Introduction

DroLa is a Secured Drone Monitoring System using LORA. Nowadays Drones are flying here and there and this may cause a security and privacy issues. No authority to monitor and and identified the drones who flying and where. There is a significant requirement of a system by authorities to know who are flying and whether they are registered or not. This system should be a secure system otherwise others may take the sensitive details of drones. Then it may cause for a drone hijack. Nowadays there are many kinds of commercial and noncommercial drones, then it required a common way to get drone id and location without accessing to the drone firmware. So we are introducing a simple secured system to monitor drones. This contains separate hardware units for drones which can easily mount on any kind of commercial or non-commercial drones. Then there is a server system and Web base application for authorities to monitor drones.

LoRa for Drone

Lora is a low power communication mechanism which is available long communication range more than 10 meters. It is easy to setup a LoRa WAN and cover a large area. Some countries already have LoRa Networks which covers whole country. So LoRa communication is a deployable solution. We are going to separately mount a module on drone so this also should be powered separately. So power consumption is more considerable and LoRa is a good option for Low power Long Range Communication.

Secure Message protocol

Why AES

To monitor the drones End node modules should transmit their id and location. This is a one way communication. We are using a micro-controller which has a low processing power and low memory, as the central processing unit of end node. So it is hard to run a heavy security protocol like RSA. At the current stage we are not using separate processing unit for security requirements, so AES is the greedy solution with currently available resources. But we can use a dedicated hardware for security purposes as a further development.

Secure message flow

Each drone has a public unique id. At the Base station a private unique key is generate for each drone using base station master key and drone's unique id. Drone sends unique id as plain text and sensitive data as cipher text. Base station can identify the drone using plain texted unique id and then it can decrypt data using the relavant key to the unique id. This provides both encryption and authentication.

Payload structure

We are using Ebyte E45-TTL-100_EN LoRa modules. We configured module as describe in sections "Base station" and "End Node". Ebyte LoRa enables 56 bytes of payload for a packet. So we think to pack the sensitive data to a single packet to improve the efficiency. Packet payload structure is describes as below.

We are using AES 256 CBC to encrypt sensitive data. It allows 32 bytes per a cycle. So we encrypt the last 32 bytes except the unique id. So this takes only one cycle to encrypt the whole packet.

End Point Nodes

This is the Hardware module prototype for the Drola End Node which is designed to mount on a Drone. This is the Lora module Parameters currently set for the Drola end node, but this is not the optimized parameter selection.

This is shematic of the end node circuit design.

You can get the shematic file for the Drola End Node, designed using eagle here.

you can access the firmware for Drole end node here

Drola Base Station

This is the current parameter settings for the Drola base node LoRa module. But this is not the optimized selection of parameters.

This the shematic for the circuit design of LoRa Base node. You can just use a TTL module or rs232 module. but note that you need to pull up the M0 and M1 pins for Ebyte Lora Modules or you can use the the customised USB TTL provided with Ebyte LoRa modules.

You can get the shematic file for the Drola Base node, designed using eagle here.

Drola base node consist of two servers, a web server and a web-socket server. Web Application is host on web server. Web Application client shows the locations of the drones which send their locations to this system.

API

There is a API with a python web socket server and a python web socket client. Each web client send a request to the web socket server when it starts, then web socket server add them to its connection list. The web socket client receives the drone detail through serial port and decrypts the message using the key relavant to the unique id. Then it send that drone detail as a json object to the web socket server. Web socket server broadcast received drone detail jsons to all the connected web clients.

Drola Demo

At the current stage, this demo uses two end nodes only. Those two noes are placed nearby locations inside the university premises. This snapshot shows that how it receives locations from end nodes and how they are marked on the map.

There is a demo video which shows the locations of a flying drone. Demo Video path,
Demo Videos

Further Developments

Use a trusted zone as a key storage for both end nodes and Base stations.

Try to use a dedicated hardware for message encryption at the End Node level.

Implement Key derivation and key transmission(to End node via a wired connection) option to web client.

Extent to send more details like speed of the drone.

Improve web application to make it more user friendly.