Galois develops software tools to make better UAS systems

By Patrick C. Miller | March 24, 2015

Software engineer Patrick Hickey played the role of a drone hijacker while demonstrating to CBS “60 Minutes” correspondent Lesley Stahl how a program developed by Galois blocked him from taking control of a quadcopter.

Hickey, who’s been designing embedded systems for Galois since 2011, wasn’t completely sold on the demonstration during a “60 Minutes” program on Internet security technology developed by the Defense Advanced Research Projects Agency (DARPA).

“It’s dramatic, but it’s not interesting from the software engineer perspective,” he said of the nationally televised demo. “How do you demonstrate that a software has no flaws? Well, it does exactly what it should do and nothing else.”

Through Galois—based in Portland, Oregon—Hickey works on the High Assurance Cyber Military Systems (HACMS) program funded by DARPA. He also has a passion for helping others develop better autopilot software for unmanned aerial systems (UAS) by giving them the tools to do so.

Hickey’s a member of the Secure Mathematically-Assured Composition of Control Models (SMACCM) Pilot team, an embedded systems software research project at Galois. The open-source autopilot software for small unmanned aerial vehicles (UAVs) uses high-assurance software methods and is based on a scratch-built programming language called Ivory.

“Right now, I feel like we’re probably the only solution to having a tool kit that enables you to build into a better drone versus software that seven or eight people wrote and nobody else understands or knows how to change,” Hickey said. “If something goes wrong in that software, your flying lawnmower goes out of control and could hurt somebody.”

Unlike some open-source autopilots, SMACCMPilot is designed with security in mind and with the idea that it can be safely and reliably modified. As Hickey explains, it’s not about providing an autopilot program that enables someone to take a UAV to the park and have fun, but instead giving software engineers the ability to write an autopilot program that does what they need it to do.

“I’m more interested in tools than in products,” he said. “I think we need more tool kits and fewer polished products.”

Hickey uses Microsoft Word as an example of a polished software product that can be used by millions of people for word processing. However, if a user wants the program to do something different and attempts to change its code, there’s a good chance it will stop working.

In the software design world, Hickey said SMACCMPilot is more like Linux, an operating system that by itself does nothing, but gives programmers a powerful tool to develop software for specific functions.

“I’m not saying we’ve solved all the problems,” Hickey said. “We’re giving you a tool kit that you can use to address problems without worrying about introducing another problem that’s going to allow an attacker to maliciously take over your system or affect the ordinary behavior of the system—such as the computer crashing and causing the drone to plummet from the sky.”

SMACCMPilot runs on PX4 hardware, a platform used by hobbyists, researchers and developers. The PX4 Autopilot Project is an open-source, open-hardware project led by the PIXHAWK group at ETH Zurich (Swiss Federal Institute of Technology). It’s supported by 3D Robotics, a leading manufacturer of open-source unmanned aerial vehicle technology.

“The real value in what we’re doing isn’t the one piece of drone software we made,” Hickey said. “We’ve got a set of tools where you can make changes to the way this drone is supposed to behave. Or you could make a completely new thing, such as software that goes in an automobile or a rocket or a pacemaker—any number of safety-critical applications.”

 

For more on the UAS Industry, follow us on Twitter @UASMagazine