Jeffrey Starr is the Chief Marketing Officer at D-Fend Solutions
The Federal Aviation Administration (FAA) recently released a Part 139 certification alert informing Part 139 airport operators that airport emergency plans (AEP) should include instructions for responding to unauthorized unmanned aircraft system (UAS) operations in the airport environment. What are the implications of what the FAA has proposed?
It is very broad but essentially the focus is on planning. It is a positive step, instructing airports to plan for the increasing threat from drones but it is general, without specific guidelines, formats, or templates.
However, it ratchets up a notch the sense of urgency of dealing with this issue and it complements other things that the FAA, the Transportation Safety Agency (TSA) and other federal regulators in the US are doing in terms of trials, testing and technology evaluation.
The ultimate effect will be to increase the sense of urgency and encourage many airports to take a more strategic and systematic approach to plans for drone-related emergencies.
The good news is that many airports have already been starting to prepare in this direction.
One of the problems is that most infrastructure providers do not have unlimited budgets. They have only a very shadowy understanding of what the threat could be. What are you actually defending the site against? A single, small drone coming in at a certain height? Or a swarm, at different heights? How do you advise security professionals on strategy, given that there has to be limits to expenditure and prioritising certain threats?
The threat is multi-faceted and includes all those scenarios. The threat, the regulations, and the technology are intertwined in a way that requires a lot of in-depth analysis, because you need to make sure that the cure is not worse than the disease. And if you are bringing the technologies in, you must make sure that they are dealing with the threat in a commensurate way and not causing other risks and dangers.
So, for example, what we are advocating both at the site level – when they are implementing and installing technology – and the regulatory level is to consider the potential risks of the C-UAS technologies as well as of the drone itself, in a holistic framework.
So, for example, you want to make sure that there is no risk of disruption to communications in the area – security, transportation, communications, and navigational aids. You want to make sure that there is no disruption of any kind of communications by the counter-drone technology. Then there is the risk of collateral damage. So, that often rules out kinetic or physical counter-drone options in such a sensitive environment as an airport.
I think it is especially important that vendors do not just throw products at the problem, but rather start with a plan. And we start with a wide range of surveys, evaluations, and professional services well before the full implementation of the technology.
These need to consider the unique environmental factors of not just protected sites in general, but of each site: the topology, geography, landscape, and borders – everything that is unique to each location.
So, there are lots of considerations before any installation. There are, for example, surveys of interference in the area. What are the RF signals in the area? What are all the different electronics and signals? Training is obviously needed and must be extremely thorough.
So, all of this is a fundamental prerequisite before any technologies are implemented, and to then help with the ramp-up and onboarding of any new counter-drone solution.
One organisation may be responsible for detecting the threat but the people who are responsible for mitigating the threat may work for a different organisation.
Yes, there is this distinction often between who has approval for detection versus who has authority for mitigation.
We support some of the current regulatory reform efforts in this area. We do believe that, ultimately, relevant sites will be well served when more qualified and authorized law enforcement personnel are attached to these sites, and there is integration and coordination of operations at state, local, federal, and other levels.
If authority starts to devolve to the operational personnel, you have a much better situation, because there will be fewer interdependencies, and more people working at an operational level on site to deal with incidents.
In the meantime, any solution that is implemented must take into account the complexities of who has detection and who has mitigation authority and responsibilities, and allow for the rapid communications, coordination and sharing of the right information to make sure the right people with the right authority can perform the right action at the right time.
When I speak to customers, when they’re looking at counter-UAS, there are a number of things that concern them. One of them is scalability. They need a system which will be able to adapt as new technologies are developed to meet new threats. They need something based on open source, which they can add to. But they also need something where they feel they can deploy the best sensors, the best artificial intelligence algorithms and the best mitigation technologies – which means more than one supplier. How do airports and other mission-critical sites design a system to make it effective, affordable and future-proofed?
We are in favour of complementing and coexisting in a, holistic counter-UAS ecosystem of layered technologies, each with its various focal points and strengths. We feel it should be a smart system, a cybercentric system, a system that focuses first on safety, control, and continuity. We certainly coexist with other technologies, and we advocate that kind of flexible, layered approach which will need to be appropriate to each site.
The other thing you mentioned is scalability. I think one of the most important ways to achieve scalability is to have the option for multiple deployment operations, so the site has operational flexibility due to changing conditions, new use cases or varied topology.
So, for example, there might be a special event, or the arrival of a VIP, which changes all the dynamics. You may need vehicular deployments of your counter-UAS. You may need tactical deployments either at ground level or high altitude for your counter-UAS, in addition to any stationary, permanent fixture counter-UAS installation that may be either high altitude or long-range directional.
An airport is a particularly challenging environment. You need both a holistic bubble of detection and protection around the critical assets of the airport and a long-range directional view and coverage to take care of the runaways and corridors and anything that is approaching the airport. You need both detection and protection zones. So, you need, really, a lot of flexible deployments and scalability. You need to be able to add units and add sensors quickly, depending on the situation and the natural growth of traffic in the airport.
So, if we can’t use projectiles to take the drone down, we can’t use RF jamming, what can we use?
We are advocating – in a manner consistent with evolving regulations and approvals – an RF cybercentric, detection and mitigation, takeover-kind of approach. EnforceAir detects the signals between the remote-control system and the drone, and then applies RF-cyber methods. Ultimately EnforceAir can take over control of the rogue or hostile drone, when used by officials with mitigation authority and where allowed by regulations.
And at that point, the operator is in control and can decide whether to mitigate the drone by sending it back, a fend-off, or landing it in a predesignated safe zone. This results in a safe outcome. We are looking towards the future threats with an eye towards maintaining operational continuity – making the incident not become an incident. A preventative approach. And avoiding the risks of collateral damage and avoiding the operational disruption of a jamming-based approach.
And does this work for autonomous drones?
There seems to be a lot of issues and confusion around the definition of autonomous drones. “Autonomous” doesn’t necessarily mean “silent”. You have certain preprogramed drones which people call autonomous but in fact are detectable by the right systems.
And then if you are talking about drones which are totally RF silent; we advocate a multi-layered approach, including other detection technologies with which we can coexist.
We are undertaking a lot of statistical analysis and surveying of incidents that happen around mission critical or sensitive sites. We are looking at the protocols, the manufacturers, the models. And most incidents – most of the ones that you read in the news – come from commercial drones, or do-it-yourself drones built from off-the-shelf components that we can detect.
We define the most dangerous drones as the ones that can carry heavy payloads, the ones that can fly long distances and the ones that are readily accessible by potentially careless or nefarious actors.
One of the issues when I talk to users is that there’s no standardised human-machine interface for C-UAS equipment. Every manufacturer has its own particular processor and display, and this creates a lot of disassociations between various systems and confusion for the operators. Is there any way we can start to standardise some of these human-machine-interfaces and improve interoperability?
Yes. We integrate other equipment and within larger systems. We have recently launched our MSC2 product, a control system for larger and more complex environments requiring centralized management, and our units can work with open APIs. We are advocates of a more common approach towards how the threat is displayed and working towards convergence that integrates best practices in a layered defence with the ability to detect and mitigate across products within integrated platforms.
What’s the range of cost from the cheapest to the most expensive C-UAS?
You can certainly buy components or units of things that perform basic detection functions relatively cheaply. Complete end-to-end full incident lifecycle detection to mitigation systems cost more. As a cyber counter-drone takeover vendor, we’re not easily comparable with other technologies; we’re in a unique capability technology category of our own. We build our pricing based on the number of units and sensors that will be required, the ongoing maintenance and updates required, within the exact nature of the deployment – mobile vehicular, tactical, stationary, high altitude, ground level, omnidirectional, long range directional, etc. These are all factors when we put together a system configuration that is going to be value based and cost effective for the environment, use case, and coverage area,
Do you see a day where every sensitive site or critical infrastructure will have a counter-UAS capability?
Yes. Absolutely. Drones are proliferating around such sites, a portion of which is a positive development, because many drones perform vital tasks. Authorised, friendly drones, performing tasks related to inspection, security, construction, and all kinds of necessary applications.
But the coexistence of these drones with unauthorised UASs will require every site to need some sort of detection and mitigation capability within an overall strategic framework, compliant with evolving regulations, and, of course, aligned with the emerging systems for UTM.
Has the technology improved so we’re not getting too many false positives?
That is a classic problem with radar. Many radar systems generate false positives and cannot easily distinguish between a bird and a drone. You do not have that problem with RF cyber-based detection.
Other detection technologies also have challenges. On the acoustic side, drones are becoming increasingly quieter and airports, other infrastructure sites and event venues are becoming increasingly noisier.
On the optical side, you need line of sight, and sites in urban or mountainous environments may not have that. You can have a rogue drone close by but visually blocked by a building.
In today’s more sensitive urban environments, you need detection and mitigation that is not sound dependent, does not generate false positives, does not require line of sight, and does not cause interference or carry the risk of physical collateral damage.
How do you integrate a rogue drone identification and mitigation into urban UTM systems?
Some of the emerging standards and regulations, in areas such as remote ID, could be part of the equation. As part of the process of using our system, local users start to build a database of authorised, friendly, approved drones on their approved list which over time becomes a critical asset for the site and could coordinate with UTM systems,
But I do think you raised a particularly good point in that both the regulators and the technology providers will use remote ID functions and other data sources into UTM and other related system architecture to make these identifications faster, better, and safer.
It just slightly worries me that we’re relying on a database of known products. Sometimes, you’re going to get something appearing which hasn’t been identified.
Yes, and that is why you cannot be dependent only on a database of existing known drones in the site vicinity.
We favour technologies which can apply RF-cyber techniques on the rogue drone itself and understand the make, model, protocol, and associated dangers. And not only for commercial drones, but for do-it-yourself component-based drones.
We must take what-I-call-a “life-cycle”-based approach which can lead to different, controlled, and safer kinds of outcomes.
You think of it in terms of the chain. Detecting and alerting. Then locating and tracking. Identification – not just the drone, but the pilot, and where it came from. Discovering their position and identification. But then having an option to fend off or to take control and land.
That leads to continuity and a safe outcome, as opposed to just jamming it, which is temporary and disruptive, or kinetic, which can cause collateral damage, and both of which can lead to unknown and potentially unsafe outcomes.