Next Article in Journal
DocCLS_NMMH: A Benchmark for Native Multi-Modal Hybrid Document Classification in Enterprise Data Security Governance
Previous Article in Journal
Statistical Reward Shaping for Reinforcement Learning in Bipedal Locomotion
Previous Article in Special Issue
Lightweight Heterogeneous Graph-Inspired Neural Networks for Real-Time Botnet Detection
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Electronics
Volume 15
Issue 6
10.3390/electronics15061204
electronics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Securing Unmanned Devices in Critical Infrastructure: A Survey of Hardware, Network, and Swarm Intelligence

by
Kubra Kose
,
Nuri Alperen Kose
and
Fan Liang
*
Department of Computer Science, Sam Houston State University, Huntsville, TX 77341, USA
*
Author to whom correspondence should be addressed.
Electronics 2026, 15(6), 1204; https://doi.org/10.3390/electronics15061204
Submission received: 13 February 2026 / Revised: 4 March 2026 / Accepted: 11 March 2026 / Published: 13 March 2026
(This article belongs to the Special Issue Computer Networking Security and Privacy)
Browse Figures
Versions Notes

Abstract

As Unmanned Aerial Vehicles (UAVs) become integral to critical infrastructure, ranging from precision agriculture to emergency disaster recovery, their security becomes a matter of systemic resilience. This paper provides a comprehensive thematic survey of the security landscape for unmanned devices, bridging the gap between low-level hardware vulnerabilities and high-level mission failures. We propose a multidimensional taxonomy that categorizes challenges into hardware roots of trust, swarm intelligence threats, and domain-specific applications. A primary focus is placed on the Resource–Security Paradox, where the energy cost of heavy cryptographic or AI defenses directly reduces flight endurance, creating a trade-off that adversaries exploit through battery-exhaustion attacks. Beyond standard threats, we analyze emerging risks in additive manufacturing supply chains, the “Sim-to-Real” gap in AI-driven perception, and the legal necessity of Digital Forensic Readiness (DFR) for post-incident attribution. Through a systematic review of defensive frameworks, including lightweight encryption, Mamba-KAN anomaly detection, and blockchain-anchored logging, we evaluate the effectiveness of current solutions against complex adversarial models. Finally, we identify critical research gaps, providing a roadmap for security-by-design in the next generation of critical infrastructure swarms.

1. Introduction

Modern UAV architectures are characterized by the tight coupling of sensing, communication, computation, and control subsystems [1]. In recent years, this tightly integrated design has evolved toward Edge, Swarm, and Integrated Sensing and Communication (ISAC) paradigms [2,3,4]. In edge-based architectures, computation is offloaded to proximate servers to reduce latency, albeit at the cost of introducing vulnerabilities in the offloading channel. Swarm architectures rely on distributed consensus algorithms to coordinate movements without centralized control, improving resilience to single-point failures while increasing susceptibility to Byzantine faults. ISAC architectures unify radar sensing and communication waveforms to improve spectral efficiency, but this integration may expose physical-layer characteristics to adversarial exploitation. Collectively, these architectural shifts fundamentally reshape the security posture of Unmanned Aerial Vehicles (UAVs) operating within Critical Infrastructure (CI) environments, which is the focus of this survey.
The integration of UAVs into the operational fabric of critical infrastructure has progressed from predominantly military applications to a foundational role in civilian systems. Owing to their capabilities in high-resolution sensing, real-time communication relaying, and autonomous operation, UAVs are now widely deployed for energy grid monitoring, precision agriculture optimization, and search-and-rescue (SAR) missions in communication-denied or degraded environments [5]. However, this growing reliance on autonomous aerial platforms introduces a broad and variable attack surface. Unlike conventional information technology (IT) systems, UAVs operate under strict cyber–physical constraints, including limited battery capacity, restricted onboard computational resources, and stringent real-time decision-making requirements [6,7]. These constraints complicate secure system design by forcing trade-offs between comprehensive security mechanisms and mission feasibility [8].
A central challenge emerging from these constraints is the Resource–Security Paradox inherent to UAV platforms. The energy consumption associated with high-overhead security mechanisms, such as large cryptographic key sizes or computationally intensive deep learning models, directly reduces flight endurance and mission duration. Consequently, adversaries may exploit energy limitations rather than traditional software vulnerabilities, for example, through battery exhaustion or vampire attacks designed to forcefully drain limited energy reserves [9,10].
Beyond resource limitations, the robustness of many proposed security solutions remains an open concern. In their review of AI-enhanced intrusion detection systems, Islam et al. report that although detection accuracies frequently exceed 99%, performance often degrades substantially during cross-dataset validation [11]. This behavior indicates a tendency toward overfitting to specific flight profiles or network conditions, raising concerns about generalizability and resilience against zero-day attacks in real-world deployments, a challenge widely corroborated by recent comprehensive surveys on AI-enabled UAV security [12,13,14]. Related studies further emphasize the difficulty of deploying strong cryptographic protocols or computationally intensive AI models within the tight energy and processing constraints of small UAVs [1,15], leaving many proposed defenses impractical for industrial and agricultural platforms that rely on low-power microcontrollers.

1.1. Survey Scope and Contribution

This survey evaluates the security landscape of unmanned systems by explicitly linking hardware and communication-level constraints to higher-level safety and reliability requirements in critical infrastructure operations. The main contributions of this work are summarized as follows:
  • A structured classification of security challenges across the UAV ecosystem, emphasizing the interdependence among communication subsystems, embedded artificial intelligence, and power-constrained hardware platforms.
  • A critical review of the evolution of security mechanisms, ranging from traditional lightweight cryptographic techniques to AI-driven intrusion detection and agent-based autonomous anti-jamming strategies.
  • An analysis of attack surfaces and associated security implications in high-impact application domains, including precision agriculture, smart transportation systems, and time-sensitive emergency response scenarios.
  • Identification of open research challenges, such as the Resource–Security Paradox and the safety of autonomous decision-making logic, accompanied by a forward-looking research roadmap for secure unmanned critical infrastructure.
By synthesizing existing literature and highlighting unresolved challenges, this survey establishes a foundation for security-by-design principles in the development of next-generation unmanned systems for critical infrastructure applications.
While numerous surveys have addressed specific aspects of UAV security, the literature remains fragmented across isolated technological layers. As summarized in Table 1, recent reviews typically focus exclusively on communication protocols, physical layer security, or specific application domains such as agriculture or search and rescue. However, a critical gap remains in addressing the cross-layer tension between hardware resource constraints and mission-critical reliability: the Resource-Security Paradox. Furthermore, few existing surveys integrate the legal necessity of Digital Forensic Readiness (DFR) alongside technical defenses. This work distinguishes itself by providing a comprehensive analysis that bridges hardware roots of trust, swarm intelligence, and forensic accountability within the specific context of Critical Infrastructure.

1.2. Literature Search Methodology

To ensure a systematic and comprehensive review of the state of the art in UAV security, this survey adopts a literature selection process aligned with the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines [19]. The PRISMA framework was selected because it is widely recognized as the gold standard for minimizing selection bias and ensuring methodological rigor in comprehensive literature reviews [11]. The primary objective of this methodology is to capture security research that bridges low-level system vulnerabilities with high-level mission failures in critical infrastructure deployments, with an emphasis on experimentally validated and implementation-oriented studies rather than purely theoretical models.

1.2.1. Search Strategy and Data Sources

A multi-tiered literature search was conducted in order to ensure a comprehensive and methodologically grounded coverage of UAV security research, hardware constraints, and critical infrastructure research was conducted. We explicitly distinguished between primary digital libraries and publisher-specific journal searches to ensure rigorous coverage. The primary bibliographic databases utilized were IEEE Xplore, ACM Digital Library, and ScienceDirect. Our database selection was intentionally focused on these domain-specific engineering repositories, as they are widely recognized as the most authoritative sources for peer-reviewed UAV, embedded systems, and cybersecurity research [20,21]. To complement these primary libraries, we conducted targeted, publisher-specific searches within high-impact open-access journals (e.g., MDPI’s Drones, Sensors, and Electronics), which are highly relevant to rapid developments in cyber-physical systems.
The systematic search scope was limited in order to reflect the rapid evolution of Internet of Drones (IoD) architectures from 2020 to 2026. This timeframe was purposefully selected to capture recent advancements in UAV systems, particularly the rapid integration of AI-driven autonomy, edge computing, and advanced communication technologies (e.g., 5G-enabled UAV networks) [3,11]. While foundational UAV security studies prior to 2020 are acknowledged and utilized in the background sections to establish theoretical context, the primary focus of this systematic review is on recent developments and contemporary vulnerabilities, which differ significantly from legacy radio-controlled architectures.
The Boolean queries used in this study were meticulously formulated to ensure that all relevant studies were retrieved and that search sensitivity was maximized by including both full expressions and their corresponding acronyms. The search process was structured around three distinct Boolean query strings:
The first query stream targeted general UAV security research using the combination: (“UAV” OR “Unmanned Aerial Vehicle” OR “UAS” OR “Unmanned Aircraft System” OR “Drone”) AND (“Security” OR “Cybersecurity” OR “Vulnerability” OR “Attack”) AND (“Critical Infrastructure” OR “Industrial” OR “Cyber-Physical Systems”).
The second query stream focused on resource-constrained security to identify studies examining how onboard protection mechanisms interact with physical limitations, utilizing: (“UAV” OR “Unmanned Aerial Vehicle” OR “Drone”) AND (“Energy Efficiency” OR “Battery” OR “SWaP” OR “Size, Weight, and Power”) AND (“Encryption” OR “Cryptography” OR “Authentication”).
The third query stream addressed autonomy- and swarm-centric threats using: (“Swarm Intelligence” OR “Multi-UAV” OR “UAV Swarm”) AND (“Byzantine” OR “Trust Management” OR “Data Poisoning” OR “Adversarial AI”).
This structured, validated querying strategy ensured coverage not only of conventional UAV security literature, but also of works explicitly addressing cooperative autonomy threats and the fundamental trade-offs between computational protection mechanisms and resource-constrained aerial platforms.

1.2.2. Eligibility and Screening Process

The study selection followed a rigorous, multi-stage screening process aligned with the PRISMA framework, designed to progressively refine the initial corpus into a focused set of works suitable for qualitative synthesis. Figure 1 illustrates the complete identification, screening, eligibility, and inclusion workflow adopted in this review.
In the identification phase, the initial searches, including works added during the peer-review revision process, yielded a total of 370 records. The distribution of these retrieved records across the selected platforms was as follows: IEEE Xplore (150 records), MDPI publisher searches (110 records), ScienceDirect (70 records), and ACM Digital Library (40 records). Prior to the screening process, 35 duplicate records were identified across the platforms and removed, leaving 335 unique records for the first phase of evaluation.
During the screening phase, the titles and abstracts of the 335 unique records were reviewed. A total of 100 publications were excluded at this stage because they were clearly outside the scope of the survey, such as studies focusing exclusively on consumer or hobbyist drones without relevance to critical infrastructure. This screening reduced the candidate set to 235 studies.
In the eligibility phase, a full-text assessment was conducted on the remaining 235 articles to evaluate their methodological rigor and domain relevance. At this stage, 65 studies were excluded for specific methodological reasons. Among these, 35 studies were excluded because they presented purely theoretical models without simulation, hardware-in-the-loop, or experimental validation, while 30 studies were excluded because they did not align with the intersection of hardware constraints, communication security, and AI-driven autonomy.
Following the full-text assessment, 170 articles met the broad eligibility criteria. A final quality and relevance review was then performed, resulting in the exclusion of 26 lower-quality or marginally relevant papers. Ultimately, a total of 144 high-quality studies were included in the final qualitative synthesis presented throughout this survey.

1.2.3. Taxonomy and Classification

The selected literature was systematically analyzed to derive a multidimensional taxonomy that structures the remainder of this survey. Security challenges and defense mechanisms were categorized into three primary analytical layers: system-level architectures, threat mitigation strategies, and domain-specific applications. This classification framework enables a cohesive system-level perspective that links embedded hardware constraints, communication subsystems, and AI-driven autonomy across diverse critical infrastructure domains.
To derive this taxonomy, each of the 144 included studies was evaluated and tagged based on two primary classification criteria: the foundational vulnerability exploited by the specific threat model (e.g., physical access, RF channel exposure, or algorithmic logic) and the operational layer of the proposed defense mechanism. Based on these tags, papers were structurally classified into one of three core pillars: Layer A (Hardware & Infrastructure), Layer B (Communication & Network), and Layer C (AI, Swarm & Autonomy).
However, because modern UAV security is inherently interdisciplinary, several cross-cutting studies presented overlapping methodologies. To ensure consistent classification, our protocol prioritized the primary mitigation mechanism driving the paper’s contribution. For example, if a study utilized hardware acceleration (such as a Trusted Execution Environment) primarily to optimize the inference latency of a Deep Learning Intrusion Detection System, it was classified under Layer C (AI and Autonomy), as the core defensive contribution remained algorithmic.
Conversely, studies where the cross-layer interaction itself was the primary focus, such as the fusion of physical hardware limitations with AI perception (the sim-to-real gap), the interplay of network signals and physical location (GNSS navigation security), or the transition of digital logs into legally admissible physical evidence (Digital Forensic Readiness), were grouped into a dedicated Cross-Cutting Defense category (Section 6). This approach ensures that complex multi-layer dependencies are analyzed cohesively rather than being artificially fragmented into a single operational layer.
The resulting taxonomy serves as the conceptual backbone of the paper, guiding the progression from foundational hardware and network security mechanisms to application-driven threat models and cross-cutting resilience challenges. Figure 2 presents this three-layer security taxonomy. The hardware layer captures threats such as supply-chain Trojans and vampire attacks, along with defenses including PUFs and secure zeroization. The network layer addresses MAVLink injection and Remote ID spoofing, mitigated through lightweight cryptography (ASCON) and privacy-preserving A2RID. The AI layer highlights adversarial patches and model-stealing attacks, countered by edge-efficient models (Mamba-KAN) and federated learning. Finally, the vertical pillar illustrates how these cross-layer mechanisms apply to domain-specific use cases.

1.3. Organization of the Paper

The remainder of this paper is organized as follows. Section 2 introduces the technical background, including modern UAV architectures and the threat landscape. Section 3, Section 4 and Section 5 provide a system-level analysis covering hardware and infrastructure security, communication and network security, and AI-driven security and adversarial threats. Section 6 discusses cross-cutting defenses such as navigation security, the sim-to-real gap, and forensic readiness. Section 7 examines UAV security challenges in critical infrastructure applications. Section 8 outlines open research challenges and future research directions, and Section 8.7 concludes the paper.

2. Background: Architecture and Threat Landscape

This section outlines the foundational technical architecture of UAVs and characterizes the adversarial models that threaten their operational integrity within critical infrastructure deployments. Recent advances in the literature are synthesized to identify prevailing design paradigms, dominant threat vectors, and representative defense mechanisms, while emphasizing the persistent limitations that motivate this survey. The transition toward the IoD paradigm has shifted UAV security from isolated safety mechanisms toward integrated, AI-driven, and system-wide security frameworks.

2.1. Modern UAV Architectures: Edge, Swarm, and ISAC

At the perception level, UAV autonomy relies heavily on robust sensing and localization capabilities. Chaffilla et al. demonstrated a collaborative, infrastructure-free approach in which UAVs track moving ground platforms using ArUco markers, enabling accurate localization in GPS-denied environments [22]. Similarly, Ekici et al. showed that supervised learning models leveraging virtual fiducial markers can achieve high-precision indoor positioning for warehouse inventory applications, although performance remains strongly dependent on visual input quality and environmental conditions [23]. Together, these studies highlight both the effectiveness and fragility of vision-centric perception pipelines under real-world variability.
Beyond perception, communication and coordination remain central challenges in multi-UAV and swarm-based systems. Integrated Sensing and Communication (ISAC) frameworks have emerged as a promising solution, particularly at the physical layer. Yang et al. reviewed the application of physical-layer security techniques such as beamforming and artificial noise injection to conceal communication links from adversaries [4]. However, scalability introduces new constraints, as increasing swarm density exacerbates interference and resource contention. To address these challenges, Bui et al. proposed a game-theoretic joint clustering and resource allocation strategy aimed at improving energy efficiency in ultra-dense drone networks [24], underscoring the inherent trade-offs between coordination performance and resource availability.

2.2. Taxonomy of Threats and Adversaries

Accurate characterization of adversary capabilities is essential for evaluating UAV security in critical infrastructure contexts. Tychola and Rantos provided a comprehensive threat taxonomy for agricultural UAV systems, categorizing vulnerabilities across emerging threats, sensor-level weaknesses, hardware and software exploits, and communication-layer attacks [16]. Their framework illustrates how UAV threats span both cyber and physical domains, often interacting in complex and cascading ways.
Adversarial behavior has evolved from passive observation to active interference and manipulation. Šimon and Götthans surveyed deep learning–based jamming and deception techniques, demonstrating how intelligent signal injection can disrupt telemetry, navigation, and command channels during mission execution [25]. At the perception layer, Xi et al. introduced the Low-Frequency Robust Adversarial Patch (LFRAP), which combines color clustering and motion modeling to generate physical adversarial patches capable of evading UAV object detection systems even under high-speed flight conditions [26]. Beyond immediate perception failures, such attacks may also degrade information freshness by increasing the Age of Information (AoI), potentially triggering unsafe behavior in latency-sensitive modules such as collision avoidance and trajectory planning.
In addition to external threats, internal and resource-centric attacks pose significant risks in cooperative UAV systems. Insider attacks exploit implicit trust relationships within a swarm, particularly when individual nodes are compromised or physically captured. To mitigate this risk, Badshah et al. proposed the USAF-IoD framework, which employs ultralightweight authenticated key agreement based on hardware Physical Unclonable Functions (PUFs). This approach ensures that long-term cryptographic secrets remain protected even if a UAV is physically accessed by an adversary [15].

Beyond Standard IoT Taxonomies: A Multi-Dimensional Framework

While existing literature frequently relies on a standard three-layer classification (Perception, Network, and Application) inherited from general Internet of Things (IoT) and Cyber-Physical Systems (CPS) paradigms, this traditional structure is insufficient for modern critical infrastructure UAVs. Standard IoT devices are typically stationary and single-agent; in contrast, modern UAVs are highly mobile and operate in decentralized, cooperative clusters [27].
To address this gap, we expand the conventional layered approach by introducing two novel dimensions specific to the critical infrastructure threat landscape: Swarm Intelligence Security and DFR.
First, our taxonomy accounts for Swarm Intelligence vulnerabilities, shifting the security focus from protecting individual nodes to preserving the integrity of collective decision-making. As swarms rely on decentralized consensus, they introduce unique attack vectors such as the Lazy Node resource-exhaustion attack and formation trajectory poisoning [28]. Second, we incorporate DFR as a foundational requirement. In critical infrastructure incidents, distinguishing between a cyber-induced sabotage and a mechanical failure is legally pivotal. Unlike standard CPS surveys, our classification bridges real-time attack mitigation with post-incident legal admissibility, ensuring that cryptographic logs (e.g., via blockchain-anchored telemetry) maintain a verifiable chain of custody [29]. By integrating the Resource-Security Paradox, swarm dynamics, and DFR, this taxonomy provides a holistic threat model entirely customized for unmanned aerial operations.

2.3. Real-World Threat Landscape and Economic Impact

While theoretical vulnerabilities are extensively modeled, real-world cyberattacks on UAVs demonstrate the immediate, fatal, and catastrophic economic impacts of these exploits. Historically, UAV cyber incidents primarily targeted military assets and ground control communications. Notable early examples include the 2009 interception of unencrypted U.S. Predator video feeds by insurgents, a 2010 eavesdropping attack on surveillance drones that led to a fatal ambush, and the 2011 malware infection of a U.S. Army Ground Control Station (GCS) via a keylogger [30]. That same year, the capture of a U.S. RQ-170 drone in Iran demonstrated the severe physical consequences of GPS spoofing.
However, as UAVs transition into the civilian, commercial, and critical infrastructure sectors, the physical and financial consequences of attacks have escalated severely. General aviation and commercial drones are frequently targeted by spoofing and de-authentication attacks, leading to loss of vehicle control, as seen in the 2012 crashing of a Hornet Mini Rotorcraft and the 2024 complete hijacking of a consumer Parrot A.R. drone. Furthermore, multi-agent swarm operations are highly susceptible to interference; during a 2018 event in Hong Kong, 46 drones plummeted simultaneously due to targeted GPS jamming, causing significant physical and financial damages [31].
More recently, the proliferation of commercial off-the-shelf (COTS) spoofing and jamming equipment has led to massive financial damages across various critical sectors. As summarized in Table 2, documented incidents emphasize the escalating severity and financial toll of UAV cyberattacks over the past decade. For instance, a 2025 GPS spoofing attack on a commercial delivery UAV resulted in an estimated $9 million in damages, a 2024 hijacking of a police surveillance drone cost $5.4 million, and a 2021 jamming attack on an agricultural UAV swarm caused $2.5 million in crop and equipment losses [32]. These incidents underscore that securing UAVs is no longer just a theoretical exercise, but a critical economic and physical safety imperative.

2.4. From Single UAVs to Cooperative Swarms

The emergence of the low-altitude economy and advances in integrated sensing and communication (ISAC) networks have accelerated the transition from isolated UAV platforms to cooperative and networked swarms [4]. While swarm-based architectures enhance system coverage, redundancy, and operational resilience, they also amplify exposure to complex adversarial threats, including intelligent jamming, signal spoofing, and AI-driven deception strategies [25]. Recent research efforts, such as Deep Reinforcement Learning (DRL)-based anti-jamming approaches and the adoption of Large Language Models (LLMs) for safety supervision and decision support, demonstrate promising directions for securing these systems.
Nevertheless, a critical gap persists in understanding how low-level vulnerabilities, particularly those at the physical and communication layers, can cascade into mission level failures across critical infrastructure domains [11]. Addressing this gap requires moving beyond isolated vulnerability analyses toward a cohesive understanding of resilient, end-to-end system architectures.
The transition from single-platform UAV operations to decentralized, multi-UAV swarms represents a fundamental shift in how critical infrastructure can be monitored and protected. While distributed intelligence enables collective perception and coordinated task execution, it also introduces tighter interdependencies among agents and expands the overall attack surface. As a result, new failure modes emerge from the interaction of communication, control, and learning components, reinforcing the need for a comprehensive security analysis at the system level.

3. Hardware and Infrastructure Security

As the foundational layer of the UAV ecosystem, hardware security dictates the upper bounds of system resilience. Attacks at this level, ranging from supply chain interdiction to side-channel analysis, can bypass higher-level cryptographic defenses entirely. Consequently, recent research has shifted from reactive software patching toward proactive, hardware-rooted trust mechanisms. This section examines how hardware security primitives, firmware integrity, and infrastructure-level resource constraints collectively shape the resilience of UAV systems deployed in critical infrastructure.

3.1. Trusted Execution and Hardware Roots of Trust (RoT)

Legacy UAV architectures often rely on monolithic firmware designs in which the flight controller shares memory space with untrusted peripherals such as cameras and gimbals. This structure creates a weakest-link vulnerability, whereby compromise of a peripheral can propagate to the flight computer and destabilize the entire platform. To address this risk, modern UAV architectures increasingly adopt Hardware Roots of Trust (RoT) as immutable anchors for the system security chain.
Recent surveys emphasize the role of Trusted Platform Modules (TPMs) and Trusted Execution Environments (TEEs), such as ARM TrustZone, in isolating mission-critical code from third-party applications [34]. By executing sensitive operations within secure enclaves, TEEs ensure that cryptographic keys for ground station communication remain protected even if the operating system is compromised through a zero-day exploit. Secure Boot protocols further reinforce this trust chain by verifying firmware signatures prior to execution, preventing malicious rootkits introduced during supply chain transit from being loaded onto the UAV.

3.2. Firmware Analysis, Fuzzing, and Hardware-in-the-Loop Emulation

The security posture of a UAV is fundamentally dependent on the integrity of its firmware. However, systematic vulnerability assessment of drone firmware remains challenging due to the lack of standardized emulation and analysis tools. Unlike conventional Internet of Things (IoT) devices, UAV firmware often relies on proprietary hardware abstraction layers that tightly couple software execution to specific flight control hardware, limiting virtualization and software-only testing.
While static analysis techniques can uncover code-level vulnerabilities, they frequently suffer from high false-positive rates and limited visibility into runtime behavior. Dynamic analysis methods, particularly fuzzing, are better suited for identifying execution-time faults but are difficult to apply in UAV contexts because standard fuzzers cannot emulate continuous real-time sensor inputs such as inertial measurement unit (IMU) and GPS data. To overcome this limitation, recent work has introduced Hardware-in-the-Loop (HIL) environments that inject synthetic sensor data into firmware execution loops, enabling fuzzing-based exploration of edge-case behaviors without risking physical damage [35].
In parallel, lightweight runtime protection mechanisms have been proposed to secure firmware execution under tight resource constraints. Deep computing frameworks embed compact learning models into embedded monitoring pipelines to observe system call patterns and resource utilization profiles. These approaches enable real-time detection of unauthorized privilege escalation and firmware modification attempts, and their effectiveness has been validated against replay and man-in-the-middle attacks using formal verification tools such as AVISPA [36].

3.3. Supply Chain Resilience and Additive Manufacturing

The democratization of manufacturing has introduced severe supply chain risks for UAV platforms deployed in critical infrastructure. Beyond traditional component sourcing, the increasing reliance on additive manufacturing has expanded the UAV supply chain attack surface, enabling adversaries to replicate components, embed malicious circuitry, or subtly alter physical characteristics such as internal geometries and weight distributions to destabilize flight control behavior. Attacks at this layer range from component counterfeiting to malicious design injection during digital fabrication, introducing hardware-level compromises that are difficult to detect through conventional inspection.

3.3.1. 3D Printing and Design Injection

UAV platforms designed for critical infrastructure applications increasingly employ additively manufactured airframes and structural components. Recent studies demonstrate the effectiveness of Fused Filament Fabrication (FFF) using carbon-reinforced polyamide composites to produce lightweight yet mechanically robust fuselages [37]. Similarly, hybrid UAV designs combining fixed-wing efficiency with vertical takeoff and landing (VTOL) capabilities have been fabricated to support long-endurance missions such as acoustic surveillance [38].
However, reliance on computer-aided design (CAD) and stereolithography (STL) files introduces opportunities for malicious design injection. Subtle modifications to internal geometries of load-bearing or propulsion-related components can induce structural failure under specific stress conditions while evading visual inspection [39,40]. Such manipulations effectively function as hardware Trojans embedded within the internal volume of printed components.
The growing geometric complexity of additively manufactured UAV components further complicates post-fabrication inspection. Structures such as Triply Periodic Minimal Surface (TPMS) lattices are increasingly used to reduce weight while maintaining strength, particularly in solar-powered UAV wings [40]. Although advantageous for endurance, these internal architectures are difficult to inspect non-destructively, necessitating complementary validation techniques such as resonant frequency testing or side-channel analysis to detect altered or counterfeit geometries [41].

3.3.2. Digital Twin Verification

To mitigate supply chain threats introduced through digital manufacturing workflows, security mechanisms must extend into design verification and manufacturing validation. Digital twin–based approaches enable operators to compare the physical properties of delivered components against immutable digital design files anchored to blockchain-backed ledgers, supporting traceability and tamper detection across logistics pipelines [42].
Advances in Design for Additive Manufacturing (DfAM) further integrate CAD workflows with automated Finite Element Analysis (FEA), enabling pre-fabrication evaluation of structural integrity for mission-critical components [39]. From a security perspective, these tools provide integrity assurance by verifying that manufacturing instructions, including generated G-code, conform to predefined mechanical and safety constraints. For complex internal geometries, such as TPMS-based structures, digital twin verification combined with side-channel measurements remains essential to detect internal voids or material tampering that visual inspection alone cannot reveal [41].

3.4. Resource Security and Vampire Attacks

UAVs deployed in critical infrastructure environments face a pronounced Resource-Security Paradox: the execution of computationally expensive security mechanisms directly reduces flight endurance and mission duration. We define the Resource-Security Paradox mathematically rather than as a purely descriptive concept, as a cyber-physical energy constraint. As established in recent literature, UAV energy consumption must be fundamentally divided into propulsion, communication, and onboard computation [43,44]. Let E t o t a l represent the finite energy capacity of the UAV battery. The operational energy expenditure can be modeled as:
E t o t a l = ( P p r o p u l s i o n × T f l i g h t ) + E c o m m s + E s e c u r i t y
where T f l i g h t is the mission endurance time, P p r o p u l s i o n is the power required for flight (propulsion energy), and E s e c u r i t y encompasses the computational and transmission overheads of cryptographic primitives, AI models, and trust mechanisms [15]. For a critical infrastructure mission to be viable, the flight endurance T f l i g h t must remain above a strict mission threshold.
The paradox dictates that maximizing security strength inherently drives E s e c u r i t y upward. It is important to note that the “vampire threshold” is not a universal constant; rather, it is a dynamic, mission-specific mathematical limit. By rearranging Equation (1), the maximum allowable security budget before mission failure can be calculated as E s e c u r i t y = E t o t a l ( P p r o p u l s i o n × T f l i g h t _ m i n ) E c o m m s . When E s e c u r i t y crosses this specific vampire threshold, T f l i g h t is mathematically reduced below the mission’s minimum safe requirement, compromising the physical mission to secure the cyber domain [11].
Figure 3 visually illustrates this mathematical constraint. As seen in the graph, energy consumption increases nonlinearly with security complexity. By plotting empirical data (summarized in Section 4), we observe that lightweight mechanisms, such as USAF-IoD (≈5.4 mJ) and Mamba-KAN ( 12.4 mJ), comfortably maintain energy consumption within the safe operational zone. In contrast, traditional high-overhead mechanisms, such as legacy transformer-based anomaly detection ( 42.5 mJ per sample) or decentralized blockchain logging (>200 mJ per transaction), heavily penalize the available energy budget and cross the vampire threshold.
Due to the fundamental differences between these security mechanisms, ranging from deep learning inferences per sample to distributed ledger transactions per block, direct unit normalization (e.g., Energy per Bit) is infeasible. Consequently, the comparative values discussed herein represent estimates from heterogeneous platforms. To prevent misconceptions, the specific hardware and communication environments from which these metrics are derived (e.g., Raspberry Pi vs. Cortex-A72 simulation) are explicitly detailed in Section 6.4.
This trade-off introduces a new attack surface in which adversaries target energy constraints rather than software vulnerabilities alone. Battery exhaustion, also referred to as denial-of-sleep or vampire attacks, represents a particularly damaging class of threats. In such scenarios, adversaries repeatedly trigger authenticated cryptographic operations, forcing onboard processors into sustained high-power states and accelerating battery depletion far beyond nominal idle consumption [44]. Unlike conventional IT systems, where recovery may be possible after rebooting, an energy-depleted UAV is effectively a lost asset.
The Resource-Security Paradox becomes even more pronounced when intelligent onboard security is considered. While simple XOR-based schemes incur negligible computational overhead [45], they lack the semantic assurance required for critical infrastructure environments. Conversely, heavy decentralized protocols render traditional blockchain infeasible for micro-UAV swarms without offloading [46]. Therefore, securing critical infrastructure UAVs cannot be treated merely as a software addition; it must be solved as an energy-bound optimization problem.
Electronics 15 01204 g003
Figure 3. Graphical visualization of the Resource-Security Paradox. Energy consumption increases nonlinearly with security strength. Lightweight mechanisms (e.g., USAF-IoD [15] and Mamba-KAN [46]) remain below the threshold, preserving flight endurance. In contrast, heavy mechanisms (e.g., Transformers [36] and Blockchain [34]) cross the “Vampire Threshold,” imposing severe energy penalties that compromise the physical mission. Note: This threshold is dynamic and varies based on the specific UAV’s hardware and mission parameters.
Figure 3. Graphical visualization of the Resource-Security Paradox. Energy consumption increases nonlinearly with security strength. Lightweight mechanisms (e.g., USAF-IoD [15] and Mamba-KAN [46]) remain below the threshold, preserving flight endurance. In contrast, heavy mechanisms (e.g., Transformers [36] and Blockchain [34]) cross the “Vampire Threshold,” imposing severe energy penalties that compromise the physical mission. Note: This threshold is dynamic and varies based on the specific UAV’s hardware and mission parameters.
Electronics 15 01204 g003
Resource exhaustion attacks extend beyond direct cryptographic abuse. In disaster response and critical infrastructure monitoring, UAVs frequently operate as airborne communication relays [47]. Adversaries may exploit this role through network partitioning or targeted interference that elevates outage probability beyond safe operational thresholds. Even partial degradation can disrupt stabilization and coordination commands, forcing mission aborts or inducing unsafe behaviors [48].

3.5. Physical Anti-Tampering Mechanisms

When a UAV is captured or physically accessed in hostile environments, cryptographic secrets stored in non-volatile memory become vulnerable to extraction techniques such as cold boot attacks. To mitigate this risk, physical security mechanisms increasingly rely on hardware-intrinsic properties rather than software-protected keys alone.
PUFs leverage microscopic manufacturing variations in silicon components, such as SRAM start-up states, to generate a unique and device-specific digital fingerprint. This fingerprint functions as a volatile private key that is generated only at power-on and is never stored persistently. Any attempt to probe the hardware or interrupt power causes the key material to vanish, rendering stored encrypted data mathematically inaccessible to an attacker [49].
In parallel, self-destruct or zeroization logic has been incorporated into military-grade UAV platforms as a last-resort protection mechanism. Upon detecting unauthorized chassis intrusion, abnormal physical access patterns, or navigation inconsistencies indicative of spoofing attacks, trusted hardware modules such as TPMs can initiate rapid key erasure sequences. These zeroization procedures remove mission-critical cryptographic material and sensitive flight logs within milliseconds, preventing post-capture exploitation even when the physical platform is compromised [34].

3.6. The Economics of Security: Cost–Benefit Analysis

While Quantum Key Distribution (QKD) and Trusted Execution Environments (TEE) offer robust hardening, they impose a significant security tax in terms of Size, Weight, and Power (SWaP) constraints. As a result, a comprehensive security strategy for UAV systems must balance technical resilience against economic viability across the system lifecycle.
A central economic challenge is asset-value asymmetry, particularly with respect to capital expenditure (CAPEX). Implementing heavyweight cryptographic hardware on commodity drones frequently violates SWaP constraints and undermines scalability for low-cost swarm deployments. Reviews of hardware security primitives indicate that although Hardware Roots of Trust, such as Trusted Platform Modules (TPMs), provide strong security anchors, they introduce physical complexity that is difficult to justify for cost-sensitive platforms. To address this mismatch, a risk-adaptive security model has been proposed in which swarms leverage PUFs to derive cryptographic keys from inherent silicon variations. This approach offers a lightweight and cost-effective alternative to storing secrets in secure memory elements required by traditional Public Key Infrastructure, thereby aligning security investment with the economic value of the asset being protected [34].
Operational expenditure (OPEX) further constrains security design through its direct relationship with energy consumption and profitability. In logistics applications, every joule allocated to encryption or intrusion detection reduces the energy available for payload transport and operational range. Studies of medical transport drones demonstrate that the energy footprint of onboard security mechanisms is a critical determinant of economic viability, and that heavyweight intrusion detection systems which reduce flight time can render delivery routes unprofitable by shrinking the effective service radius [50]. Consequently, operators increasingly prioritize offloading strategies in which computationally intensive security processing is shifted to ground stations, preserving onboard battery capacity for revenue-generating flight operations.
Beyond software and energy costs, security decisions also have material and life-cycle implications. Physical hardening measures, including anti-tamper casings and redundant sensing hardware, increase structural weight and directly impact energy consumption. Life Cycle Assessments (LCAs) of drone materials show that the trade-off between structural mass and battery endurance is a primary driver of operational cost. Heavier, ruggedized platforms consume more energy per mission, accelerating lithium-ion battery degradation and increasing replacement frequency. As a result, the total cost of security must account not only for initial hardware acquisition but also for material-driven energy penalties and maintenance costs accumulated over the system’s operational lifespan [51].
The economic impact of security extends to the physical embodiment of the drone. While hardware-based roots of trust like TPMs offer superior tamper resistance compared to software solutions [34], they impose Size, Weight, and Power (SWaP) penalties. This aligns with life cycle assessments indicating that every kilogram of structural weight, whether from airframe composites or added security modules, increases the energy demand for extraction and flight operations, potentially negating the efficiency gains of lightweight materials like Carbon Fiber Reinforced Polymers (CFRP) [51].

4. Communication and Network Security

The communication link is the most frequently attacked surface in the IoD. Accordingly, this section moves beyond standard encryption to address aerial-network realities such as high mobility, dynamic topology, regulatory Remote ID requirements, and the growing role of Physical Layer Security (PLS) in open RF environments.
The communication link, including UAV-to-UAV and UAV-to-Ground Control Station (GCS) telemetry, represents one of the most exposed attack surfaces in critical infrastructure missions. The open nature of wireless channels and the high mobility of Flying Ad hoc Networks (FANETs) require security designs that ensure Confidentiality, Integrity, and Availability (CIA) while remaining compatible with strict resource constraints. Consequently, contemporary approaches increasingly emphasize resilient and energy-aware architectures rather than conventional heavyweight mechanisms.

4.1. Secure Link Architectures: FANETs and SDN

FANETs enable UAV-to-UAV communication but are susceptible to routing attacks. Their topologies can change in milliseconds, rendering traditional static defenses such as firewalls ineffective in practice. The dynamic nature of FANET routing also leaves standard protocols vulnerable to manipulation. For example, studies on the Ad hoc On-Demand Distance Vector (AODV) protocol report susceptibility to blackhole attacks, in which malicious nodes advertise falsified shortest routes to intercept or suppress traffic. Security-enhanced variants mitigate these threats through mechanisms such as digital signature verification and path validation, although these protections introduce routing overhead and computational cost [52].
Software-Defined Networking (SDN) has emerged as a robust architectural response by separating the control plane from the data plane, enabling centralized monitoring and security orchestration for UAV swarms. This design can simplify policy enforcement and anomaly detection, but it also elevates the SDN controller into a high-value target whose compromise can propagate across the network. To protect mission-critical nodes such as swarm leaders or data aggregators, SDN controllers have adopted topology deception and moving target defense strategies. By dynamically reshuffling virtual addresses and routing paths, the controller can present an attacker with a misleading topology, obscuring the true location of critical assets and redirecting adversarial probing toward low-value decoys while preserving protected routes for mission data [53].
At the architectural level, centralized UAV–cloud systems further expand the attack surface by introducing cloud interfaces and remote service endpoints. While centralization provides computational capacity for intrusion detection and analytics, it can also create single points of failure vulnerable to Distributed Denial of Service (DDoS) and data leakage, increasing the importance of robust authentication and access control at the API gateway level [54]. SDN architectures additionally enable proactive defense through fine-grained telemetry, where predictive models can forecast expected network performance metrics and flag deviations indicative of stealthy jamming, selective forwarding, or quality-of-service attacks [55].

Protocol Hardening: MAVLink Security

Protocol-level hardening is critical for widely deployed command-and-control standards such as MAVLink used by ArduPilot and PX4 systems. MAVLink historically prioritizes throughput and interoperability, and its lack of mandatory encryption makes it susceptible to man-in-the-middle and replay attacks. Adversaries can eavesdrop on telemetry streams or inject fraudulent control messages, including unauthorized return-to-home commands or kill-switch triggers. Proposed hardening approaches, including sMAVLink and MAVSec, introduce lightweight encryption and message authentication mechanisms, commonly based on designs such as ChaCha20 or RC5, along with signing schemes for command authenticity. These protections introduce nontrivial latency overhead on low-power embedded processors, and in constrained implementations, full signature verification can increase processing delay by up to 15%, potentially affecting real-time flight stability.

4.2. Edge Computing Security in UAV-MEC Networks

To process the vast amounts of data collected by large-scale swarms, modern architectures increasingly rely on UAV-assisted Mobile Edge Computing (UAV-MEC). While MEC reduces latency by offloading computation from the cloud to the network edge, it introduces significant data privacy and poisoning risks [56]. If a centralized MEC server is compromised, the integrity of the entire swarm’s collective intelligence is threatened.
In order to address these vulnerabilities, researchers are deploying Blockchain-based Federated Learning (UBFL) within UAV-MEC networks. UBFL allows UAVs to train machine learning models locally and share only encrypted gradient updates via decentralized smart contracts, completely eliminating the single point of failure inherent to centralized servers. By employing Random Cut Forest (RCF) anomaly detection alongside adaptive non-linear encryption, modern UBFL frameworks can identify and filter out malicious UAV nodes attempting data poisoning attacks, maintaining over 99.9% detection accuracy even when up to 30% of the swarm’s nodes are compromised.

4.3. Lightweight Cryptography

The stringent energy and computational constraints of UAV platforms limit the feasibility of traditional Public Key Infrastructure (PKI) approaches. As a result, research has shifted toward Elliptic Curve Cryptography (ECC) and lightweight symmetric ciphers, as well as broader Lightweight Cryptography (LWC) schemes that reduce cycles and energy costs in real-time settings.
Protocols such as ASCON and ChaCha20-Poly1305 provide authenticated encryption with substantially lower CPU cycles than AES in constrained environments. In addition, Chebyshev Chaotic Maps have been utilized to generate session keys that are computationally inexpensive to produce while leveraging chaotic non-linearity for resistance to adversarial inference [8]. Recent advancements also include identity-based multiproxy signatures (IBMPS), which allow a group of drones to sign messages on behalf of a ground station, supporting operational contexts where drones must authenticate intelligence without constant ground connectivity [57]. Complementary ECC-based three-factor authentication and key management protocols aim to prevent session key leakage in dynamic topologies, ensuring that compromise of a drone does not trivially expose past communications [58].
Within the IoD, preserving operator and mission anonymity can be as important as protecting data confidentiality. Privacy-preserving key agreement protocols incorporating forward unlinkability aim to ensure that even if a UAV’s long-term key is compromised, prior sessions remain secure and cannot be correlated to a specific user or mission. Concurrent two-party key exchange protocols exemplify this approach by enabling mutual authentication between drones and ground stations without revealing permanent identities, thereby reducing passive tracking risks [59]. Complementary edge-assisted authentication schemes further reduce onboard exposure by leveraging PUFs or lightweight XOR-based operations while offloading sensitive verification tasks, avoiding storage of long-term secrets on UAVs [60].
Anticipating future threats to classical cryptography, quantum-based communication mechanisms have been proposed for high-value missions. Authenticated secure quantum-based communication protocols rely on quantum entanglement to detect eavesdropping, since measurements inherently disturb quantum states. While currently impractical for small platforms, simulation-based studies suggest that quantum teleportation techniques could provide unconditional security for command-and-control links in specialized deployments [61].
In commercial delivery and logistics applications, forward unlinkability is also used to prevent reconstruction of customer identities or historical flight paths, even if communication logs or master secrets are compromised [62].

4.4. Identity Management and Remote ID (RID) Security

Remote Identification (RID), often described as a digital license plate, is mandated by regulatory bodies such as the FAA and EASA and requires the broadcast of identity and location information. However, standard RID protocols (e.g., ASTM F3411 [63]) transmit this data in plaintext, creating privacy risks for operators and security risks for sensitive infrastructure. Malicious actors can surveil RID broadcasts to track drone fleets or infer pilot locations, and attackers can spoof RID signals to create ghost drones and trigger false alarms in counter-UAS systems [64].
Recent work proposes privacy-preserving RID frameworks that aim to maintain compliance while reducing exposure. A2RID (Anonymous Direct Authentication and Remote Identification) uses mechanisms such as group signatures to enable authorization proofs without disclosing long-term identity [65]. To protect sensitive locations while still disclosing required information, recent work has proposed obfuscated location disclosure mechanisms in which coarse-grained coordinates are broadcast publicly while authorized entities retain the ability to recover precise positions. The OLO-RID framework exemplifies this approach by introducing a differential privacy mechanism that replaces exact location broadcasts with cryptographically obfuscated coordinates. This design satisfies ASTM F3411 requirements for situational awareness and collision avoidance while preventing precise tracking by unauthorized observers, thereby balancing regulatory compliance with operational privacy [66].

4.5. Physical Layer Security, ISAC, and Next-Gen Links

As drones operate in open RF environments, Physical Layer Security (PLS) offers an information-theoretic complement to cryptographic protection by exploiting channel randomness such as noise, fading, and interference. A central objective in PLS is maximizing secrecy capacity, which can be influenced through UAV trajectory and altitude selection to increase separation between legitimate and eavesdropping channels [67].
Accurate PLS design also depends on reliable channel modeling; for UAV-assisted networks, methodologies based on the degree of irregularity (DOI) have been proposed to bound path loss errors and improve implementation reliability [68]. Despite these advantages, PLS techniques often rely on accurate channel state information and environmental stability, which can be difficult to maintain in highly dynamic UAV deployments. As a result, PLS is most effective when integrated with higher-layer cryptographic mechanisms rather than deployed as a standalone defense.
UAV mobility further enables secrecy enhancement by positioning closer to legitimate receivers while increasing distance from potential eavesdroppers, though secrecy-driven trajectory adjustments can increase propulsion energy consumption and reinforce the Resource–Security Paradox [69]. For long-endurance missions where UAVs act as relays, designs incorporating Simultaneous Wireless Information and Power Transfer (SWIPT) have been evaluated, and analyses indicate that full-duplex relaying can improve secrecy by leveraging self-interference as artificial noise against eavesdroppers [70].
Physical-layer identification can also serve as a complementary authentication factor. The Drone-Mag framework analyzes electromagnetic emissions associated with motors and actuators, enabling identification and authentication even when digital identifiers are spoofed [71].
As the Radio Frequency spectrum becomes increasingly congested and contested, critical infrastructure UAV operations are expanding toward next-generation optical and dual-functional communication paradigms that offer both performance and concealment advantages. Integrated Sensing and Communication (ISAC) architectures employ shared waveforms for radar sensing and data transmission, reducing the hardware footprint while supporting security and covert communication perspectives. By embedding telemetry within radar pulses, analyses suggest that optimizing the sensing-to-communication power ratio can yield a positive covert rate, concealing the existence of the link from standard RF monitoring techniques [4].
For high-bandwidth backhaul, Free-Space Optical (FSO) links offer directional transmission and reduced susceptibility to casual interception, though performance can degrade under turbulence and platform motion. Continuous-Variable Quantum Key Distribution has been incorporated into UAV-based FSO systems to strengthen confidentiality, with experimental evaluations indicating that Gaussian modulation enables detection of eavesdropping attempts while key rates depend on accurate beam tracking under hover jitter and pointing instability [72].

4.6. Advanced Authentication and Zero-Trust

To address increasingly complex adversarial models, high-security UAV networks are moving beyond conventional key exchange toward Zero-Trust approaches that aim to authenticate entities without exposing sensitive credentials. Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (zk-SNARKs) enable a UAV to prove authorization without transmitting the credential itself, reducing the risk of interception and cloning [73]. When digital credentials are compromised, electromagnetic fingerprinting provides an additional layer of hardware-rooted authentication; Drone-Mag demonstrates identification accuracy exceeding 99% using operational side-channel emissions [71].

4.7. Delay-Tolerant and Relay Security

In disaster recovery and emergency response scenarios where infrastructure connectivity is unavailable, UAVs often rely on delay-tolerant networking and store-carry-forward relaying. This operational mode introduces a distinct security problem: custodian UAVs may retain sensitive data for extended periods before delivery links become available, increasing the consequences of physical loss or capture. Secure bundle protocols are therefore necessary to protect stored payloads during custody, and attribute-based encryption is commonly used to ensure that only authorized responders can decrypt mission-critical content, even if the relay UAV is compromised.

4.8. Low-Power Wide-Area Network (LPWAN) Security

For critical infrastructure inspection tasks such as pipeline monitoring in regions with limited cellular coverage, UAVs may rely on Low-Power Wide-Area Network (LPWAN) technologies, particularly LoRa, to support drone-to-drone communication. However, standard LoRaWAN protocols lack robust mutual authentication mechanisms, exposing these links to spoofing and impersonation attacks. To address this limitation, blockchain-based security frameworks have been adapted for UAV traffic management in LoRa-enabled environments. By embedding lightweight authentication signatures within LoRa payloads, UAVs can broadcast verifiable location updates to a distributed ledger, enabling collision avoidance systems to reject inconsistent or falsified trajectory data and improving trust in infrastructure-sparse environments [45].

4.9. Hardware and Cryptographic Deployment Limitations

While theoretical cryptographic models offer robust security, defending UAVs at the hardware and communication layers introduces severe operational penalties that directly contribute to the Resource-Security Paradox. Implementing onboard encryption directly on Radio Frequency (RF) modules decreases available bandwidth and significantly increases chip latency, while physical hardware isolation can cause multi-sensor confusion and induce dangerous temperature rises, paradoxically reducing the overall reliability of the UAV system [16].
At the cryptographic level, advanced defenses such as Post-Quantum Cryptography (PQC) algorithms demand substantial memory and CPU cycles [8]. These computational demands frequently exceed the capabilities of constrained commercial flight controllers. Consequently, the integration of these heavy cryptographic primitives creates latency bottlenecks that violate the strict real-time operational limits of UAV flight loops, proving that theoretical security models often fail under actual hardware deployment constraints.

5. AI, Autonomy, and Swarm Intelligence

Artificial Intelligence in the UAV domain acts as a double-edged sword: it is the primary enabler of autonomy and a novel attack surface. As drones evolve from single units to cooperative swarms, security must shift from protecting individual devices to preserving the integrity of collective learning, decision-making, and consensus.

5.1. AI Architectures for Edge Security

To detect attacks in real time, UAVs increasingly deploy AI models at the edge, analyzing both network traffic and physical sensor data for anomalies. This shift reflects a fundamental trade-off between detection accuracy, inference latency, and energy consumption under severe onboard resource constraints. Early deep learning approaches demonstrated the feasibility of learning-based intrusion detection; however, their computational overhead limited suitability for latency-sensitive autonomous operations. As a result, security frameworks are increasingly moving away from heavy, server-grade models toward lightweight deep learning architectures tailored for embedded deployment.
Recent implementations illustrate this transition through task-specific designs optimized for real-time operation. Vision models such as PVswin-YOLOv8s and EDGS-YOLOv8 integrate Swin Transformer modules into YOLO backbones to improve sensitivity to small targets (e.g., unauthorized drones) in cluttered urban environments while preserving low-latency performance [74]. Beyond perception, real-time telemetry monitoring has motivated hybrid anomaly detection architectures such as the Mamba-KAN-Liquid model, which emphasizes adaptive temporal modeling and low-power inference to support continuous onboard security analytics [46]. Collectively, these trends highlight a broader movement toward edge-native AI architectures that balance robustness and responsiveness in dynamic flight environments. To mitigate adversarial threats without incurring the high computational cost of retraining large models, recent architectural defenses have explored model-agnostic pre-processing strategies using lightweight attention-guided autoencoders. By positioning an Attention U-Net as a front-end filtering module that treats adversarial patches as occlusions, these approaches remove malicious visual artifacts before inference, recovering object detection performance with only an ≈4% increase in processing overhead. This enables practical adversarial resilience on resource-constrained edge UAV platforms [75].

State-of-the-Art Edge Architectures

While standard YOLO models provide effective baselines for general object detection, they often exhibit reduced sensitivity to micro-UAVs and small targets under complex backgrounds. Recent architectural innovations address these limitations through targeted modifications that align detection performance with operational constraints.
For infrared surveillance, the PHSI-RTDETR architecture introduces a patch-based attention mechanism that preserves fine-grained thermal features typically lost during aggressive downsampling. By fusing high-resolution shallow features with deeper semantic representations, this design improves the detectability of micro-UAVs measuring only a few pixels in width [76]. In the context of intrusion detection, traditional recurrent architectures struggle with high-frequency, non-stationary telemetry streams. The Mamba-KAN-Liquid hybrid model addresses this challenge by integrating Liquid Time-Constant networks with Kolmogorov–Arnold Networks, enabling adaptive neuron dynamics that scale with input complexity and mitigate concept drift without costly retraining [46]. This design achieves strong generalization to previously unseen attacks while significantly reducing inference latency relative to LSTM-based baselines.
Beyond sensing and monitoring, AI architectures increasingly support swarm-level decision processes. For delivery and logistics applications, the Attention-Based Pointer Network (A-Ptr-Net) embeds battery and failure constraints directly into its attention mechanism to solve the dynamic Vehicle Routing Problem. This enables cooperative UAV fleets to re-optimize trajectories when individual nodes fail, mitigating cascading energy depletion and mission disruption [77]. These examples illustrate how modern edge architectures are not isolated perception modules, but integral components of resilient autonomous systems.
Table 3 synthesizes state-of-the-art AI architectures optimized for the UAV edge, categorizing them by their specific security role and hardware suitability.

5.2. AI Architectures for Perception and Control

The selection of onboard AI models represents a foundational trade-off between perceptual fidelity and computational efficiency. Task-specific architectures are increasingly favored to balance these competing objectives under strict real-time and power constraints. For example, traffic monitoring systems employ models such as PVswin-YOLOv8s, designed to manage asymmetric spatial object distributions and mitigate frame-level occlusion through architectural attention mechanisms [78]. In contrast, anomaly detection tasks benefit from models such as the Mamba-KAN-Liquid hybrid architecture, which prioritizes temporal encoding efficiency and latency-sensitive telemetry analysis [46].
Learning-based methods further support trajectory prediction and state identification in dense airspaces. Multi-task frameworks using LSTM variants and radio transformer models such as MobileRaT jointly estimate operational states and near-term flight paths, strengthening situational awareness in high-density environments [80]. At higher autonomy levels, Large Language Models have been proposed as mechanisms for contextual reasoning and multimodal fusion, offering pathways to improved generalization beyond narrowly task-optimized pipelines. Such agents may support integrated sensing and communication by adapting control strategies to changing environmental conditions through semantic scene interpretation.
To improve adaptability under evolving threat conditions, genetic algorithms have been incorporated to optimize deep learning model parameters dynamically. GA-driven frameworks enable spoofing detection systems to evolve in response to changing attack intensities by adjusting sensitivity thresholds in real time, reducing false positives relative to static configurations [83]. Together, these approaches reflect a broader transition from static perception modules to adaptive, continuously learning control substrates.

5.3. Adversarial AI: The Attack Surface

Artificial Intelligence serves as the fundamental driver for UAV autonomy while simultaneously creating a complex attack surface targeting model behavior rather than traditional software or communication protocols. As UAV operations evolve from individual platforms to cooperative swarms, the security focus shifts toward maintaining the integrity of collective learning, distributed perception, and decision-making processes. These vulnerabilities arise from the gap between digital optimization during model training and the environmental variability encountered during physical deployment. Consequently, learning mechanisms and distributed intelligence become direct objectives for adversarial exploitation, leading to risks that can compromise entire missions through the manipulation of the perception-action cycle.

5.3.1. Evasion and Model Poisoning

The growing reliance on learning-based autonomy introduces new attack surfaces in which adversaries target model behavior rather than underlying software or communication protocols. In the digital domain, controlled gradient-based attack models have been used to quantify the extreme fragility of aerial perception pipelines, demonstrating that Projected Gradient Descent (PGD) perturbations can degrade disaster recognition accuracy from over 93% to nearly 21%, effectively neutralizing mission capability [82].
While digital adversarial attacks require direct access to the UAV’s data pipeline, physically realizable attacks pose a far more practical threat. Adversaries can deploy printable adversarial patches onto target surfaces in the physical environment, inducing erroneous outputs from the UAV’s onboard object detection models [26]. Defending against these requires high resilience, as the effectiveness of standard adversarial patches normally degrades under the high maneuverability, changing altitudes, and varying illumination characteristic of UAV flights.
However, emerging attack vectors, such as the Low-Frequency Robust Adversarial Patch (LFRAP), are able to bridge this digital-physical gap. By incorporating color, texture, and frequency feature optimizations, LFRAP adapts to dynamic 3D aerial imaging conditions and projection transformations, proving that UAV object detection pipelines can be consistently bypassed in the physical world without any cyber intrusion into the flight controller.
Further complicating this defense, recent studies have shown that the effectiveness of physical attacks is strongly altitude-dependent; patches optimized at a single scale rapidly lose potency as UAV height varies, motivating scale-adaptive adversarial optimization strategies that remain effective across wide flight envelopes (e.g., 25–120 m) [84].
Model poisoning represents a related threat, in which compromised UAVs inject adversarial updates into the aggregation process to bias or degrade global models. Lightweight robust training approaches such as FedULite address this vulnerability by pruning updates that deviate significantly from typical contributions, for example, based on cosine similarity, filtering malicious gradients without computationally expensive cryptographic verification [85].
Beyond visual perception, conventional jamming detection techniques relying on received signal strength indicators are insufficient against intelligent adversaries capable of emulating legitimate transmission patterns. Deep learning frameworks therefore leverage spectrogram-based representations, transforming Orthogonal Frequency-Division Multiplexing (OFDM) signals into time–frequency images that convolutional models can analyze to identify jamming strategies and guide adaptive countermeasures [31].

5.3.2. Inference Attacks and Model Stealing

In collaborative learning scenarios, particularly those based on Federated Learning, adversaries may target the training process itself. Malicious nodes can analyze shared gradient updates to reconstruct private training data, exposing sensitive imagery or operational context. To mitigate this risk, differential privacy mechanisms inject calibrated noise into gradients prior to sharing, limiting recoverability of raw data while preserving aggregate model utility [56].
Even in the absence of poisoning, inference attacks remain a concern, as repeated querying of deployed models can enable reconstruction of sensitive training data or approximation of proprietary architectures, facilitating downstream evasion. By repeatedly querying deployed perception systems and observing confidence outputs, attackers can train surrogate models approximating proprietary onboard algorithms. Once extracted, these shadow models enable offline optimization of adversarial inputs, significantly increasing the reliability of downstream physical evasion strategies.

5.4. Swarm Intelligence Security: Trust and Consensus

As UAV systems transition from isolated platforms to cooperative swarms, the security objective shifts from protecting individual devices to preserving the integrity of distributed perception, coordination, and decision-making. In cooperative environments, a single compromised node can disrupt mission execution by manipulating collective trajectory planning, degrading coverage guarantees, or inducing unsafe maneuvers. Because cryptographic authentication validates identity and message integrity but cannot determine whether a node’s behavior aligns with mission objectives, swarm security must address unique emergent risks before applying standard consensus protocols.

5.4.1. Emergent Failure Modes in Swarm Dynamics

Unlike conventional network threats that target protocol integrity (e.g., packet injection), swarm-specific threats exploit the behavioral coupling between agents. In these scenarios, a compromised node executes behavioral malware—compliant operational actions designed to trigger cascading failures in the collective logic without triggering cryptographic alarms.
A primary example is Trajectory Poisoning in leaderless swarms. As detailed in bearing-only formation control research, UAVs often rely on relative angular measurements to maintain cohesion [86]. An adversary can introduce subtle, progressive deviations in a single drone’s flight path. Because neighboring UAVs automatically adjust their positions to maintain formation rigidity, this error propagates through the flock, potentially causing the swarm to drift off-course or collide with terrain—all while maintaining valid authentication keys.
Similarly, the Lazy Node problem represents a resource-exhaustion cascade. Here, a compromised node formally participates in consensus and accepts task assignments but refuses to execute physical tasks [87]. This forces legitimate neighbors to expend excess battery power re-verifying redundant tasks and compensating for the workload, effectively draining the swarm’s collective endurance via algorithmic exploitation rather than signal jamming. These failures represent emergent risks where the vulnerability lies in the cooperative algorithms rather than the communication stack.

5.4.2. Dynamic Trust and Reputation Management

To mitigate emergent behavioral threats that encryption cannot detect, swarm security relies on Dynamic Trust and Reputation Management (DTRM). DTRM systems assign continuous trust scores to neighboring UAVs based on observable behavior, such as packet delivery rates, telemetry consistency, and task execution history.
State-of-the-art frameworks, such as Group Decision-Making based Dynamic Trust Management (GDM-DTM), employ subjective logic to quantify this trust [87,88]. Instead of a binary trusted/untrusted status, these systems calculate belief, disbelief, and uncertainty values for each node, enabling the swarm to make consensus decisions even in noisy or partially observable environments. When a node’s reputation score falls below a defined threshold (e.g., due to lazy behavior or trajectory deviation), it is logically isolated from the consensus process, allowing the swarm to “heal” itself by ignoring the malicious actor without requiring human intervention.
Beyond trust scoring, cooperative swarms remain vulnerable at the coordination layer, particularly in leader-based architectures which are susceptible to Sybil attacks during leader election. Adversaries may generate multiple identities to outvote legitimate UAVs and manipulate mission outcomes. Salted Temporal Key (STK) schemes mitigate this risk by binding voting eligibility to physical flight trajectory history, ensuring that a single UAV cannot generate multiple valid identities to influence the swarm [28].

5.4.3. Decentralized Consensus and Learning Integrity

To support high mobility, frequent membership changes, and the absence of persistent infrastructure, swarms increasingly rely on decentralized trust anchors. Salted Temporal Keys provide time-based, non-interactive key generation mechanisms that enable rapid joining, re-authentication, and dynamic isolation of malicious participants while preserving forward secrecy [28]. By eliminating repeated handshakes, STK-based schemes reduce coordination latency and enable self-healing consensus without continuous ground station involvement.
An emerging direction integrates blockchain with federated learning to reduce dependence on centralized aggregation servers. In decentralized learning frameworks, model updates are treated as verifiable transactions, with smart contracts that enforce consensus rules designed to prevent poisoned updates from corrupting the global model [89]. Although decentralization improves resilience, shared gradients may still leak sensitive information. In UAV–mobile edge environments, differential privacy combined with blockchain infrastructure injects calibrated noise into updates to mitigate inference attacks while preserving learning accuracy [56].
For large-scale industrial fleets, lightweight blockchain services further support decentralized authentication by managing UAV identity lifecycles through smart contracts. This enables peer-to-peer verification without centralized certificate authorities and reduces authentication latency during time-critical missions [90].

6. Cross-Cutting Defense: Physical Resilience and Forensics

Certain threats and defenses span across all layers of the stack. This section addresses the integrity of navigation, the subtle corruption of mission data, and the legal requirements for post-incident analysis. Before detailing these specific physical and forensic challenges, it is necessary to synthesize the security mechanisms deployed across the system architecture. Table 4 summarizes representative security mechanisms proposed for UAV systems across hardware, network, swarm, privacy, and forensic layers. It highlights lightweight cryptography, swarm authentication, physical-layer identification, privacy-preserving Remote ID, and tamper-resistant logging solutions discussed in Section 3, Section 4 and Section 5. Complementing this functional overview, Table 5 provides a system-level cost–benefit analysis. It explicitly maps these defense mechanisms against their computational overhead, decentralization requirements, and specific security guarantees, illustrating the operational trade-offs inherent to the Resource–Security Paradox.

6.1. Navigation Security (GNSS Denial/Spoofing)

Global Navigation Satellite System (GNSS) spoofing remains a primary and prevalent threat to UAVs. Attacks range from simple jamming to complicated Meaconing (recording and replaying legitimate signals with a delay). In these scenarios, adversaries transmit falsified satellite signals to hijack a drone’s navigation and induce unsafe behavior.
Since critical infrastructure UAVs cannot easily accommodate the weight and power demands of extra hardware (such as multi-receiver arrays), recent defenses have shifted toward lightweight, data-driven Machine Learning (ML) algorithms [104]. These learning-based detection frameworks analyze time-series properties of GNSS signals. For example, Genetic Algorithm-optimized LSTM-based approaches monitor features such as Carrier-to-Noise density ( C / N 0 ) and Doppler shifts to classify anomalies as spoofing attempts and trigger fallback to inertial navigation [83]. Genetic Algorithms (GAs) are also used to dynamically tune detection thresholds to balance false alarms and missed detections across changing electromagnetic conditions.
To achieve near-perfect detection, state-of-the-art defenses now utilize stacked ensemble learning models to extract high-level features from these complex signals. A recent CNN-XGBoost ensemble model utilizing the Synthetic Minority Oversampling Technique (SMOTE) achieved 99.79% accuracy in detecting spoofed GPS data [105]. Similarly, the PCA-CNN-LSTM architecture has demonstrated a 99.49% accuracy rate by combining principal component analysis with sequential memory tracking [106]. Furthermore, to enhance robustness against sophisticated generative spoofing, researchers are increasingly integrating non-RF data; for instance, cross-referencing GPS coordinates with real-time geomagnetic field strength anomalies allows UAVs to detect positional deviations without requiring external network connectivity.

6.2. From Cyber Failure to Physical Catastrophe (Scenario-Level Threats)

Security breaches affecting UAVs in critical infrastructure rarely remain confined to the digital domain. Manipulation of altitude data through barometric spoofing, for example, can directly result in terrain collisions in mountainous regions or unauthorized intrusion into controlled airspace in dense urban environments [48]. These incidents illustrate how cyber-induced data corruption can rapidly propagate into physical hazards with severe safety and regulatory implications.
In this context, the freshness of information exchanged between UAVs and surrounding systems is a decisive factor for physical safety. The Age of Information (AoI) metric quantifies the timeliness of state updates, such as vehicle position or velocity, and is particularly relevant in collision-avoidance scenarios. When jamming or interference causes AoI to exceed critical thresholds, the UAV’s ability to react to dynamic obstacles degrades, leading to reduced accident-prevention performance [107]. Furthermore, the pursuit of ultra-reliability creates a bottleneck in time-sensitive missions. Hardware security implementations, such as Radio Frequency Identification (RFID) combined with PUF, have been shown to introduce execution delays nearing 16,000 microseconds [34]. When integrated into computation offloading models, these delays compound with task partitioning requirements, where increased reliability settings force task redundancy that consumes scarce bandwidth and computational resources, ultimately lowering the system’s total task admission rate [108].
Among the most severe scenario-level threats are attacks that compromise spatial awareness through altitude manipulation and position drift. By falsifying barometric or ultrasonic altimeter readings, an adversary can coerce unintended climbs or descents, producing immediate collisions with terrain or structures in constrained environments. Conversely, forcing operation at illegally high altitudes can interfere with manned aviation and degrade onboard vision performance, ultimately causing mission failure [109]. Position drift can be induced more gradually by exploiting motion-dependent errors in Inertial Navigation Systems (INS), where slow, consistent bias injection may evade anomaly detection while still producing substantial trajectory errors over time. These slow-drift bias injections can culminate in collisions with sensitive assets such as power transmission lines or wind turbines [110,111].
Table 5. System-level comparison of security mechanism trade-offs in UAV systems.
Table 5. System-level comparison of security mechanism trade-offs in UAV systems.
MechanismLayerThreat FocusOverheadDecentralizationKey Trade-Off
ASCON/ChaCha20 [11,15,16]CryptoTelemetry eavesdropping; command tamperingLowCentralizedSpeed and energy efficiency vs. cryptographic margin.
ECC-256 [36,59]CryptoKey compromise; impersonationMediumCentralizedStrong security guarantees vs. handshake latency.
Quantum-safe authentication [61,112]CryptoPost-quantum attacksHighCentralizedLong-term resilience vs. hardware maturity and deployment cost.
Salted Temporal Keys (STK) [28,88]SwarmByzantine behavior; Sybil attacksMediumHigh (leaderless)Self-healing authentication vs. convergence delay.
Group Decision-Making based Dynamic Trust Management [48,87]SwarmLazy nodes; behavioral evasionMediumHybridTrust accuracy vs. memory and update overhead.
SDN-Based Network Deception [46,53]NetworkJamming; node isolationLowCentralizedGlobal visibility vs. single-point-of-failure risk.
Decentralized Auditable Logging [29,102]ForensicsLog tampering; evidence repudiationHighHigh (blockchain)Auditability and traceability vs. storage and bandwidth cost.
The consequences of the Resource-Security Paradox extend beyond battery depletion to immediate physical safety risks caused by computational latency. High-assurance security protocols introduce execution delays that can interfere with real-time control loops. For instance, specific implementations of combined RFID and PUF authentication have been shown to incur execution times nearing 16,000 microseconds. In high-velocity collision avoidance scenarios, such security-induced latencies can exceed the safe response window, meaning that too much security can paradoxically cause physical mission failure by preventing timely evasive maneuvers.

Scenario-Level Threats: Stealthy Data Integrity and Logic Attacks

Physical attacks can manifest as subtle drifts in sensor data that evade threshold-based detection. These attacks target mission logic rather than software code, forcing unsafe states (e.g., collisions) while systems appear nominal. Beyond immediate crashes, advanced adversaries may seek to bias mission data collection over time. For example, in environmental monitoring, an attacker can inject subtle noise into ship emission monitoring sensor readings, gradually training backend models to accept higher pollution levels as normal, thereby bypassing enforcement without triggering immediate alarms. Defending against this class of threats requires semantic consistency checks in which sensor readings are cross-referenced with visual feeds to validate anomalies [110].

6.3. Digital Forensic Readiness (DFR)

In critical infrastructure incidents involving UAVs, distinguishing between cyber-induced sabotage and mechanical or environmental failure is legally pivotal. Determining liability requires evidence that satisfies forensic soundness and admissibility standards. Traditional flight logs stored on removable media, such as proprietary. DAT files, lack a verifiable and tamper-resistant chain of custody, rendering them vulnerable to manipulation and limiting their probative value in legal proceedings [32]. These limitations motivate DFR architectures, which emphasize the proactive preservation of evidentiary data and the maintenance of verifiable provenance across the UAV operational lifecycle.
Unlike traditional IT forensics, UAV forensic investigations face additional challenges, including data volatility, proprietary logging formats, constrained onboard storage, and the risk of physical destruction during incidents. Recent forensic frameworks therefore distinguish between post-mortem forensics, which relies on physical extraction from recovered hardware, and live forensics, which captures volatile artifacts such as network traffic, telemetry anomalies, and signal-level manipulation during flight. Live forensic mechanisms are particularly critical for preserving evidence of ephemeral attacks, such as GPS meaconing or command injection, that may leave no persistent trace in onboard storage yet have decisive operational consequences [32].

Immutable Logging Architectures

To address evidence tampering and retrospective log manipulation, current research prioritizes immutable and forward-secure logging infrastructures. The DASLog framework exemplifies this direction by organizing flight log entries into Merkle Trees and periodically anchoring root hashes to a permissioned blockchain [29]. This construction provides forward integrity, ensuring that even if a UAV is captured and cryptographic keys are later compromised, historical logs cannot be retroactively altered without invalidating the ledger.
By cryptographically binding command sequences, system events, and telemetry records to an immutable audit structure, decentralized logging architectures enable mathematically verifiable reconstruction of mission timelines. This capability allows investigators to validate when commands were issued, how onboard states evolved, and whether anomalous behavior aligns with cyber manipulation or mechanical malfunction. As a result, such architectures directly support chain-of-custody requirements and strengthen the legal admissibility of UAV-derived digital evidence in critical infrastructure investigations [29,32].

6.4. Deployment Assessment and Failure Analysis of Defense Mechanisms

A critical limitation in contemporary UAV security research is the over-reliance on idealized software simulations, which often mask the practical challenges of deploying defenses on real, resource-constrained UAV systems. To accurately assess which defense methods are truly effective against real-world attacks, it is necessary to evaluate their deployment readiness—distinguishing between offline simulations, Hardware-in-the-Loop (HITL) emulation, and real-platform flight tests—as well as their empirical failure modes.
A comprehensive evaluation of the practicality and effectiveness of state-of-the-art UAV defense mechanisms requires a comparison of their empirical performance metrics alongside their deployment readiness. Table 6 provides a detailed comparative analysis mapping specific defense mechanisms to their target attack types, computational and energy costs, detection accuracy (or security strength), and current deployment readiness. Evaluating energy consumption is essential due to the Resource-Security Paradox inherent in critical infrastructure UAVs; for example, lightweight hardware-rooted schemes like USAF-IoD [15] execute in approximately 5.16 ms, whereas hybrid AI models like SecureDrone [36] consume 42.5 mJ. Furthermore, the deployment readiness metric highlights a significant technical challenge: the sim-to-real gap. While models like Mamba-KAN-Liquid (MKL) [46] achieve a 94.5% F1-score in simulated environments and GDM-DTM [87] maintains 85.04% accuracy under high malicious node ratios, many deep learning models experience catastrophic failure when transitioned to real-world datasets. For instance, Deep Convolutional Attention (DCA) models drop to a 21% F1-score during cross-dataset validation, emphasizing the critical need for transitioning defenses from software simulations (e.g., ONE Simulator, NS2) to hardware-in-the-loop and real-world testbeds like Amazon EC2-backed DASLog deployments [29].
One of the most prominent deployment hurdles is the sim-to-real gap observed in Artificial Intelligence (AI)-based Intrusion Detection Systems (IDS). While models such as the Deep Convolutional Attention (DCA) network report near-perfect accuracy (>99%) on simulated or generic IoT datasets, comprehensive failure analyses reveal catastrophic performance degradation during cross-dataset validation on real drone telemetry. For instance, when evaluated on the Tokyo Drone Communication dataset, DCA models plummeted to a 21% F1-score and 18% precision, proving that many AI defenses overfit to synthetic packet structures and fail to generalize to the multi-rate, low-level command messages of actual UAV telemetry. Furthermore, unsupervised anomaly detection models frequently suffer from threshold drift; when a UAV dynamically changes flight modes or activates a payload, telemetry characteristics shift, causing false-positive rates to spike from 1% to 9%, which can trigger unintended fail-safe landings during critical missions [11].
In contrast, recent cryptographic and trust-based mechanisms have begun to demonstrate practical viability through real-world hardware deployments. For example, the MAVShield cipher was successfully deployed on a real drone testbed utilizing a Pixhawk Cube Orange+ flight controller and ArduPilot. Empirical assessments proved its practicality, showing it incurred only a 12.92% battery overhead and 1.03% CPU load while successfully thwarting over-the-air Man-in-the-Middle (MITM) attacks [113]. Similarly, the Salted Temporal Key (STK) scheme for swarm security validated its operational stability by deploying directly onto Raspberry Pi 3 modules integrated into actual UAV airframes [28].
Despite these successes, advanced security paradigms still face significant practical failure modes. Post-Quantum Cryptography (PQC) algorithms, such as Classic McEliece, demand public key sizes exceeding 100 KB, creating storage and transmission bottlenecks that render them currently undeployable on small UAVs [8]. Even highly optimized deep learning models designed for UAVs, such as the Mamba-KAN-Liquid (MKL) architecture, which achieves a 47.3 ms inference latency suitable for real-time processing, acknowledge critical deployment limitations due to a lack of in-flight HITL testing against atmospheric turbulence and real-world sensor degradation [46].
To synthesize these findings, Table 6 provides a comprehensive comparative analysis of state-of-the-art defense mechanisms, evaluating their empirical costs, current deployment readiness, and known failure modes to guide future practical implementations.

6.5. Deployment Challenges: The Sim-to-Real Gap and Empirical Failures

A critical limitation in contemporary UAV security research is the over-reliance on idealized software simulations, which often mask the practical challenges of deploying defenses on real, resource-constrained UAV systems.
While many recent studies claim near-perfect accuracy (e.g., >99%) for Deep Learning-based Intrusion Detection Systems (IDSs), these results can be misleading, as they often rely on outdated or generic network datasets or synthetic training environments [11]. This creates a persistent “sim-to-real gap,” where AI models trained on simulated aerial datasets fail to capture natural noise and environmental variability, leading to brittleness under operational conditions.
These general-purpose datasets lack crucial drone-specific features, including MAVLink protocols, 5 GHz control signals, GPS epochs, and PWM periods, all of which are essential for accurately modeling UAV telemetry.
Empirical failure analyses further highlight the dangers of this covariate shift, where models trained in controlled environments fail to generalize reliably under real-world UAV operating conditions. These limitations manifest as degraded detection performance and unstable behavior when exposed to realistic telemetry variability.

6.5.1. The Telemetry and Network Data Shift

This sim-to-real gap is particularly pronounced in telemetry and network monitoring. AI models frequently overfit to general TCP/UDP packet structures in lab settings and fail to generalize to the multi-rate, low-level command messages of actual UAV telemetry (e.g., MAVLink protocols, 5GHz control signals, GPS epochs). Empirical failure analyses highlight the dangers of this covariate shift. For instance, when the Deep Convolutional Attention (DCA) network was evaluated via cross-dataset validation on the Tokyo Drone Communication dataset, its performance plummeted to a 21 % F1-score and 18 % precision. Furthermore, unsupervised anomaly detection models frequently suffer from threshold drift; when a UAV simply changes its flight mode or activates a payload camera, the resulting shift in telemetry characteristics can cause false alert rates to spike unexpectedly from 1 % to 9 % , potentially triggering unintended fail-safe landings during critical missions.

6.5.2. Visual Perception and Environmental Degradation

Beyond telemetry, the sim-to-real gap heavily impacts visual perception pipelines. Field experiments demonstrate that specific object detection architectures (e.g., YOLOv3) trained purely on synthetic datasets generated via simulation suites (such as Presagis or Unity) can suffer performance degradations of up to 35 % when deployed on real aerial imagery like the UAVDT dataset [114]. Although this degradation metric is not universally generalizable, it highlights that the magnitude of the sim-to-real gap is strongly dependent on the chosen simulation environment, its fidelity in approximating real-world conditions, and the structural complexity of the target dataset. The exact degradation depends heavily on the specific model architecture, the dataset shift, and the domain adaptation techniques employed. Therefore, while these figures highlight the critical operational impact of inadequate sensor realism, this severe sim-to-real gap does not apply universally to all AI frameworks or deployment cases. These perception models degrade under physical adversarial conditions where minor illumination changes, motion blur, or color distortions trigger disproportionate performance loss. Adversaries can intentionally weaponize this gap by crafting physical-world perturbations, such as camouflage or adversarial patches, that exploit the predictable weaknesses of simulation-trained models to evade detection [26].

6.5.3. Live-Fire Hardware and Protocol Failures

Evaluating deployment readiness requires distinguishing between offline software simulations (e.g., NS2, ONE Simulator), Hardware-in-the-Loop (HITL) emulation, and real-platform flight tests [29]. Live-fire testing reveals the effectiveness of low-cost empirical attacks against deployed systems that bypass theoretical defenses. For example, Broadcast Remote ID implementations have been successfully spoofed using inexpensive software-defined radio hardware, injecting “ghost drones” through unencrypted Wi-Fi Beacon frames [64]. Similarly, protocol-aware jamming techniques that exploit frequency-hopping command links can neutralize commercial quadcopters using minimal transmit power, evading conventional RF energy detection mechanisms entirely [115].
To accurately assess which defense methods are truly effective against real-world attacks, Table 6 provides a comprehensive comparative analysis of state-of-the-art defense mechanisms. It maps specific defenses to their computational costs, empirical failure modes, and current deployment readiness, highlighting the critical need to transition from software simulations to hardware-in-the-loop and fully real-world testbeds.

7. Application-Level Use Cases: Critical Infrastructure Domains

The abstract vulnerabilities discussed in previous sections manifest differently depending on the operational domain. A denial-of-service attack that merely delays a package delivery in logistics could prove fatal in an urban air mobility scenario. This section analyzes the threat surfaces unique to six critical sectors. To visualize this heterogeneity, Figure 4 maps the unique threat vectors affecting each sector. While all UAVs share the central constraint of the Resource–Security Paradox (balancing energy against defense), the external attack surface varies drastically by mission. For instance, Smart Agriculture operations prioritize data integrity to prevent subtle yield estimation errors (’Wolf in Sheep’s Clothing’ attacks), whereas Military and Defense missions prioritize physical resilience against capture and signal jamming. Emergency Response, conversely, demands minimized authentication latency, as complex security handshakes can cause fatal delays in communication-denied environments.
Table 7 maps technical threats to their concrete operational consequences across critical infrastructure sectors, highlighting how cyber-physical failures translate into economic, safety, and mission impacts.

7.1. Smart Agriculture: Ensuring Economic Integrity

In Precision Agriculture (PA), the primary security objective is protecting the integrity of economic decision-making rather than merely safeguarding the physical UAV platform. Agricultural UAVs increasingly drive high-stakes operational logic, including irrigation planning, fertilization scheduling, and harvest timing. Consequently, the dominant threat in this domain is not a visible system failure, but a stealthy sensor data poisoning attack, in which adversaries subtly manipulate spectral sensing pipelines to corrupt downstream analytics while preserving the appearance of normal operation [16].
If an attacker alters GPS timestamps, sensor metadata, or hyperspectral calibration parameters, backend yield prediction and crop health models may generate systematically false recommendations. Such integrity violations can propagate across farm management systems, leading to the widespread application of incorrect pesticides, mistimed irrigation, or missed harvest windows. The resulting consequences extend beyond localized crop loss, posing substantial financial risks and potential disruptions to food supply chain stability [33].

7.1.1. Crop Health Assessment and Yield Estimation

Modern agricultural UAVs utilize multi-modal sensing, including RGB, multispectral, and hyperspectral imaging, to monitor plant vigor and detect anomalies at early stages [33]. Advanced AI-driven frameworks, such as hybrid CNN-ViT models, have achieved high accuracy in detecting early-stage diseases like stem rust in wheat and leaf spot in maize. Hyperspectral imaging enables the identification of biochemical changes before visual symptoms appear, supporting targeted intervention. UAV-based photogrammetry and vegetation indices (e.g., Normalized Difference Vegetation Index (NDVI)) are also used to estimate crop height and biomass in challenging terrains, such as hilly regions [117]. These spectral predictions are increasingly transferable across trial locations and seasons, providing yield forecasting benefits [118]. Beyond crop monitoring, UAVs equipped with Convolutional Neural Networks (CNNs) support automated animal detection and counting in expansive agricultural environments [119].

7.1.2. Security Risks and Data Integrity

Yield prediction pipelines that rely on precise spectral indices, including hyperspectral imaging for stem rust detection [33] and maize yield estimation [117], can be undermined by subtle manipulation of upstream metadata and sensing conditions. For instance, spoofed GPS timestamps or altered calibration parameters can propagate into backend analytics and distort operational decisions such as harvest timing or disease response.
In addition, agricultural drones often operate in infrastructure-free zones with limited cellular coverage, where UAVs may serve as mobile sinks or relays for Internet of Things (IoT) sensor networks [16,120]. In such settings, security must remain lightweight and delay-tolerant to prevent rogue sensors or nodes from injecting false soil moisture or environmental data. More broadly, agricultural UAVs remain vulnerable to cyber-physical threats that target the perception–decision–action cycle, including attacks on sensing pipelines and unauthorized access to stored sensing data [120]. The shift toward IoD frameworks further introduces risks of unauthorized control and malicious task manipulation [121]; if the decision-making logic of an autonomous swarm is compromised, an attacker could trigger incorrect irrigation or fertilization schedules with substantial economic and environmental consequences.

7.2. Energy Infrastructure: Grid, Wind, and Solar

The energy sector has increasingly adopted UAV technologies for the autonomous monitoring of power grids, wind farms, and photovoltaic (PV) systems to reduce inspection costs and improve operational safety [1].
UAVs are standard tools for inspecting power transmission lines and district heating networks, where the integrity of sensor data feeds directly into operational decisions and system representations. A recurring concern is the role of the digital twin, a virtual replica updated by UAV-collected data, as a high-value target for data integrity manipulation.

7.2.1. Secure Air-Ground Data Handover

The integration of UAVs into smart grid operations introduces a critical trust boundary between aerial platforms and ground-based supervisory control and data acquisition (SCADA) systems. To mitigate the risk of compromised drones acting as pivot points into operational networks, recent architectures adopt a zero-trust handover model centered on data mediation rather than direct system access.
In this model, UAV inspection data are first uploaded to a Dynamic Digital Twin (DDT) hosted at the network edge. The DDT functions as a semantic sandbox, performing physics-based and contextual consistency checks, for example, verifying whether a reported thermal anomaly aligns with expected load currents or historical degradation patterns. This approach acts as a semantic firewall, filtering falsified sensor data introduced by stealthy data integrity attacks before information is committed to operational databases [116].
Maintaining Ultra-Reliable Low-Latency Communication (URLLC) during this handover requires careful management of security overhead. Reliability-oriented offloading strategies employ Deep Reinforcement Learning (DRL) to partition security tasks across aerial and ground resources. Computationally intensive verification procedures are offloaded to ground-based MEC infrastructure or Low Earth Orbit (LEO) satellite links, while UAVs retain only lightweight signature generation and data packaging. This division preserves security assurances without compromising the battery reserves required for safe return-to-home maneuvers [122].

7.2.2. Thermal Inspection and Heating Grids

Beyond electrical transmission systems, UAVs play a critical role in monitoring district heating networks. UAVs equipped with radiometric thermal cameras are increasingly used to detect insulation leaks in underground pipelines, a task that requires processing high-variance thermal data rather than visually distinct features. Recent frameworks integrate thermal inspection outputs into Dynamic Digital Twins, enabling the system to differentiate persistent infrastructure faults from transient environmental heat signatures, such as parked vehicles or surface-level heat sources [1].

7.2.3. Monitoring of Power Grids, Wind, and Solar Assets

UAVs equipped with thermal, RGB, and LiDAR sensors support inspection across diverse energy assets. In the renewable energy sector, they are used for hot-spot detection in PV panels and structural anomaly identification in wind turbine blades. Recent trends emphasize digital twins and edge-AI for real-time processing, enabling predictive maintenance. For large-scale transmission grids, UAVs enable high-frequency monitoring of power lines, including difficult terrains and BVLOS missions. Near-field passive wireless sensing also supports non-contact structural health monitoring of substation infrastructure.
Thermal inspection workflows illustrate the data-integrity risk: if an adversary intercepts a video downlink and injects looped footage of healthy components, maintenance actions can be misdirected, increasing the likelihood of undetected degradation [1]. To mitigate integrity risks at the data-model interface, Dynamic Digital Twins integrated with Federated Learning have been proposed to verify UAV data against historical patterns without exposing sensitive infrastructure maps to public interfaces [116].
Power line inspection pipelines increasingly rely on deep learning models (e.g., YOLOv8) to automate detection [123]. These perception dependencies also introduce susceptibility to adversarial conditions, including manipulations that degrade detection or avoidance behavior.

7.2.4. Cooperative Coverage and Resource Allocation

As inspection missions grow in scale and complexity, cooperative multi-UAV swarms are deployed to extend coverage and maintain network connectivity. In ultra-dense networks where UAVs operate as small-cell base stations, game-theoretic mechanisms are used to manage interference and energy efficiency [24]. Scheduling and coordination must also account for energy limits and task urgency to optimize return-to-base maneuvers in communication-constrained environments.

7.2.5. Resilience Under Adversarial Conditions

Protecting energy infrastructure requires security mechanisms that can authenticate friendly drones and detect malicious manipulations under operational stress. Physical-layer fingerprinting approaches (e.g., Drone-Mag) leverage electromagnetic emissions to distinguish friendly UAVs, including between identical models [71]. Reliability-oriented frameworks employ machine learning models to assess feasibility under adverse conditions and to distinguish sensor noise from adversarial injection [48]. Fault diagnosis and prognosis (FDP) methods are also used to maintain resilience under threats such as GNSS spoofing and jamming, including during mission-critical inspections.

7.3. Logistics, Warehousing, and Manufacturing

The application of UAVs in the industrial sector spans indoor intralogistics (inventory and warehousing) and outdoor facility digitization (infrastructure inspection). In both contexts, the shift from manual operation to autonomous workflows introduces cyber-physical dependencies that alter threat exposure.
Two recurring threat patterns arise across these settings: GPS-denied navigation vulnerabilities in indoor environments and route or optimization manipulation in outdoor delivery and facility-scale operations.

7.3.1. GPS-Denied Indoor Navigation and Positioning

Warehouse operations require precise localization in GPS-denied environments. Marker-based and vision-centric approaches remain common. Collaborative aerial–ground systems have been proposed in which a UAV follows a ground vehicle (UGV) using ArUco markers, leveraging the UGV for heavy computation while the drone performs inventory scanning [22]. Similarly, supervised learning models using virtual fiducial markers have been applied to indoor positioning and product counting [23]. These approaches, however, introduce visual spoofing risks, where the placement or manipulation of markers can misdirect navigation.
Reliance on pure visual odometry (SVO) further increases sensitivity to camera resolution and frame frequency; degradation can trigger localization drift and collision risk [124]. Alternatives such as mapless navigation via RFID stigmergy reduce visual dependence but introduce new spoofing vectors through manipulated RFID signals [125].

7.3.2. Blockchain-Enabled Supply Chain Traceability

As warehousing and manufacturing ecosystems increasingly align with Industry 4.0 paradigms, data integrity becomes a central requirement for preventing inventory fraud, counterfeiting, and unauthorized product injection. UAV–blockchain architectures have been proposed in which drones scan physical identifiers, such as QR codes or tags, and commit hashed inventory updates to immutable ledgers. This design enables end-to-end traceability while reducing reliance on centralized inventory databases that represent single points of failure [126].

7.3.3. Swarm Coordination and Physical Safety

High-throughput distribution centers increasingly rely on multi-UAV task allocation and coordination strategies to maximize operational efficiency and throughput [127]. In these human–robot collaborative environments, kinetic risks such as falling payloads and mid-air collisions are critical safety concerns. These risks can be significantly amplified if swarm coordination or scheduling infrastructure is compromised, leading to unsafe maneuvers or loss of formation control [128].
Beyond indoor operations, UAVs are widely used for facility digitization and distribution optimization. Photogrammetric reconstruction supports digital twin modeling of industrial assets for damage assessment and lifecycle monitoring [129], while large-scale optimization models plan aerial routes and parcel-handling infrastructure [130]. These workflows introduce exposure to manipulation of optimization inputs, where falsified demand signals or task assignments can induce inefficient routing, increased energy consumption, and premature battery depletion. Such behavior aligns with Economic Denial of Sustainability (EDoS) dynamics observed in logistics systems [131]. Delivery routing approaches based on attention-driven models further illustrate the dependency of swarm efficiency on the integrity of optimization data and decision logic [77].
At swarm scale, authentication latency becomes a limiting factor, as per-link cryptographic handshakes impose nontrivial overhead. Batch authentication schemes address this constraint by aggregating multiple signatures for amortized verification. Lightweight elliptic-curve-based approaches demonstrate sub-second verification of dozens of neighboring signatures, enabling dynamic isolation of compromised nodes without destabilizing swarm formation [132]. Formation integrity also depends on trustworthy positional and task information. Blockchain-enabled formation control architectures record target coordinates as ledger transactions and apply consensus validation to prevent compromised nodes from poisoning formation geometry or task execution [133].
When swarms operate without continuous Ground Control Station connectivity, delegated signing authority becomes necessary to sustain authenticated mission updates. Identity-Based Multi-Proxy Signature schemes allow a proxy group of UAVs to sign and validate mission directives while limiting key exposure in capture or compromise scenarios [57].

7.3.4. Insider Threats in Industrial Deployments

Logistics and warehouse UAVs are particularly vulnerable to physical insider threats, where maintenance personnel or supply chain vendors introduce malicious components during routine servicing. In such scenarios, counterfeit batteries or flight controllers containing hardware Trojans may be installed without immediate detection. To mitigate this risk, blockchain-based supply chain trust models associate each replacement component with a digital twin recorded on a distributed ledger. Before accepting a new hardware module, the UAV operating system verifies the component’s provenance and integrity history against the ledger, preventing unauthorized or compromised parts from being integrated into operational systems [42].

7.3.5. Secure Integration with Industrial Control Systems

Integrating aerial sensing platforms with legacy industrial control systems introduces a high-risk interface between information technology and operational technology domains. Directly feeding UAV sensor data into SCADA or control loops exposes critical infrastructure to data injection attacks capable of triggering unsafe system responses or cascading failures. Secure architectures therefore require an intermediate Dynamic Digital Twin that acts as a semantic buffer between the aerial edge and the control network. UAVs upload sensor data to the digital twin environment, where physics-based consistency checks are applied before validated information is propagated to the industrial control system. This design effectively preserves the air gap while enabling operational insight from aerial sensing [116].

7.4. Transportation and Smart Cities

As the industry moves toward eVTOLs (electric Vertical Take-Off and Landing) and air taxis, safety requirements shift from mission-critical to life-critical. The integration of UAVs into Intelligent Transportation Systems (ITSs) enables flexible, scalable alternatives to fixed sensing infrastructure, supporting real-time traffic management and infrastructure monitoring [134,135].

7.4.1. UAV-Based Traffic Monitoring and Management

Swarms of drones are increasingly used for real-time traffic surveillance. Decentralized learning frameworks enable adaptation to changing traffic flow, but introduce risks such as model poisoning, where a compromised drone can bias collective detection behavior [136]. Modern vision-based frameworks employ transformer-enhanced detection pipelines for vehicle and pedestrian recognition from varying altitudes, supporting reliable monitoring in dense environments [137]. Swarm coordination may further support adaptive traffic operations through real-time data exchange with optimization components.

7.4.2. Accident Detection and Communication Relay

Transportation use cases include time-sensitive safety applications and communication relay when ground infrastructure is insufficient. In these contexts, the Age of Information (AoI) becomes an operational safety metric: trajectory planning and scheduling can be designed to preserve the freshness of vehicle or infrastructure state updates [107]. UAM operations also rely on robust 5G/6G connectivity for Beyond Visual Line of Sight (BVLOS) and high-mobility telemetry. The move toward massive access scenarios raises authentication and latency pressures in networks supporting large numbers of aerial nodes [138].

7.4.3. Security Implications and Infrastructure Assessment

Security threats in smart transportation are tightly coupled to safety and regulation. GNSS spoofing in urban canyons can increase collision risk, while Remote ID (RID) spoofing can enable rogue aircraft to masquerade as authorized vehicles and disrupt traffic management. Vulnerabilities in RID receivers have been shown to enable injection of false trajectories, potentially triggering large-scale disruption through false collision alarms [64]. Transportation agencies also report concerns regarding data privacy and reliance on foreign-manufactured drones for inspections, motivating standardized protocols for securing imagery and telemetry. Additionally, sim-to-real performance degradation in urban perception systems remains a concern for reliability under complex or adversarial conditions [114], and interference management remains critical for protecting navigation and telemetry in 5G-enabled transportation services [139].

7.5. Emergency and Disaster Response

This subsection surveys the deployment of UAVs in search and rescue (SAR) and disaster response, focusing on operational continuity in communication-denied environments and security under severe time-critical constraints. In the aftermath of natural disasters and remote emergencies, UAVs support situational awareness, survivor detection, and restoration of mission-critical services when terrestrial infrastructure fails [140,141].
Disaster environments often require Delay-Tolerant Networking (DTN) operation, where continuous connectivity to a central authority is unavailable and store–carry–forward relaying becomes necessary. Human–UAV coordination can also become implicit when radio links are degraded; game-theoretic models for tacit communication aim to support correct interpretation of human intent under limited connectivity [142]. A further challenge is the return link bottleneck: when swarms collect large data volumes (e.g., mapping), scheduling transmissions under constrained bandwidth and adversarial interference becomes a mission-limiting factor [143].

7.5.1. Search and Rescue and Disaster Monitoring

UAV agility enables access to dangerous or inaccessible regions for real-time support of first responders. Autonomous platforms are used for fire detection, monitoring progression, and prediction under challenging sensing conditions. These missions remain constrained by battery limitations and the need for robust models under smoke and thermal noise. Network virtualization and cloud/edge/fog orchestration approaches support ad hoc service deployment through UAV delivery, enabling rapid establishment of temporary communication nodes when grids or base stations collapse. Furthermore, disaster classification models must be hardened against adversarial interference, which can mimic environmental debris. Controlled robustness evaluations show that while standard models fail under PGD attacks (dropping to ∼21% accuracy), curriculum-based adversarial training can restore resilience to over 75% in disaster scenarios involving floods and wildfires [82].

7.5.2. Operations in Communication-Denied Environments

In communication-denied scenarios, UAVs act as mobile gateways that collect data from distributed IoT sensors and bridge gaps to remote command centers using store–carry–forward protocols. UAVs may also operate as relay nodes with offloading to Low Earth Orbit (LEO) satellites, where adaptive resource allocation strategies based on Deep Reinforcement Learning (DRL) aim to manage latency and energy consumption [122]. During large-scale operations, swarm trajectories for recharging or offloading must be optimized under energy and bandwidth constraints. Massive access requirements can be supported by 5G/6G enhancements such as massive Multiple Input Multiple Output (MIMO) and 3D signal processing [138].

7.5.3. Security and Forensics Under Time-Critical Constraints

Time-critical missions amplify the cost of security failures. Dynamic swarms require decentralized authentication to avoid bottlenecks. Salted Temporal Key (STK) schemes support re-authentication without continuous central authority dependence, maintaining communications security under intermittent isolation [28]. Blockchain integration has also been proposed to secure data acquisition and reduce exposure to malicious node injection during time-critical missions [102]. In addition, emergency response requires forensic readiness: telemetry and payload data must be securely logged to support post-mission investigation and legal admissibility, particularly under anti-forensic attempts to erase evidence [32]. Finally, Deep Reinforcement Learning methods (e.g., Soft Actor-Critic) have been used to optimize computation offloading so that critical sensing tasks are prioritized under resource limitations and adversarial pressure.

7.6. Military and Dual-Use Defense Operations

The adoption of UAV technology in military operations has transformed situational awareness and remote capabilities, requiring defensive architectures resilient to electronic warfare and physical capture [25,46]. Military applications emphasize stealth and electronic warfare (EW) resilience, including bearing-only passive formation control to reduce RF emissions [86] and specialized sensing for small target detection in contested conditions [76].

7.6.1. Surveillance and Reconnaissance in Adversarial Environments

In military intelligence, surveillance, and reconnaissance missions, perception integrity and operational stealth must be maintained under complex protection measures. Robust physical adversarial patches have been shown to exploit motion blur and color distortions common in aerial imaging, degrading detection performance during real flight [26]. Tracking frameworks that integrate learning-based components with filtering techniques support robust state estimation under nonlinear noise and adversarial conditions [144]. Real-time anomaly detection models have also been proposed to identify threats such as spoofing, jamming, and abnormal behavioral patterns in contested environments [25,46].

7.6.2. Communication Relay and Spectrum Security

Secure communication relay and spectrum management in contested environments require advanced signal classification and resilient link designs. Lightweight radio transformer architectures support edge-based signal classification, enabling dynamic spectrum access and adaptation under interference. To reduce detectability, UAV swarms may employ passive formation maintenance strategies that minimize active emissions. Quantum-based communication schemes have also been proposed as mechanisms for detecting eavesdropping in high-security command-and-control links, exploiting the inherent sensitivity of quantum states to interception [61].

7.6.3. Resilience and Threat Mitigation in Contested Scenarios

Military threat models include physical capture, wide-area GNSS denial, and emerging cryptographic threats. Physical capture scenarios motivate the use of forward secrecy and forward unlinkability to limit retrospective compromise of mission data and identities [15,59]. Large-scale GNSS denial requires accurate modeling of motion-dependent errors and drift in strapdown inertial navigation systems, with learning-based filtering approaches proposed to compensate for nonlinear noise and degradation [144,145]. Concerns regarding quantum-capable adversaries further motivate exploration of quantum-safe authentication and communication mechanisms [61]. Swarm operations additionally introduce internal threats, including Byzantine behavior targeting distributed decision logic. Decentralized mechanisms such as Salted Temporal Keys (STK) have been proposed to support dynamic isolation of compromised nodes without continuous Ground Control Station intervention [28]. Electronic warfare conditions also increase the importance of robust signal understanding in integrated sensing and communication environments, where radio transformer approaches enable real-time classification under high-noise conditions [4,80].

7.6.4. Resilience Under Coordinated or Cascading Attacks

Military swarms must remain operational under cascading failure scenarios in which kinetic attacks and jamming occur simultaneously. In coordinated strikes where the ground control station is destroyed or jammed, reliability-oriented scheduling algorithms have been proposed to preserve return communication tasks. These approaches dynamically designate an airborne cluster head that aggregates mission data and seeks alternative backhaul links, such as satellite or high-altitude platforms, ensuring that collected intelligence is not lost even when the tactical edge is severed [143]. When wide-area GPS denial is present, swarms can transition to degraded operational modes that rely on bearing-only formation control. By maintaining cohesion through visual sensing and relative angular measurements rather than absolute coordinates, missions can proceed in a reduced but functional state despite persistent navigation interference [86].

8. Open Challenges, Roadmap, and Conclusions

Despite significant advances, several systemic gaps still prevent the full integration of UAVs into trusted critical-infrastructure operations and regulated airspace. These gaps are not isolated technical issues; they emerge from cross-layer interactions between perception, communication, autonomy, and evidentiary requirements. This section consolidates the most pressing open challenges and outlines a research roadmap aligned with Security-by-Design and operational trust.

8.1. Closing the Sim-to-Real Security Gap

Most AI-driven defense components (e.g., intrusion detection, visual navigation, anomaly detection) are trained and validated in simulation because real-world experimentation is costly, safety-critical, and often restricted by regulation. However, multiple studies confirm a persistent Sim-to-Real Gap: models that perform strongly on synthetic aerial data frequently degrade when exposed to real-world sensor noise, illumination shifts, motion blur, compression artifacts, and physically realizable adversarial perturbations. Krump and Stütz show that the composition of training data substantially influences performance and that synthetic datasets must be validated against content-equivalent real-world datasets to ensure operational reliability [114].
Bridging this gap requires (i) security-aware dataset governance, (ii) robust evaluation protocols that include physical-world threat models, and (iii) High-Fidelity Cyber-Physical Ranges capable of safely emulating RF and sensor attacks (e.g., jamming, spoofing, data injection) while capturing realistic environmental variability. A key open problem is defining reproducible benchmarks that measure not only accuracy but also security robustness under distribution shift, including stress tests that reflect adversarial weather, multipath, urban canyons, and motion-induced sensing distortions.

8.2. Balancing the Resource-Security Paradox

UAV security mechanisms compete directly with mission endurance. Cryptographic handshakes, secure logging, multi-factor authentication, and onboard deep learning all consume energy and compute that could otherwise extend flight time, payload capacity, or sensing coverage. This creates a paradox: the more security a UAV applies, the more it risks becoming operationally fragile (shorter endurance, higher latency, reduced autonomy margins). Conversely, reducing security to preserve endurance increases exposure to denial-of-service, energy-drain (vampire) attacks, and stealthy manipulation.
An open research direction is adaptive security orchestration: dynamically scaling security mechanisms based on mission phase, threat level, and remaining energy budget. This includes (i) energy-aware cryptographic profiles (lightweight modes for routine telemetry, stronger modes for high-value commands), (ii) selective verification and batch authentication in swarms, (iii) edge-assisted security offloading with verifiable computation, and (iv) risk-aware autonomy that triggers fallback behaviors when security telemetry indicates active interference. A core roadmap question is how to formalize security–energy trade-offs with guarantees (e.g., bounded latency, bounded energy overhead) under adversarial conditions.

8.3. Standardization of Drone Forensics and Digital Forensic Readiness

While technical solutions for immutable logging exist, such as DASLog [29], there is no globally accepted standard for UAV forensics that bridges operational telemetry, chain-of-custody requirements, and court admissibility. Current compliance frameworks (e.g., Remote ID) primarily emphasize identification and airspace accountability, but they do not mandate DFR for post-incident attribution. This gap becomes critical in critical infrastructure: after an incident, investigators must distinguish between cyber-sabotage, mechanical failure, environmental hazards, and pilot error using defensible evidence.
Future standards should mandate a secure, tamper-resistant black box capability on UAV flight controllers that supports (i) cryptographic signing of telemetry and control events in real time, (ii) forward-integrity guarantees for logs, (iii) protected time sources and event ordering, and (iv) standardized export formats to enable reproducible forensic extraction across vendors. Mohammed et al. emphasize the need to bridge real-time security with legal admissibility and forensic solution readiness [32]. A key open challenge is defining minimal DFR requirements that remain feasible for small UAVs while supporting verifiable attribution for high-consequence incidents.

8.4. Privacy-Preserving and Post-Quantum Identity for Remote ID

Remote ID is becoming a foundational airspace accountability layer, yet evolving it to be both privacy-preserving and future-proof remains unresolved. Two tensions dominate: (i) minimizing information exposure to prevent tracking and physical targeting, and (ii) maintaining strong authenticity guarantees under constrained broadcast payload sizes and real-time constraints. A further emerging research question is how to incorporate post-quantum assurances, or hybrid approaches, without breaking packet-size budgets or introducing unacceptable latency for constrained UAV hardware.

8.5. Limitations of the Survey

While this survey provides a comprehensive system-level analysis of UAV security in critical infrastructure, several methodological constraints must be transparently acknowledged. First, the literature search was explicitly restricted to the 2020–2026 temporal window. While this purposefully captured the emergence of 5G-enabled swarms and edge intelligence, it inherently excludes foundational pre-2020 architectural security studies. Second, our database selection was concentrated on primary engineering digital libraries (IEEE Xplore, ACM Digital Library, ScienceDirect) and targeted publisher platforms (MDPI, Springer). Although this ensured high-quality technical retrieval, it may underrepresent cross-disciplinary policy, specialized legal, or civil engineering publications regarding UAV integration.
Finally, our review identifies a prevalent publication bias within the AI-driven security literature: studies overwhelmingly report highly successful detection metrics (often >95% accuracy) achieved in idealized simulations, while failed hardware deployments or negative results under physical adversarial conditions are rarely published. This bias obscures the true magnitude of the sim-to-real gap and highlights an emerging area of operational security that remains insufficiently explored in current literature.

8.6. Roadmap Summary

The challenges outlined above motivate a staged research roadmap that integrates system security, operational feasibility, and regulatory trust [29,32,114]. Key priorities include establishing security-focused evaluation benchmarks and cyber-physical test ranges to quantify robustness under distribution shift and physical attack conditions; designing adaptive, energy-bounded security orchestration strategies that preserve reliability without grounding the fleet; defining interoperable Digital Forensic Readiness requirements aligned with legal admissibility; and evolving Remote ID toward privacy-preserving and, ultimately, post-quantum-capable authentication under strict resource constraints.

8.7. Conclusions

This survey systematically analyzed 144 recent studies to bridge the gap between low-level hardware constraints and high-level UAV mission failures in critical infrastructure. Our quantitative synthesis reveals a distinct thematic distribution across the literature: approximately 40% of recent research focuses on AI, swarm autonomy, and learning integrity (Layer C); 35% addresses communication, network security, and Remote ID (Layer B); and 25% is dedicated to physical hardware, supply chain resilience, and infrastructure roots of trust (Layer A).
Through our comparative synthesis, the severity of the Resource-Security Paradox emerges as the most critical operational constraint. As demonstrated in our empirical evaluations, legacy deep learning models impose severe energy penalties (e.g., 42.5 mJ per sample), whereas emerging lightweight hardware-rooted primitives (e.g., USAF-IoD) reduce this overhead to under 6 mJ. Furthermore, our deployment assessment indicates a significant readiness gap: while the vast majority of reviewed AI defenses claim near-perfect accuracy in simulation, very few have been rigorously validated on hardware-in-the-loop (HITL) platforms, exposing a critical vulnerability in real-world environments.
Addressing modern threats, including Remote ID spoofing, adversarial AI, and supply chain manipulation, requires a fundamental shift from add-on software defenses to Security-by-Design. Hardware roots of trust (e.g., TPMs and PUFs) must serve as the non-negotiable foundation for identity and integrity. AI must be treated not only as a defensive capability but also as a protected asset, hardened against poisoning, evasion, and inference-based compromise. Meanwhile, swarm security must move beyond binary authentication toward dynamic trust and reputation management that preserves collective resilience under partial compromise. Ultimately, the future of trustworthy UAV deployment in critical infrastructure depends on resolving this Resource-Security Paradox: building lightweight, energy-efficient architectures that deliver robust defense without eroding mission endurance or operational feasibility.

Author Contributions

Conceptualization, K.K., N.A.K. and F.L.; methodology, K.K.; investigation, K.K. and N.A.K.; writing—original draft preparation, K.K. and N.A.K.; writing—review and editing, F.L.; supervision, F.L. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

The data that support the findings of this study are openly available in Google Scholar.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Jakubiak, M.; Sroka, K.; Maciuk, K.; Abazeed, A.; Kovalova, A.; Santos, L. Unmanned Aerial Vehicles (UAVs) in the Energy and Heating Sectors: Current Practices and Future Directions. Energies 2025, 19, 5. [Google Scholar] [CrossRef]
  2. McEnroe, P.; Wang, S.; Liyanage, M. A survey on the convergence of edge computing and AI for UAVs: Opportunities and challenges. IEEE Internet Things J. 2022, 9, 15435–15459. [Google Scholar] [CrossRef]
  3. Khan, M.A.; Kumar, N.; Mohsan, S.A.H.; Khan, W.U.; Nasralla, M.M.; Alsharif, M.H. Swarm of UAVs for network management in 6G: A technical review. IEEE Trans. Netw. Serv. Manag. 2023, 20, 741–761. [Google Scholar] [CrossRef]
  4. Yang, H.; Liu, Y.; Li, X.; Bai, Z.; Yang, L.; Pan, G.; Liu, H. Physical layer security and covert communication in UAV-ISAC networks: A comprehensive survey. J. King Saud Univ. Comput. Inf. Sci. 2025, 37, 312. [Google Scholar] [CrossRef]
  5. Lyu, M.; Zhao, Y.; Huang, C.; Huang, H. Unmanned aerial vehicles for search and rescue: A survey. Remote. Sens. 2023, 15, 3266. [Google Scholar] [CrossRef]
  6. Tsao, K.Y.; Girdler, T.; Vassilakis, V.G. A survey of cyber security threats and solutions for UAV communications and flying ad-hoc networks. Ad Hoc Netw. 2022, 133, 102894. [Google Scholar] [CrossRef]
  7. Yu, Z.; Wang, Z.; Yu, J.; Liu, D.; Song, H.H.; Li, Z. Cybersecurity of Unmanned Aerial Vehicles: A Survey. IEEE Aerosp. Electron. Syst. Mag. 2023, 39, 182–215. [Google Scholar] [CrossRef]
  8. Sarkar, S.; Shafaei, S.; Jones, T.S.; Totaro, M.W. Secure Communication in Drone Networks: A Comprehensive Survey of Lightweight Encryption and Key Management Techniques. Drones 2025, 9, 583. [Google Scholar] [CrossRef]
  9. Desnitsky, V.; Kotenko, I. Simulation and Assessment of Battery Depletion Attacks on Unmanned Aerial Vehicles for Crisis Management Infrastructures. Simul. Model. Pract. Theory 2021, 107, 102244. [Google Scholar] [CrossRef]
  10. Tlili, F.; Fourati, L.C.; Ayed, S.; Ouni, B. Investigation on vulnerabilities, threats and attacks prohibiting UAVs charging and depleting UAVs batteries: Assessments & countermeasures. Ad Hoc Netw. 2022, 129, 102805. [Google Scholar]
  11. Islam, M.; Mahmoud, A.S.; Sheltami, T.R. AI-Enhanced Intrusion Detection for UAV Systems: A Taxonomy and Comparative Review. Drones 2025, 9, 682. [Google Scholar] [CrossRef]
  12. Tlili, F.; Ayed, S.; Chaari Fourati, L. Advancing UAV security with artificial intelligence: A comprehensive survey of techniques and future directions. Internet Things 2024, 27, 101281. [Google Scholar] [CrossRef]
  13. Bithas, P.S.; Michailidis, E.T.; Nomikos, N.; Vouyioukas, D.; Kanatas, A.G. A survey on machine-learning techniques for UAV-based communications. Sensors 2019, 19, 5170. [Google Scholar] [CrossRef]
  14. Adil, M.; Song, H.; Mastorakis, S.; Abulkasim, A.; Farouk, M.; Jin, Z. UAV-Assisted IoT Applications, Cybersecurity Threats, AI-Enabled Solutions, Open Challenges with Future Research Directions. IEEE Trans. Intell. Veh. 2024, 9, 4583–4605. [Google Scholar] [CrossRef]
  15. Badshah, A.; Abbas, G.; Waqas, M.; Tu, S.; Abbas, Z.H.; Muhammad, F.; Chen, S. Usaf-iod: Ultralightweight and secure authenticated key agreement framework for internet of drones environment. IEEE Trans. Veh. Technol. 2024, 73, 10963–10977. [Google Scholar] [CrossRef]
  16. Tychola, K.A.; Rantos, K. Cyberthreats and security measures in drone-assisted agriculture. Electronics 2025, 14, 149. [Google Scholar] [CrossRef]
  17. Yan, X.; Fu, T.; Lin, H.; Xuan, F.; Huang, Y.; Cao, Y.; Hu, H.; Liu, P. UAV detection and tracking in urban environments using passive sensors: A survey. Appl. Sci. 2023, 13, 11320. [Google Scholar] [CrossRef]
  18. Aldaej, A.; Ahanger, T.A.; Atiquzzaman, M.; Ullah, I.; Yousufudin, M. Smart cybersecurity framework for IoT-empowered drones: Machine learning perspective. Sensors 2022, 22, 2630. [Google Scholar] [CrossRef] [PubMed]
  19. Page, M.J.; McKenzie, J.E.; Bossuyt, P.M.; Boutron, I.; Hoffmann, T.C.; Mulrow, C.D.; Shamseer, L.; Tetzlaff, J.M.; Akl, E.A.; Brennan, S.E.; et al. The PRISMA 2020 statement: An updated guideline for reporting systematic reviews. BMJ 2021, 372, n71. [Google Scholar] [CrossRef]
  20. Kitchenham, B.; Charters, S. Guidelines for Performing Systematic Literature Reviews in Software Engineering; Technical Report EBSE Technical Report EBSE-2007-01; Keele University: Keele, UK; Lincoln University: Lincoln, UK, 2007. [Google Scholar]
  21. Altaweel, A.; Mukkath, H.; Kamel, I. GPS Spoofing Attacks in FANETs: A Systematic Literature Review. IEEE Access 2023, 11, 55562–55585. [Google Scholar] [CrossRef]
  22. Chaffilla, R.; Alvito, P.; Basiri, M. Collaborative Infrastructure-Free Aerial–Ground Robotic System for Warehouse Inventory Data Capture. Drones 2025, 9, 792. [Google Scholar] [CrossRef]
  23. Ekici, M.; Seçkin, A.Ç.; Özek, A.; Karpuz, C. Warehouse drone: Indoor positioning and product counter with virtual fiducial markers. Drones 2022, 7, 3. [Google Scholar] [CrossRef]
  24. Bui, T.T.; Nguyen, L.D.; Kha, H.H.; Vo, N.S.; Duong, T.Q. Joint clustering and resource allocation optimization in ultra-dense networks with multiple drones as small cells using game theory. Sensors 2023, 23, 3899. [Google Scholar] [CrossRef]
  25. Šimon, O.; Götthans, T. A survey on the use of deep learning techniques for UAV jamming and deception. Electronics 2022, 11, 3025. [Google Scholar] [CrossRef]
  26. Xi, H.; Ru, L.; Tian, J.; Wang, W.; Zhu, R.; Li, S.; Zhang, Z.; Liu, L.; Luan, X. Towards Robust Physical Adversarial Attacks on UAV Object Detection: A Multi-Dimensional Feature Optimization Approach. Machines 2025, 13, 1060. [Google Scholar] [CrossRef]
  27. Khan, A.A.; Khan, M.M.; Khan, K.M.; Arshad, J.; Ahmad, F. A blockchain-based decentralized machine learning framework for collaborative intrusion detection within UAVs. Comput. Netw. 2021, 196, 108217. [Google Scholar] [CrossRef]
  28. Zou, Z.; Yang, T.; Wang, P. STK: A Salted Temporal Key Scheme for Dynamic Swarm Security. Drones 2025, 9, 856. [Google Scholar] [CrossRef]
  29. Sarenche, R.; Aghili, F.; Yoshizawa, T.; Singelée, D. DASLog: Decentralized auditable secure logging for UAV ecosystems. IEEE Internet Things J. 2023, 10, 20264–20284. [Google Scholar] [CrossRef]
  30. Burbank, J.; Toro, C.; Emmanuela, A.; Naima, K. Detection and Mitigation of Cyber Attacks on UAV Networks. Electronics 2026, 15, 317. [Google Scholar] [CrossRef]
  31. Li, Y.; Pawlak, J.; Price, J.; Al Shamaileh, K.; Niyaz, Q.; Paheding, S.; Devabhaktuni, V. Jamming detection and classification in OFDM-based UAVs via feature-and spectrogram-tailored machine learning. IEEE Access 2022, 10, 16859–16870. [Google Scholar] [CrossRef]
  32. Mohammed, U.M.; Omolara, E.O.; Abiodun, O.I.; Rasheed, J.; Osman, O.; Oyadiran, P.A.; Owolabi, O.; Anjorin, T.S.; Dada, K.V.; Obafisoye, D.; et al. Cyber threat in drone systems: Bridging real-time security, legal admissibility, and digital forensic solution readiness. Front. Commun. Netw. 2025, 6, 1661928. [Google Scholar] [CrossRef]
  33. Abdulridha, J.; Min, A.; Rouse, M.; Kianian, S.; Isler, V.; Yang, C. Evaluation of stem rust disease in wheat fields by drone hyperspectral imaging. Sensors 2023, 23, 4154. [Google Scholar] [CrossRef]
  34. Ahmad, S.M.; Samie, M.; Honarvar Shakibaei Asli, B. Building Trust in Autonomous Aerial Systems: A Review of Hardware-Rooted Trust Mechanisms. Future Internet 2025, 17, 466. [Google Scholar] [CrossRef]
  35. Kim, Y.; Cho, K.; Kim, S. Challenges in Dynamic Analysis of Drone Firmware and Its Solutions. IEEE Access 2024, 12, 106593–106604. [Google Scholar] [CrossRef]
  36. Pandey, V.K.; Prakash, S.; Ranjan, A.; Jha, S.K.; Liu, X.; Rathore, R.S. An Efficient Framework for Secure Communication in Internet of Drone Networks Using Deep Computing. Designs 2025, 9, 61. [Google Scholar] [CrossRef]
  37. Zaharia, S.M.; Pascariu, I.S.; Chicos, L.A.; Buican, G.R.; Pop, M.A.; Lancea, C.; Stamate, V.M. Material extrusion additive manufacturing of the composite UAV used for search-and-rescue missions. Drones 2023, 7, 602. [Google Scholar] [CrossRef]
  38. Badea, G.P.; Frigioescu, T.F.; Dombrovschi, M.; Cican, G.; Dima, M.; Anghel, V.; Crunteanu, D.E. Innovative Hybrid UAV Design, Development, and Manufacture for Forest Preservation and Acoustic Surveillance. Inventions 2024, 9, 39. [Google Scholar] [CrossRef]
  39. Celik, H.K.; Elham, A.; Cinar, R.; Erbil, M.A.; Entwistle, R.; Rennie, A.E.; Akinci, I. Development of a CAD–FEA Integrated Automation Add-In for DfAM-Aware Topology Optimization: A Case Study on an Additively Manufactured Pusher Duct Support Bracket for a Novel UAV Prototype. Appl. Sci. 2025, 15, 12341. [Google Scholar] [CrossRef]
  40. García-Gascón, C.; Castelló-Pedrero, P.; García-Manrique, J.A. Minimal surfaces as an innovative solution for the design of an additive manufactured solar-powered unmanned aerial vehicle (UAV). Drones 2022, 6, 285. [Google Scholar] [CrossRef]
  41. Chung, P.H.; Ma, D.M.; Shiau, J.K. Design, manufacturing, and flight testing of an experimental flying wing UAV. Appl. Sci. 2019, 9, 3043. [Google Scholar] [CrossRef]
  42. Al-Rakhami, M.S.; Al-Mashari, M. A blockchain-based trust model for the internet of things supply chain management. Sensors 2021, 21, 1759. [Google Scholar] [CrossRef]
  43. Zhang, J.; Campbell, J.F.; Sweeney, D.C., II; Hupman, A.C. Energy consumption models for delivery drones: A comparison and assessment. Transp. Res. Part D Transp. Environ. 2021, 90, 102668. [Google Scholar] [CrossRef]
  44. Li, S.; Hu, X.; Du, Y. Deep reinforcement learning for computation offloading and resource allocation in unmanned-aerial-vehicle assisted edge computing. Sensors 2021, 21, 6499. [Google Scholar] [CrossRef]
  45. Khor, J.H.; Sidorov, M.; Chong, M.J.Y. Secure LoRa Drone-to-Drone Communication for Public Blockchain-Based UAV Traffic Management. Sensors 2025, 25, 5087. [Google Scholar] [CrossRef]
  46. Batur Dinler, Ö. UAV Cybersecurity with Mamba-KAN-Liquid Hybrid Model: Deep Learning-Based Real-Time Anomaly Detection. Drones 2025, 9, 806. [Google Scholar] [CrossRef]
  47. Arsalaan, A.S.; Fida, M.R.; Nguyen, H.X. UAVs relay in emergency communications with strict requirements on quality of information. IEEE Trans. Veh. Technol. 2024, 74, 4877–4892. [Google Scholar] [CrossRef]
  48. Al-Haddad, L.A.; Khalid, W.; Tariq, S.Z.; Mrah, M.M.; Flah, A.; Tazay, A.F.; Jaber, A.A. Reliability-oriented framework for UAV-based inspection missions in modern power and energy systems. Sci. Rep. 2025, 16, 958. [Google Scholar] [CrossRef]
  49. Ahmim, I.; Ghoualmi-Zine, N.; Bouakkaz, F.; Rachedi, A. 2AS-DS: Anonymous Authentication Scheme Based on Physical Unclonable Function for Drone Swarms. In Proceedings of the 2024 4th International Conference on Embedded & Distributed Systems (EDiS), Bechar, Algeria, 3–5 November 2024; pp. 199–204. [Google Scholar]
  50. Stierlin, N.; Risch, M.; Risch, L. Current advancements in drone technology for medical sample transportation. Logistics 2024, 8, 104. [Google Scholar] [CrossRef]
  51. Vedrtnam, A.; Negi, H.; Kalauni, K. Materials and energy-centric life cycle assessment for drones: A review. J. Compos. Sci. 2025, 9, 169. [Google Scholar] [CrossRef]
  52. Tan, X.; Zuo, Z.; Su, S.; Guo, X.; Sun, X. Research of security routing protocol for UAV communication network based on AODV. Electronics 2020, 9, 1185. [Google Scholar] [CrossRef]
  53. Tan, Y.; Liu, J.; Wang, J. How to protect key drones in unmanned aerial vehicle networks? An SDN-based topology deception scheme. IEEE Trans. Veh. Technol. 2022, 71, 13320–13331. [Google Scholar] [CrossRef]
  54. Airlangga, G.; Liu, A. A study of the data security attack and defense pattern in a centralized UAV–cloud architecture. Drones 2023, 7, 289. [Google Scholar] [CrossRef]
  55. Agnew, D.; Del Aguila, A.; McNair, J. Enhanced network metric prediction for machine learning-based cyber security of a software-defined UAV relay network. IEEE Access 2024, 12, 54202–54219. [Google Scholar] [CrossRef]
  56. Zhu, C.; Zhu, X.; Qin, T. An efficient privacy protection mechanism for blockchain-based federated learning system in UAV-MEC Networks. Sensors 2024, 24, 1364. [Google Scholar] [CrossRef] [PubMed]
  57. Shin, Y.A.; Jeong, I.R.; Byun, J.W. Identity-Based Multiproxy Signature with Proxy Signing Key for Internet of Drones. IEEE Internet Things J. 2023, 11, 4191–4205. [Google Scholar] [CrossRef]
  58. Huang, W. ECC-based three-factor authentication and key agreement scheme for wireless sensor networks. Sci. Rep. 2024, 14, 1787. [Google Scholar] [CrossRef]
  59. Jeong, J.Y.; Kang, H.W.; Jeong, I.R. Concurrent two-party key exchange with forward unlinkability in internet of drones. IEEE Access 2024, 12, 77250–77256. [Google Scholar] [CrossRef]
  60. Gope, P.; Sikdar, B. An efficient privacy-preserving authenticated key agreement scheme for edge-assisted internet of drones. IEEE Trans. Veh. Technol. 2020, 69, 13621–13630. [Google Scholar] [CrossRef]
  61. Abulkasim, H.; Goncalves, B.; Mashatan, A.; Ghose, S. Authenticated secure quantum-based communication scheme in internet-of-drones deployment. IEEE Access 2022, 10, 94963–94972. [Google Scholar] [CrossRef]
  62. Jeong, J.Y.; Byun, J.W.; Jeong, I.R. Key agreement between user and drone with forward unlinkability in internet of drones. IEEE Access 2022, 10, 17134–17144. [Google Scholar] [CrossRef]
  63. ASTM F3411-22a; Standard Specification for Remote ID and Tracking. ASTM International: West Conshohocken, PA, USA, 2022.
  64. Nozomi Networks Labs. Spoofing Drone Locations by Manipulating Remote ID Protocols and Communications. 2023. Available online: https://www.nozominetworks.com/resources/spoofing-drone-locations-by-manipulating-remote-id-protocols-and-communications (accessed on 1 January 2026).
  65. Wisse, E.; Tedeschi, P.; Sciancalepore, S.; Di Pietro, R. A 2 RID—Anonymous Direct Authentication and Remote Identification of Commercial Drones. IEEE Internet Things J. 2023, 10, 10587–10604. [Google Scholar] [CrossRef]
  66. Brighente, A.; Conti, M.; Schotsman, M.; Sciancalepore, S. Obfuscated Location Disclosure for Remote ID Enabled Drones. arXiv 2024, arXiv:2407.14256. [Google Scholar] [CrossRef]
  67. Shen, A.; Luo, J.; Ning, J.; Li, Y.; Wang, Z.; Duo, B. Safeguarding UAV networks against active eavesdropping: An elevation angle-distance trade-off for secrecy enhancement. Drones 2023, 7, 109. [Google Scholar] [CrossRef]
  68. Xia, Y.; Liu, W.; Zhang, K.; Xu, C.; Huang, D. Bounding the Path Loss in UAV-Assisted Wireless Sensor Networks. IEEE Antennas Wirel. Propag. Lett. 2024, 23, 2341–2345. [Google Scholar] [CrossRef]
  69. Yuan, Z.; Yang, Y.; Wang, D.; Ma, X. Energy-efficient trajectory optimization for UAV-enabled cellular communications based on physical-layer security. Aerospace 2022, 9, 50. [Google Scholar] [CrossRef]
  70. Yang, S.; Ma, H. Security Performance Analysis of Full-Duplex UAV Assisted Relay System Based on SWIPT Technology. Appl. Sci. 2024, 14, 4987. [Google Scholar] [CrossRef]
  71. Ibrahim, O.; Di Pietro, R. Drone-Mag: UAV Identification and Authentication via Electromagnetic Emissions. ACM Trans.-Cyber-Phys. Syst. 2025, 9, 23. [Google Scholar] [CrossRef]
  72. Alshaer, N.; Ismail, T. Performance evaluation and security analysis of UAV-based FSO/CV-QKD system employing DP-QPSK/CD. IEEE Photonics J. 2022, 14, 7324911. [Google Scholar] [CrossRef]
  73. Koulianos, A.; Paraskevopoulos, P.; Litke, A.; Papadakis, N.K. Enhancing unmanned aerial vehicle security: A zero-knowledge proof approach with zero-knowledge succinct non-interactive arguments of knowledge for authentication and location proof. Sensors 2024, 24, 5838. [Google Scholar] [CrossRef]
  74. Huang, M.; Mi, W.; Wang, Y. Edgs-yolov8: An improved yolov8 lightweight uav detection model. Drones 2024, 8, 337. [Google Scholar] [CrossRef]
  75. Pathak, S.; Shrestha, S.; AlMahmoud, A. Model Agnostic Defense against Adversarial Patch Attacks on Object Detection in Unmanned Aerial Vehicles. In Proceedings of the 2024 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS), Abu Dhabi, United Arab Emirates, 14–18 October 2024; pp. 2586–2593. [Google Scholar]
  76. Wang, S.; Jiang, H.; Li, Z.; Yang, J.; Ma, X.; Chen, J.; Tang, X. PHSI-RTDETR: A lightweight infrared small target detection algorithm based on UAV aerial photography. Drones 2024, 8, 240. [Google Scholar] [CrossRef]
  77. Kong, F.; Li, J.; Jiang, B.; Wang, H.; Song, H. Trajectory optimization for drone logistics delivery via attention-based pointer network. IEEE Trans. Intell. Transp. Syst. 2022, 24, 4519–4531. [Google Scholar] [CrossRef]
  78. Tahir, N.U.A.; Long, Z.; Zhang, Z.; Asim, M.; ELAffendi, M. PVswin-YOLOv8s: UAV-based pedestrian and vehicle detection for traffic management in smart cities using improved YOLOv8. Drones 2024, 8, 84. [Google Scholar] [CrossRef]
  79. Zhao, L.; Zhu, M. MS-YOLOv7: YOLOv7 based on multi-scale for object detection on UAV aerial photography. Drones 2023, 7, 188. [Google Scholar] [CrossRef]
  80. Zheng, Q.; Tian, X.; Yu, Z.; Ding, Y.; Elhanashi, A.; Saponara, S.; Kpalma, K. MobileRaT: A lightweight radio transformer method for automatic modulation classification in drone communication systems. Drones 2023, 7, 596. [Google Scholar] [CrossRef]
  81. Huang, X.; Huang, D. Performance Analysis of Blockchain Consensus Algorithm in Unmanned Aerial Vehicle Ad Hoc Networks. Drones 2025, 9, 334. [Google Scholar] [CrossRef]
  82. Kose, K.; Zhou, B. Adversarial Training for Aerial Disaster Recognition: A Curriculum-Based Defense Against PGD Attacks. Electronics 2025, 14, 3210. [Google Scholar] [CrossRef]
  83. Al-Sabbagh, A.; El-Bokhary, A.; El-Koussa, S.; Jaber, A.; Elkhodr, M. Enhancing UAV security against GPS spoofing attacks through a genetic algorithm-driven deep learning framework. Information 2025, 16, 115. [Google Scholar] [CrossRef]
  84. Zhang, Y.; Zhang, Y.; Qi, J.; Bin, K.; Wen, H.; Tong, X.; Zhong, P. Adversarial patch attack on multi-scale object detection for UAV remote sensing images. Remote. Sens. 2022, 14, 5298. [Google Scholar] [CrossRef]
  85. Chen, L.; Zhai, W.; Bu, X.; Sun, M.; Zhu, C. A Lightweight Robust Training Method for Defending Model Poisoning Attacks in Federated Learning Assisted UAV Networks. Drones 2025, 9, 528. [Google Scholar] [CrossRef]
  86. Gao, Y.; Feng, H.; Chen, J.; Li, J.; Wei, Z. A scalable distributed control algorithm for bearing-only passive UAV formation maintenance. Sensors 2023, 23, 3849. [Google Scholar] [CrossRef]
  87. Hu, Y.; Gan, Y.; Wu, H.; Wang, C.; Ma, M.; Xiong, C. GDM-DTM: A Group Decision-Making-Enabled Dynamic Trust Management Method for Malicious Node Detection in Low-Altitude UAV Networks. Sensors 2025, 25, 3982. [Google Scholar] [CrossRef]
  88. Gharrad, H.; Jabeur, N.; Yasar, A.U.H. Hierarchical Analysis Process for Belief Management in Internet of Drones. Sensors 2022, 22, 6146. [Google Scholar] [CrossRef]
  89. Feng, C.; Liu, B.; Yu, K.; Goudos, S.K.; Wan, S. Blockchain-empowered decentralized horizontal federated learning for 5G-enabled UAVs. IEEE Trans. Ind. Inform. 2021, 18, 3582–3592. [Google Scholar] [CrossRef]
  90. Tan, Y.; Wang, J.; Liu, J.; Kato, N. Blockchain-assisted distributed and lightweight authentication service for industrial unmanned aerial vehicles. IEEE Internet Things J. 2022, 9, 16928–16940. [Google Scholar] [CrossRef]
  91. Valikhanli, O.; Abdullayeva, F. Securing UAV Flight Data Using Lightweight Cryptography and Image Steganography. Int. J. Adv. Comput. Sci. Appl. 2025, 16, 278–289. [Google Scholar] [CrossRef]
  92. Patel, A.; Cherukuri, A.K. Analysis of Light-Weight Cryptography Algorithms for UAV-Networks. arXiv 2025, arXiv:2504.04063. [Google Scholar] [CrossRef]
  93. Nair, A.; Thampi, S. A location-aware physical unclonable function and Chebyshev map-based mutual authentication mechanism for internet of surveillance drones. Concurr. Comput. Pract. Exp. 2023, 35, e7564. [Google Scholar] [CrossRef]
  94. Al-Mekhlafi, Z.G.; Altmemi, J.M.; Al-Shareeda, M.A.; Al-Hchaimi, A.A.J.; Homod, R.Z.; Mohammed, B.A.; Alshammari, G.; Al-Dhlan, K.A.; Alrashdi, R.; Alkhabra, Y.A. ChebIoD: A Chebyshev polynomial-based lightweight authentication scheme for internet of drones environments. Sci. Rep. 2025, 15, 32897. [Google Scholar] [CrossRef]
  95. Badhib, A.; Alshehri, S.; Cherif, A. IoT Authentication in Federated Learning: Methods, Challenges, and Future Directions. Sensors 2025, 25, 7619. [Google Scholar] [CrossRef] [PubMed]
  96. Pu, C.; Wall, A.; Choo, K.K.R.; Ahmed, I.; Lim, S. A lightweight and privacy-preserving mutual authentication and key agreement protocol for Internet of Drones environment. IEEE Internet Things J. 2022, 9, 9918–9933. [Google Scholar] [CrossRef]
  97. Jiao, J.; Chen, B.; Hu, F.; Wu, Y. A Lightweight and Dynamic Authentication Scheme Based on Blockchain and aSVC for UAV Swarm. Drones 2025, 9, 654. [Google Scholar] [CrossRef]
  98. Naziri, S.; Wang, X.; Yu, G.; Liang, C.J.; Ni, W. ZAPS: A Zero-Knowledge Proof Protocol for Secure UAV Authentication with Flight Path Privacy. arXiv 2025, arXiv:2508.17043. [Google Scholar] [CrossRef]
  99. Jačionis, T.; Urbanavičius, V.; Katkevičius, A.; Abromavičius, V.; Serackis, A.; Sledevič, T.; Plonis, D. UAV detection using thrust engine electromagnetic spectra. Drones 2022, 6, 306. [Google Scholar] [CrossRef]
  100. Morge-Rollet, L.; Le Jeune, D.; Le Roy, F.; Canaff, C.; Gautier, R. Drone detection and classification using physical-layer protocol statistical fingerprint. Sensors 2022, 22, 6701. [Google Scholar] [CrossRef] [PubMed]
  101. Ortega, J.C.Ú.; Rodríguez-Molina, J.; Martínez-Núñez, M.; Garbajosa, J. A proposal for decentralized and secured data collection from unmanned aerial vehicles in livestock monitoring with blockchain and IPFS. Appl. Sci. 2022, 13, 471. [Google Scholar] [CrossRef]
  102. Alqarni, M.A. Secure UAV adhoc network with blockchain technology. PLoS ONE 2024, 19, e0302513. [Google Scholar] [CrossRef]
  103. Abdel-Malek, M.A.; Akkaya, K.; Bhuyan, A.; Ibrahim, A.S. A proxy signature-based drone authentication in 5G D2D networks. In Proceedings of the 2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring), Virtual, 25–28 April 2021; pp. 1–7. [Google Scholar]
  104. Sung, Y.H.; Park, S.J.; Kim, D.Y.; Kim, S. GPS spoofing detection method for small UAVs using 1D convolution neural network. Sensors 2022, 22, 9412. [Google Scholar] [CrossRef]
  105. Ma, T.; Zhang, X.; Miao, Z. Detection of UAV GPS spoofing attacks using a stacked ensemble method. Drones 2024, 9, 2. [Google Scholar] [CrossRef]
  106. Sun, Y.; Yu, M.; Wang, L.; Li, T.; Dong, M. A deep-learning-based GPS signal spoofing detection method for small UAVs. Drones 2023, 7, 370. [Google Scholar] [CrossRef]
  107. Samir, M.; Assi, C.; Sharafeddine, S.; Ebrahimi, D.; Ghrayeb, A. Age of information aware trajectory planning of UAVs in intelligent transportation systems: A deep learning approach. IEEE Trans. Veh. Technol. 2020, 69, 12382–12395. [Google Scholar] [CrossRef]
  108. El Haber, E.; Alameddine, H.A.; Assi, C.; Sharafeddine, S. UAV-aided ultra-reliable low-latency computation offloading in future IoT networks. IEEE Trans. Commun. 2021, 69, 6838–6851. [Google Scholar] [CrossRef]
  109. Wubben, J.; Morales, C.; Calafate, C.T.; Hernández-Orallo, E.; Cano, J.C.; Manzoni, P. Improving UAV mission quality and safety through topographic awareness. Drones 2022, 6, 74. [Google Scholar] [CrossRef]
  110. Elsisi, M.; Yu, J.T.; Lai, C.C.; Su, C.L. A drone-assisted deep learning-based IoT system for monitoring ship emissions in ports considering adversarial attacks. IEEE Trans. Instrum. Meas. 2024, 73, 9506111. [Google Scholar] [CrossRef]
  111. Hedayati, M.; Barzegar, A.; Rahimi, A. Fault Diagnosis and Prognosis of Satellites and Unmanned Aerial Vehicles: A Review. Appl. Sci. 2024, 14, 9487. [Google Scholar] [CrossRef]
  112. Vangala, A.; Agrawal, S.; Das, A.K.; Pal, S.; Kumar, N.; Lorenz, P.; Park, Y. Big data-enabled authentication framework for offshore maritime communication using drones. IEEE Trans. Veh. Technol. 2024, 73, 10196–10210. [Google Scholar] [CrossRef]
  113. Dixit, B.; Ananthapadmanabhan, A.; Thahsin, A.; Pathak, S.; Kasbekar, G.S.; Maity, A. A Novel Cipher for Enhancing MAVLink Security: Design, Security Analysis, and Performance Evaluation Using a Drone Testbed. IEEE Open J. Commun. Soc. 2025, 6, 9027–9051. [Google Scholar] [CrossRef]
  114. Krump, M.; Stütz, P. Deep learning based vehicle detection on real and synthetic aerial images: Training data composition and statistical influence analysis. Sensors 2023, 23, 3769. [Google Scholar] [CrossRef] [PubMed]
  115. Zidane, Y.; Silva, J.S.; Tavares, G. Jamming and spoofing techniques for drone neutralization: An experimental study. Drones 2024, 8, 743. [Google Scholar] [CrossRef]
  116. Sun, W.; Xu, N.; Wang, L.; Zhang, H.; Zhang, Y. Dynamic digital twin and federated learning with incentives for air-ground networks. IEEE Trans. Netw. Sci. Eng. 2020, 9, 321–333. [Google Scholar] [CrossRef]
  117. Sapkota, S.; Paudyal, D.R. Growth monitoring and yield estimation of maize plant using unmanned aerial vehicle (UAV) in a hilly region. Sensors 2023, 23, 5432. [Google Scholar] [CrossRef]
  118. Prey, L.; Ramgraber, L.; Seidl-Schulz, J.; Hanemann, A.; Noack, P.O. The transferability of spectral grain yield prediction in wheat breeding across years and trial locations. Sensors 2023, 23, 4177. [Google Scholar] [CrossRef] [PubMed]
  119. Rančić, K.; Blagojević, B.; Bezdan, A.; Ivošević, B.; Tubić, B.; Vranešević, M.; Pejak, B.; Crnojević, V.; Marko, O. Animal detection and counting from UAV images using convolutional neural networks. Drones 2023, 7, 179. [Google Scholar] [CrossRef]
  120. Liang, H.; Gao, W.; Nguyen, J.H.; Orpilla, M.F.; Yu, W. Internet of Things data collection using unmanned aerial vehicles in infrastructure free environments. IEEE Access 2019, 8, 3932–3944. [Google Scholar] [CrossRef]
  121. Hoque, M.A.; Hossain, M.; Noor, S.; Islam, S.R.; Hasan, R. IoTaaS: Drone-based Internet of Things as a service framework for smart cities. IEEE Internet Things J. 2021, 9, 12425–12439. [Google Scholar] [CrossRef]
  122. Zhang, H.; Xi, S.; Jiang, H.; Shen, Q.; Shang, B.; Wang, J. Resource allocation and offloading strategy for UAV-assisted LEO satellite edge computing. Drones 2023, 7, 383. [Google Scholar] [CrossRef]
  123. Karadeniz, T.N.; Ekici, S.; Avci, E. Deep learning-based detection of power transmission lines using YOLOv4 and YOLOv8. Sci. Rep. 2025, 16, 2382. [Google Scholar] [CrossRef]
  124. Godio, S.; Carrio, A.; Guglieri, G.; Dovis, F. Resolution and frequency effects on UAVs semi-direct visual-inertial odometry (SVO) for warehouse logistics. Sensors 2022, 22, 9911. [Google Scholar] [CrossRef]
  125. Alajami, A.A.; Moreno, G.; Pous, R. Design of a UAV for Autonomous RFID-Based Dynamic Inventories Using Stigmergy for Mapless Indoor Environments. Drones 2022, 6, 208. [Google Scholar] [CrossRef]
  126. Fernández-Caramés, T.M.; Blanco-Novoa, O.; Froiz-Míguez, I.; Fraga-Lamas, P. Towards an autonomous industry 4.0 warehouse: A UAV and blockchain-based system for inventory and traceability applications in big data-driven supply chain management. Sensors 2019, 19, 2394. [Google Scholar] [CrossRef] [PubMed]
  127. Han, C.; Jeon, H.; Oh, J.; Lee, H. Dynamic order picking method for multi-UAV system in intelligent warehouse. Remote. Sens. 2022, 14, 6106. [Google Scholar] [CrossRef]
  128. Tubis, A.A.; Ryczyński, J.; Żurek, A. Risk assessment for the use of drones in warehouse operations in the first phase of introducing the service to the market. Sensors 2021, 21, 6713. [Google Scholar] [CrossRef]
  129. Torres-Barriuso, J.; Lasarte, N.; Piñero, I.; Roji, E.; Elguezabal, P. Digitalization of the Workflow for Drone-Assisted Inspection and Automated Assessment of Industrial Buildings for Effective Maintenance Management. Buildings 2025, 15, 242. [Google Scholar] [CrossRef]
  130. Zhang, H.; Wang, F.; Feng, D.; Du, S.; Zhong, G.; Deng, C.; Zhou, J. A Logistics UAV Parcel-Receiving Station and Public Air-Route Planning Method Based on Bi-Layer Optimization. Appl. Sci. 2023, 13, 1842. [Google Scholar] [CrossRef]
  131. Ulin Hernandez, E.J.; Saucedo Martinez, J.A.; Marmolejo Saucedo, J.A. Optimization of the distribution network using an emerging technology. Appl. Sci. 2020, 10, 857. [Google Scholar] [CrossRef]
  132. Han, P.; Sui, A.; Wu, J. Lightweight Secure Communication Supporting Batch Authentication for UAV Swarm. Drones 2025, 9, 139. [Google Scholar] [CrossRef]
  133. Li, H.; Li, P.; Liu, J.; Zhang, P. Secure Communication and Dynamic Formation Control of Intelligent Drone Swarms Using Blockchain Technology. Information 2025, 16, 768. [Google Scholar] [CrossRef]
  134. Alahvirdi, D.; Tuci, E. Traffic monitoring and management system based on a swarm of drones and adaptive traffic units. Front. Future Transp. 2025, 6, 1662822. [Google Scholar] [CrossRef]
  135. Zaman, A.A.U.; Abdelaty, A.; Yamany, M.S. Applications of UAV Technologies in Assessment of Transportation Infrastructure Systems. CivilEng 2025, 6, 32. [Google Scholar] [CrossRef]
  136. Maljkovic, M.; Geroliminis, N. On Learning-Based Traffic Monitoring with a Swarm of Drones. arXiv 2025, arXiv:2503.21433. [Google Scholar] [CrossRef]
  137. Almujally, N.A.; Wu, T.; Alhasson, H.F.; Hanzla, M.; Jalal, A.; Liu, H. UAV-based intelligent traffic surveillance using recurrent neural networks and Swin transformer for dynamic environments. Front. Neurorobotics 2025, 19, 1681341. [Google Scholar] [CrossRef]
  138. Miao, W.; Luo, C.; Min, G.; Mi, Y.; Wang, H. Unlocking the potential of 5G and beyond networks to support massive access of ground and air devices. IEEE Trans. Netw. Sci. Eng. 2021, 8, 2825–2836. [Google Scholar] [CrossRef]
  139. Al-Rubaye, S.; Tsourdos, A.; Namuduri, K. Advanced air mobility operation and infrastructure for sustainable connected evtol vehicle. Drones 2023, 7, 319. [Google Scholar] [CrossRef]
  140. Kukliński, S.; Szczypiorski, K.; Chemouil, P. UAV support for mission critical services. Energies 2022, 15, 5681. [Google Scholar] [CrossRef]
  141. Partheepan, S.; Sanati, F.; Hassan, J. Autonomous unmanned aerial vehicles in bushfire management: Challenges and opportunities. Drones 2023, 7, 47. [Google Scholar] [CrossRef]
  142. Hebbar, V.; Langbort, C. A Model for Tacit Communication in Collaborative Human-UAV Search-and-Rescue. Entropy 2021, 23, 1027. [Google Scholar] [CrossRef] [PubMed]
  143. Tang, Z.; Jiao, Y.; Wang, X.; Pan, X.; Peng, J. Research on Scheduling Return Communication Tasks for UAV Swarms in Disaster Relief Scenarios. Drones 2025, 9, 567. [Google Scholar] [CrossRef]
  144. Luo, W.; Zhao, Y.; Shao, Q.; Li, X.; Wang, D.; Zhang, T.; Liu, F.; Duan, L.; He, Y.; Wang, Y.; et al. Procapra Przewalskii tracking autonomous unmanned aerial vehicle based on improved long and short-term memory Kalman filters. Sensors 2023, 23, 3948. [Google Scholar] [CrossRef] [PubMed]
  145. Borodacz, K.; Szczepański, C. Impact of motion-dependent errors on the accuracy of an unaided strapdown inertial navigation system. Sensors 2023, 23, 3528. [Google Scholar] [CrossRef]
Electronics 15 01204 g001
Figure 1. Methodology Flowchart (PRISMA). The literature search focused on recent high-impact journals and digital libraries (2020–2026) covering the intersection of UAV hardware constraints, AI security, and Critical Infrastructure, yielding a final synthesis of 144 studies.
Figure 1. Methodology Flowchart (PRISMA). The literature search focused on recent high-impact journals and digital libraries (2020–2026) covering the intersection of UAV hardware constraints, AI security, and Critical Infrastructure, yielding a final synthesis of 144 studies.
Electronics 15 01204 g001
Electronics 15 01204 g002
Figure 2. Taxonomy of UAV Security. The survey analyzes security bottom-up, mapping specific hardware and AI threats (Left) to their corresponding state-of-the-art defenses (Right), all supporting Critical Infrastructure domains.
Figure 2. Taxonomy of UAV Security. The survey analyzes security bottom-up, mapping specific hardware and AI threats (Left) to their corresponding state-of-the-art defenses (Right), all supporting Critical Infrastructure domains.
Electronics 15 01204 g002
Electronics 15 01204 g004
Figure 4. The Critical Infrastructure Threat Landscape. The central hub represents the universal hardware constraint (Resource-Security Paradox). The surrounding nodes illustrate how threat vectors diverge by domain: Agriculture faces Integrity attacks (poisoning yield data), Energy grids face Digital Twin injection, Logistics faces Supply Chain Trojans, and Military operations face Physical Capture.
Figure 4. The Critical Infrastructure Threat Landscape. The central hub represents the universal hardware constraint (Resource-Security Paradox). The surrounding nodes illustrate how threat vectors diverge by domain: Agriculture faces Integrity attacks (poisoning yield data), Energy grids face Digital Twin injection, Logistics faces Supply Chain Trojans, and Military operations face Physical Capture.
Electronics 15 01204 g004
Table 1. Comparison of This Survey with Recent Related Works (2022–2025).
Table 1. Comparison of This Survey with Recent Related Works (2022–2025).
ReferenceYearHardware & Energy FocusSwarm & Autonomy ScopeCritical Infrastructure (CI) ContextDigital Forensics Coverage
Sarkar et al. [8]2025Computational Cost: Focuses solely on crypto algorithm overhead.Routing: Focuses on FANET routing and key management.General IoD: Generic “Internet of Drones” scenarios.Not Addressed
Yang et al. [4]2025RF Hardware: Focuses on antenna design and signal power ratios.Single Link: Focuses on point-to-point physical layer security.General Comms: Focuses on wireless channel capacity.Not Addressed
Tychola & Rantos [16]2025Sensors: Focuses on specific agricultural sensor vulnerabilities.Single Agent: Focuses on individual crop-spraying drones.Single Domain: Agriculture Only.Not Addressed
Lyu et al. [5]2023Payload: Focuses on cameras and SAR-specific sensors.Cooperative: Focuses on multi-UAV coverage patterns.Single Domain: Emergency Response (SAR) Only.Not Addressed
Yan et al. [17]2023Passive Sensors: Focuses on radar/acoustic detection hardware.Detection: Focuses on detecting swarms, not securing them.Urban Security: Focuses on city/airport protection.Not Addressed
Aldaej et al. [18]2022Edge Compute: Focuses on ML processing capabilities.Network: Focuses on IDS for standard networks.General IoT: Generic smart city applications.Not Addressed
This Work2026Resource-Security Paradox: Bridges battery endurance with crypto/AI overhead.Swarm Intelligence: Covers Batch Auth, Formation Control, Hive Logic.Multi-Domain: Taxonomy across Energy, Ag, Logistics, Maritime, Military.Forensic Readiness: Covers Legal Admissibility, Data Preservation.
Table 2. Documented Real-World Cyberattacks on UAV Systems and Their Impacts [30,31,32,33].
Table 2. Documented Real-World Cyberattacks on UAV Systems and Their Impacts [30,31,32,33].
YearTarget/SectorAttack VectorDocumented Consequences/Damage
2025Commercial DeliveryGPS Spoofing$9.0 Million in estimated damages
2024Law EnforcementCommand Hijacking$5.4 Million damage to surveillance drone
2024Consumer/CommercialDe-authenticationParrot A.R. drone hijacked and fully compromised
2023Critical InfrastructureData Breach$4.2 Million (survey drone data compromised)
2022General AviationMalware Attack$3.8 Million (drone crash in South Korea)
2021AgricultureSwarm Jamming$2.5 Million in damages to farming operations
2018Entertainment (Swarm)GPS Jamming46 drones crashed simultaneously in Hong Kong
2012General AviationGPS SpoofingHornet Mini Rotorcraft crashed
2011Military (RQ-170)GPS SpoofingUnintended landing and capture of UAV in Iran
2011Military GCSMalware (Keylogger)US Army ground control station infrastructure infected
2010Military SurveillanceEavesdroppingIntercepted video feeds led to fatal ambush
2009Military SurveillanceEavesdroppingPredator video feeds intercepted by insurgents
Table 3. State-of-the-Art AI Architectures for UAV Edge Security (2020–2025).
Table 3. State-of-the-Art AI Architectures for UAV Edge Security (2020–2025).
ArchitectureTarget ApplicationHardware/System OptimizationSecurity and Robustness Benefit
Mamba-KAN-Liquid [46]Intrusion and anomaly detectionAdaptive time-series neurons with Liquid Time-Constants; suitable for MCU, FPGA, and micro-edge deploymentMitigates concept drift and models non-stationary telemetry patterns associated with stealthy and evolving attacks.
Hybrid CNN-Transformer Backbones [78,79]Urban traffic and object monitoringSwin-Transformer backbone with windowed self-attention for efficient onboard vision processingImproves robustness against occlusion, cluttered backgrounds, and highly dynamic urban scenes.
PHSI-RTDETR [76]Infrared and thermal surveillancePatch-based attention with hybrid spectral integration optimized for low-SNR sensingPreserves weak thermal signatures of micro-UAVs and targets under low-contrast and noisy conditions.
MobileRaT/RF-Pipeline [80,81]Signal and Jamming ClassificationLightweight radio transformer optimized for micro-edge devices and RF pipelinesAchieves high classification accuracy under jamming, interference, and adverse channel noise.
A-Ptr-Net [77]Secure logistics and swarm routingAttention-based pointer network with embedded battery and resource constraintsEnables energy-aware and attack-resilient routing decisions for cooperative UAV missions.
Attention U-Net Pre-processor [75]Object detection (surveillance)Lightweight autoencoder-based front-end with model-agnostic deployment; incurs only ∼4% added latency per imageTreats adversarial patches as occlusions to be removed, reducing attack success rate by ∼30% without retraining the core detector.
ResNet-50 w/PGD Training [82]Aerial disaster recognitionCurriculum-based adversarial training (50/50 clean–PGD split) to preserve edge deployabilityPrevents catastrophic degradation under digital PGD attacks (93% → 21% drop), maintaining >75% operational accuracy.
Table 4. Comparative analysis of representative security mechanisms for resource-constrained UAV systems.
Table 4. Comparative analysis of representative security mechanisms for resource-constrained UAV systems.
Mechanism/ProtocolCategoryPrimary Security GoalKey Feature/AdvantageRef.
ASCON/ChaCha20/ SteganographyCryptographyTelemetry confidentialityCombines lightweight authenticated encryption with image steganography for covert data transmission. [8,15,91,92]
ChebIoD(Chebyshev)/ ChaoticCryptographySession key generationChaotic non-linearity reduces adversarial inference of key material during lightweight key exchange. [93,94,95,96]
STK/aSVC-AuthSwarm AuthDynamic group managementSupports non-interactive, self-healing re-authentication for high-mobility swarms, eliminating repeated handshakes during node re-entry. [28,36,97,98]
Electromagnetic SpectraPhysical layerDevice identificationElectromagnetic emissions are used to fingerprint motors and actuators for device provenance. [71,99,100]
A2RID/OLO-RIDPrivacyRemote ID complianceObfuscates identity and location while preserving ASTM Remote ID interoperability. [65,66]
IPFS-LivestockForensicsIncident accountabilityAnchors Merkle-tree logs into decentralized storage to ensure immutable audit trails and prevent retrospective tampering. [29,101,102]
Proxy SecuritySwarm SecurityCommand validationCombines proxy-signatures for delegated authority with PBFT consensus for high-throughput command verification in 5G-D2D. [57,81,103]
Table 6. Comprehensive empirical performance, deployment evaluation, and failure analysis of UAV defense mechanisms.
Table 6. Comprehensive empirical performance, deployment evaluation, and failure analysis of UAV defense mechanisms.
Defense MechanismTarget Attack TypeComputational/Energy CostDetection Accuracy/Security StrengthDeployment ReadinessKnown Limitations/Failure Modes
SecureDrone (Hybrid AI + ECC) [36]Replay, MITM, impersonation, DoS31.8 ms compute time; 42.5 mJ energy consumption99.8% authentication success; no false attacks (formally verified)Simulation (NS2)Lacks Hardware-in-the- Loop (HITL) validation under real environmental noise.
Mamba-KAN-Liquid (MKL) [46]Zero-day, DDoS, GPS spoofing, jamming, sensor manipulation47.3 ms inference latency; 12.4 mJ per sample; 96 MB memory94.5% F1-score; 89.4% zero-day detectionSimulation (Cortex-A72/synthetic telemetry)No HITL validation; sensitive to real-world noise.
USAF-IoD (PUF + ASCON) [15]Physical capture, tampering, key compromise, impersonationUltra-low: ≈5.16 ms execution time; 5.388 mJHigh (formally proven semantic security via ROR model)Hardware emulation (Raspberry Pi)Sensitive to environmental variations affecting PUF reliability.
GDM-DTM [87]Collusion attacks, fake data injectionLow (lightweight onboard computation)85.04% accuracy; 91.66% F1-score (30% malicious nodes)Simulation (ONE simulator)Primarily evaluated in idealized software simulations.
Salted Temporal Keys (STK) [28]Sybil attacks, node reintegration exploits, trajectory poisoningLightweight; O ( 1 ) verification complexity; latency depends on missed consensus cyclesHigh (forward secrecy and second-preimage resistance)Real platform (Raspberry Pi 3 UAV)/Cloud emulationRecovery latency after outages; cannot distinguish disconnect types.
Deep Convolutional Attention (DCA) [11]Network intrusion, packet replay, packet floodingHigh (deep learning training and inference overhead)Severe drop to 21% F1-score under cross-dataset validation (sim-to-real gap)Offline analysis (simulated logs)Severe sim-to-real gap; low real-world F1-score (21%).
DASLog [29]Log tampering, evidence repudiationHigh (BFT consensus overhead); up to 8000 records/sVery high (immutable Merkle-based verification)Proof-of-concept (Hyperledger on EC2)High BFT consensus overhead restricts fully onboard swarm deployment.
MAVShield Cipher [113]MITM, Replay, Eavesdropping1.03% CPU, 12.92% batteryHigh (Successfully thwarts over-the-air MITM)Real hardware (Pixhawk Cube Orange+)ARX-based; reduced resilience to quantum attacks (e.g., Grover).
Post-Quantum Crypto (McEliece) [8]Quantum decryption, key compromiseHigh memory and bandwidthVery High (Quantum-resistant)Theoretical/labLarge keys (>100 KB) limit UAV deployment.
Table 7. Domain-Specific Threat Matrix: Assets, Threats, and Operational Impact.
Table 7. Domain-Specific Threat Matrix: Assets, Threats, and Operational Impact.
DomainCritical AssetUnique Threat VectorOperational ImpactDefense Mechanism
Smart AgricultureYield prediction modelsSensor data poisoningIncorrect harvest timing and yield estimation, leading to crop loss and economic disruption.Spectral index validation [16]
Energy GridSCADA control loopsFalse data injectionGrid instability and cascading control errors, potentially resulting in widespread service outages.Dynamic digital twins [116]
LogisticsBattery and controllerSupply chain TrojansMid-mission power or control failure, reducing delivery reliability and increasing operational risk.Blockchain traceability [42]
MilitaryCommand linkIntelligent jammingLoss of situational awareness and degraded coordination, compromising mission execution.Bearing-only formation control [86]
TransportationAirspace deconflictionRemote ID spoofingIncreased collision risk due to misidentification and degraded situational awareness in shared airspace.Privacy-preserving RID [65]
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Kose, K.; Kose, N.A.; Liang, F. Securing Unmanned Devices in Critical Infrastructure: A Survey of Hardware, Network, and Swarm Intelligence. Electronics 2026, 15, 1204. https://doi.org/10.3390/electronics15061204

AMA Style

Kose K, Kose NA, Liang F. Securing Unmanned Devices in Critical Infrastructure: A Survey of Hardware, Network, and Swarm Intelligence. Electronics. 2026; 15(6):1204. https://doi.org/10.3390/electronics15061204

Chicago/Turabian Style

Kose, Kubra, Nuri Alperen Kose, and Fan Liang. 2026. "Securing Unmanned Devices in Critical Infrastructure: A Survey of Hardware, Network, and Swarm Intelligence" Electronics 15, no. 6: 1204. https://doi.org/10.3390/electronics15061204

APA Style

Kose, K., Kose, N. A., & Liang, F. (2026). Securing Unmanned Devices in Critical Infrastructure: A Survey of Hardware, Network, and Swarm Intelligence. Electronics, 15(6), 1204. https://doi.org/10.3390/electronics15061204

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop