XPONENTIAL Shifts to Virtual! Learn More
The best show floor for uncrewed and robotic technology just got even better. From an expanded list of exhibitors to brand new educational theaters, the XPO Hall will help you keep a pulse on where our industry’s headed.
Sit in on major keynotes and share your perspective during workshops. Together, we will explore the design, operationalization, integration, and safeguarding of uncrewed and robotic technology.
Hear the latest ideas for integrating technology across industries and help shape the standards and systems to get us there.
Welcome to your XPONENTIAL Exhibitor Console!
Update Online Company Profile - Company Description - Cross-Reference Categories
Introducing the "Hack Our Drone" workshop - providing participants the opportunity to exploit real world vulnerabilities and to chain them together to compromise an Uncrewed Aerial System (UAS). Vulnerabilities demonstrated in this workshop closely follow real world examples found while performing UAS security assessments. This is a hands-on 120 minute walkthrough highlighting cybersecurity weakness as implemented in the workshop "system under test". The "system under test" will be an actual production UAS with a handheld radio controller. The workshop is organized around four core components: Threat Modeling, Ground Control System, Uncrewed Aerial Vehicle, and Communications. Participants follow instructor-led guidance and documentation to find and exploit vulnerabilities in each of these components.
Learning Objectives:
The goals of the workshop are to help familiarize participants with understanding how cybersecurity vulnerabilities can be exploited to create attack chains which threaten the confidentiality, integrity, and availability of UAS.
Confidentiality weaknesses are demonstrated by retrieving private keys (from GCS or UAV) and using them to intercept encrypted communications Integrity weakness are demonstrated through spoofing of collected data. Availability weaknesses are demonstrated through establishing non-authorized command channels.
Limited to the first 32 attendees. First come, first served.
Agenda:
Session 1: Introduction and Threat Modeling (30 mins)
The introduction session is designed to get the workshop participants familiar with the classroom, instructors, instruction material, UAV, ground control system, and rules of engagement. Depending on available systems and the number of workshop participants, the workshop may be divided into teams.
Session 2: Ground Control System (30 mins)
This session will familiarize participants with the GCS. Several cybersecurity vulnerabilities will be available for students to exploit including kiosk escape, privilege escalation, and key extraction.
Session 3: Uncrewed Aerial Vehicle (30 mins)
This session will familiarize participants with the UAV. Several cybersecurity vulnerabilities will be available for students to exploit including boot loader exploits, data recovery, and rootkit persistence.
Session 4: Radio Communications (30 mins)
This session will familiarize participants with radio protocols, command and control, and data feeds. Several cybersecurity vulnerabilities will be available for students to exploit including sniffing and spoofing attacks against the C2 channels and/or data feeds.
Job Role: Educator/Instructor,Engineering/Technical,Student
Pass Type Required: VIP Pass,Full Conference Pass,Media/Press Pass
Tags: Security,Cybersecurity,Test and Evaluation