May 23, 2019

Blog postConnected vehiclesEJBCA Hardware ApplianceEJBCA Software ApplianceIoT & IIoT security

Drone safety via security – PKI in action


You’ve probably heard the buzz around drones or multicopters. They’ve become a common sight over the past few years. People are using them for all sorts of things; kids are playing with them, adults are taking aerial vacation selfies, and hospitals are trialing use cases where drones are used for transporting AED equipment to homes in rural areas. However, over the last year, incidents and disruption reports have grown exponentially due to multicopters misuse and deliberate attacks.

Airports are popular disruption areas. The level of disruption can vary from observing a multicopter entering the airport zone to greater disruption resulting in flight cancellations, relocations to different runways, and complete temporary traffic shutdowns at the airport. The latest reports have come from Frankfurt airport, Berlin airport, Gatwick airport and Heathrow airport. Furthermore, cases of abuse have been reported from oil pipes and when drones are used for smuggling objects at borders or buildings, e.g. prisons. As drones are more accepted and used in society, there is a greater risk that they will be used with malicious intent. In order to address this threat, no flight zones need to be enforced. Additionally, it should be possible to securely identify the drones and it should be possible for authorities to override the control if the drone flies into a restricted area.

Combining PKI and secure elements

Infineon and PrimeKey have teamed up to showcase how an implementation combining Secure Elements and PKI can:

  • Eliminate threats like manipulation of multicopter “no flight zone” control software.
  • Enable trusted identities for multicopter to remove the current problem with anonymous users.

The joint solution is based on secure, anti-tamper devices enabling embedded application security for over-the-air authorization and revocation.  The multicopter controller is equipped with an OPTIGA™ Trust X and a NC1023 (eSIM). The OPTIGA™ Trust X stores the credentials and the certificates in a secure hardware and the NC1023 (eSIM) is serving the 5G embedded connectivity with active control. PrimeKey’s PKI Appliance issues and manages the full life cycle of the certificates used in the solution.

Infineon IoT Security Circle 2019

At Infineon IoT Security Circle 2019 in Munich next week, we will be showing how flight control, via secure certificate authorization is realized together with full authorization and revocation services managed and owned by official bodies and agencies for controlled access.

We are all packed and ready to go!

Andreas Philipp, PrimeKey


Andreas Philipp

Andreas Philipp has more than 20 years of extensive experience in several roles and positions within the Security Module Business. He joined PrimeKey in 2017 and is now Business Development Manager with his base in Aachen, Germany.