A Survey of Security Challenges and Solutions for UAS Traffic Management (UTM) and small Unmanned Aerial Systems (sUAS)

The rapid growth of small Unmanned Aerial Systems (sUAS) for civil and commercial missions has intensified concerns about their resilience to cyber-security threats. Operating within the emerging UAS Traffic Management (UTM) framework, these lightweight and highly networked platforms depend on secure communication, navigation, and surveillance (CNS) subsystems that are vulnerable to spoofing, jamming, hijacking, and data manipulation. While prior reviews of UAS security addressed these challenges at a conceptual level, a detailed, system-oriented analysis for resource-constrained sUAS remains lacking. This paper presents a comprehensive survey of cyber-security vulnerabilities and defenses tailored to the sUAS and UTM ecosystem. We organize existing research across the full cyber-physical stack, encompassing CNS, data links, sensing and perception, UTM cloud access, and software integrity layers, and classify attack vectors according to their technical targets and operational impacts. Correspondingly, we review defense mechanisms ranging from classical encryption and authentication to adaptive intrusion detection, lightweight cryptography, and secure firmware management. By mapping threats to mitigation strategies and evaluating their scalability and practical effectiveness, this work establishes a unified taxonomy and identifies open challenges for achieving safe, secure, and scalable sUAS operations within future UTM environments.

💡 Research Summary

The paper presents a comprehensive survey of cybersecurity challenges and mitigation strategies for small Unmanned Aerial Systems (sUAS) operating within the emerging UAS Traffic Management (UTM) framework. Recognizing that sUAS are lightweight, power‑constrained platforms increasingly used for commercial, industrial, and public‑service missions, the authors argue that traditional aviation‑grade security solutions are often unsuitable, necessitating a system‑oriented analysis that spans the entire cyber‑physical stack.

The authors first outline the baseline architecture of sUAS and UTM, emphasizing the three core functional pillars—Communication, Navigation, and Surveillance (CNS)—and extending the view to perception (camera, LiDAR, IMU) and software integrity layers. Typical data flows involve radio‑frequency (2.4 GHz/5.8 GHz) or cellular links for command‑and‑control (C2), telemetry, and video, GPS (often the sole navigation source), and Remote ID broadcasts that feed into cloud‑based UTM services. Figure 1 in the paper visualizes these interconnections and highlights the numerous external and internal interfaces that constitute attack surfaces.

The survey then classifies vulnerabilities into four categories:

1. Communication – RF jamming (constant, reactive, protocol‑aware), man‑in‑the‑middle (MITM) attacks, encryption cracking, Remote ID exploitation, and cloud‑service API abuse. Countermeasures include frequency‑hopping spread spectrum (FHSS), lightweight cryptography (e.g., SPECK, SIMON), DTLS/TLS for link protection, jamming detection via spectrum monitoring, and multi‑path routing.

2. Navigation – GPS jamming and spoofing, INS/IMU tampering, and loss of redundancy. Defenses consist of anti‑spoofing filters, cryptographic authentication of GNSS signals, differential GNSS, and sensor‑fusion techniques that combine visual odometry, LiDAR, and inertial data to cross‑validate position.

3. Perception – Camera/LiDAR data manipulation, stealthy physical perturbations, and adversarial attacks on machine‑learning models used for obstacle detection or autonomous decision‑making. Mitigations involve data authentication (digital signatures), sensor‑fusion based anomaly detection, adversarial training, and real‑time integrity checks.

4. Software – Firmware tampering, insecure over‑the‑air (OTA) updates, malicious code injection, and rootkits. The paper surveys secure boot, code signing, blockchain‑anchored update logs, and container or micro‑VM isolation as practical defenses for resource‑limited platforms.

For each mitigation, the authors evaluate three critical dimensions: scalability (ability to protect large fleets or swarms), real‑time performance (latency constraints inherent to flight control loops), and resource efficiency (CPU, memory, and power consumption). They note that while lightweight cryptographic primitives can encrypt/decrypt within 10–20 ms on 8‑bit microcontrollers, key management and mutual authentication infrastructure remain bottlenecks. Adaptive intrusion detection systems (IDS) provide high detection rates but require a training phase and raise privacy concerns when sharing telemetry across multiple operators.

The survey identifies gaps in current research. Most existing work focuses on securing communication links and GPS, whereas perception‑level attacks, AI‑driven adversarial threats, and the security of UTM cloud services receive comparatively little attention. The lack of standardized security protocols for Remote ID, OTA updates, and inter‑operator data exchange is highlighted as a barrier to widespread adoption.

Finally, the paper outlines open challenges and future directions: development of ultra‑lightweight authentication protocols, robust multi‑sensor fusion for navigation resilience, privacy‑preserving collaborative security mechanisms for drone swarms, and the establishment of a trusted chain of custody between on‑board systems and cloud‑based UTM components. By mapping threats to specific subsystems and assessing the practicality of existing countermeasures, the authors provide a unified taxonomy that can guide researchers, manufacturers, and regulators toward building a safer, more secure, and scalable sUAS ecosystem within the forthcoming UTM environment.