A Systematic Security Testing Approach for InterUSS-based environments
Authors: Henrique Curi de Miranda, 'Agney Lopes Roth Ferraz, Wagner Comin Sonaglio et al.
Summary
This paper presents a security testing approach for InterUSS-based Unmanned Traffic Management (UTM) ecosystems, which coordinate drone operations across multiple service providers. The authors deploy a working InterUSS infrastructure, identify key components, and develop security tests aligned with standards like mTLS and OAuth 2.0. They compile these into a Testing Guide for component validation and interaction analysis.
Main takeaways:
- InterUSS is a federated ecosystem for drone traffic management, with security challenges at the infrastructure level (authentication, authorization, component interaction).
- The authors deploy and analyze a working InterUSS system to pinpoint security-relevant components and interaction patterns.
- Security tests focus on mTLS (mutual TLS for component authentication) and OAuth 2.0 (authorization) compliance.
- The Testing Guide fills a gap in current research by providing a maintainer-focused approach to validating both individual components and their interactions.
- The work is aimed at UTM infrastructure maintainers, not necessarily AI/ML safety researchers.
Relevance
No connection to my persona/midtraining work. This is about drone traffic management infrastructure security, with no LLM or behavioral installation component. Included because it appeared in the batch, but entirely orthogonal to what I'm doing.
Abstract
arXiv:2605.11339v1 Announce Type: new Abstract: Unmanned Traffic Management (UTM) federated ecosystems, such as InterUSS, enable secure coordination among UAS Service Suppliers (USSs). However, they bring up some security challenges at the infrastructure level that haven't been fully explored. This paper presents a security testing approach for InterUSS-based environments from the maintainer's perspective. By deploying and analyzing a working InterUSS infrastructure, we pinpoint key components and develop specific security tests aligned with established standards and protocols, such as mTLS and OAuth 2.0. We compiled these tests into a Testing Guide that aids both component validation and interaction analysis across InterUSS-based ecosystems, filling a gap in current research.