Many of today's Embedded Systems use wireless links to exchange critical and sensitive information "over the air". In contrast to usual wired field bus systems, the transmitted data can be easily received by third parties without any physical intervention (lack of confidentiality). Similarly, an attacker might be able to inject malicious messages that may result in unwanted behaviour (lack of integrity and authenticity).
This problem also arises on the Telemetry Link of the MART-i quadcopter used at the RCS. It connects the onboard Flight Control Module to a PC-based Ground Station via a standard 433MHz link using the MAVLink (Micro Air Vehicle) communication protocol. As the link not only transports status information, but also provides access to many mission- and therefore safety-relevant parameters of the UAV, both integrity (the data has not been tampered with during transport) and authenticity (the data has been sent by a particular (trusted) party) is required for all control messages.

The goal of this thesis is to evaluate methods to secure the existing MAVLink channel to achieve confidentiality, integrity and authenticity. In the current setup, the Flight Control Module is connected directly to the radio modem (using a 4-pin UART) whilst the Ground Station uses an USB interface (emulating a serial port).
First, a location for the Encryption Module has to be selected - it might be implemented within the Flight Control Module or on the future Payload Computer, a MicroZed system-on-module board. The former uses a low-end microcontroller whilst the latter features a powerful Xilinx Zynq System-on-Chip, containing a dual-core ARM Cortex-A9 CPU, various peripherals and a reconfigurable fabric. Based on the capabilities of the chosen platform, suitable cryptographic protocols and algorithms will be evaluated. Both choices will be driven by an extensible set of constraints, such as tolerance to packet loss, timing and safety aspects. After a standalone design and implementation phase the Encryption Module will be integrated on the quadcopter. Finally, the resulting system (consisting of the on-board Encryption Module and its Ground Station counterpart) will be tested and evaluated.