The Game of Drones

Resilient and Secure Drone Swarms

We are increasingly surrounded by interconnected embedded systems, which collect sensitive information, and perform safety-critical operations.

Most embedded systems perform simple tasks upon reception of a command, in a predefined manner. However, in recent years, embedded systems have been increasingly designed to carry out autonomous collaborative tasks.

Networks of autonomous embedded systems, such as, vehicular ad-hoc networks, robotic factory workers, search/rescue robots, and drones, are already being used for performing urgent, tiresome, and critical tasks with minimal human intervention.

For example, drones are (envisioned to be) used for various tasks, such as search and rescue, construction site management, security and surveillance, cargo delivery, and natural disasters prediction and warning.

The autonomous operation of autonomous systems over light-weight and constrained embedded devices requires a rethinking of data acquisition and computational tasks. More specifically, such systems must be designed with the efficiency of the data collection and processing in mind. The main challenges are:

  • Given the practical communications and energy constraints of these autonomous systems, they require their data acquisition to be tightly integrated with the sensing platform. In other words, instead of blindly collecting massive amounts of data, the data acquisition problem must address an active component of information acquisition, learning, and tracking.
  • Given the practical hardware and energy constraints, the data analytics, inference, learning, and computations are required to be tightly integrated with the hardware (processors, memory architectures, etc). This integration of the hardware and the structure of the data into the design of the algorithms is an essential feature of these systems.
  • Given the complexity of the design space and scalability requirements of the applications, the integration of data collection and analytics with the machine and sensor platforms must follow a design automation framework.
  • The interconnection of such systems poses a formidable security challenge, as it increases their susceptibility to attacks, and magnifies the consequences of the success of such attacks.

Attacks against autonomous and collaborating systems can be launched:

The goal of this project is to design collaborative autonomous systems that are resilient to classical exploits as well as adversarial artificial intelligence mentioned above.

Current projects

To reach our goals there are a number of challenges to tackle. Our work is currently focusing on the following:

  • Active Learning, Search, and Tracking: This project considers the problem of noisy search and tracking of a set of potentially moving targets (e.g., lost persons or animals) by a networked collection of small and low cost unmanned aerial vehicles and drones who have the ability to control and orchestrate the inspection sequence of sub-regions of the total search area.
  • Security architectures for embedded devices: This project consider lightweight security architectures that provide a variety of hardware-based security features for real-time embedded devices such execution-aware memory protection, local and remote attestation, and secure boot.
  • Swarm attestation: Ensuring software integrity (including OS, apps, and configurations) on smart devices is essential to guarantee both privacy and safety. A distinct emerging security service to protect the software integrity of embedded devices is remote attestation: A process that allows a remote verifier to validate the integrity of the software of a device. While individual device attestation concerns single devices, efficient and secure attestation of large network of devices remains a challenging problem. This project considers the scalable attestation schemes and their application of swarm of drones.
  • Resilient security: Today's computer systems are increasingly connected to cyberphysical systems bringing together security and safety critical tasks. Dependable solutions aim at fault-tolerant schemes to guarantee the correct functionality and meet the safety goals of the underlying system. However, they do not typically consider malicious attacks. This project considers resiliency aspects for both faults and malicious attacks so that a collaborative system can provide its functionality even if a part of the system (a subset of devices) are under the adversary’s control.
  • Robust AI: As the first step this project is considers novel end-to-end computing framework and tools for characterizing the assurance and thwarting adversarial space in machine learning. The framework protects neural networks against adversarial samples, which are perturbed inputs carefully crafted by malicious entities to mislead the underlying DL model. The precursor for the proposed methodology is a set of new quantitative metrics to assess the vulnerability of various deep learning architectures to adversarial samples.


Principal Investigators

Ahmad-Reza Sadeghi, Technische Universität Darmstadt.
Ahmad's expertise includes trusted and secure computing and security and privacy for Internet of Things.

Farinaz Koushanfar, University of California San Diego (UCSD).
Farinaz's expertise includes data analytics in constrained settings, embedded systems security, and robust machine learning.

Tara Javidi, University of California San Diego (UCSD).
Tara's expertise includes statistical analysis and robust machine learning.



  • Email
  • Phone +49 (0)6151 16 - 25328
  • Address Mornewegstrasse 32
    D-64293 Darmstadt