@MASTERSTHESIS\{IMM2016-07054,
    author       = "M. Verup and M. Olin",
    title        = "Security models and exploitations in theory and practice for unmanned aerial vehicles",
    year         = "2016",
    school       = "Technical University of Denmark, Department of Applied Mathematics and Computer Science",
    address      = "Richard Petersens Plads, Building 324, {DK-}2800 Kgs. Lyngby, Denmark, compute@compute.dtu.dk",
    type         = "",
    note         = "{DTU} supervisor: Christian D. Jensen, cdje@dtu.dk, {DTU} Compute",
    url          = "http://www.compute.dtu.dk/english",
    abstract     = "The goal of the thesis is to create a secure model for unmanned aerial vehicles with focus on both security, safety, and privacy aspects. To perform a risk analysis for a drone in its environment the {ISO} 27005 and {CORAS} tools are used to identify threats and vulnerabilities that, if left unattended, can be exploited, compromising security, safety or privacy. The thesis look at a couple of popular recreational drone models to evaluate and experiment on trying to find any vulnerabilities. Finally a model is created using the results from the analysis and is compared to real-life drone attacks. Evaluating the model against these attacks show that they could have been identified and prevented using this model, ensuring security for the drone system thus indirectly ensuring safety and privacy. To ensure safety and privacy more directly, the use of a dedicated drone legislation is needed."
}