabilities in the software systems they create. As developers are familiar with pattern-based approaches, this paper proposes the use of Vulnerability Anti-Patterns (VAP) to transfer usable vulnerability knowledge to developers, bridging the communication gap between security experts and software developers. The primary contribution of this paper is twofold: (1) it proposes a new pattern template – Vulnerability Anti-Pattern – that uses anti-patterns rather than patterns to capture and communicate knowledge of existing vulnerabilities, and (2) it proposes a catalogue of Vulnerability Anti-Patterns (VAP) based on the most commonly occurring vulnerabilities that software developers can use to learn how malicious hackers can exploit errors in software

Tree-based Intelligent Intrusion Detection System in Internet of Vehicles

The use of autonomous vehicles (AVs) is a promising technology in Intelligent Transportation Systems (ITSs) to improve safety and driving efficiency. Vehicle-to-everything (V2X) technology enables communication among vehicles and other infrastructures. However, AVs and Internet of Vehicles (IoV) are vulnerable to different types of cyber-attacks such as denial of service, spoofing, and sniffing attacks. In this paper, an intelligent intrusion detection system (IDS) is proposed based on tree-structure machine learning models. The results from the implementation of the proposed intrusion detection system on standard data sets indicate that the system has the ability to identify various cyber-attacks in the AV networks. Furthermore, the proposed ensemble learning and feature selection approaches enable the proposed system to achieve high detection rate and low computational cost simultaneously.Comment: Accepted in IEEE Global Communications Conference (GLOBECOM) 201