The Association for Unmanned Vehicle Systems International (AUVSI) has made an announcement about the Green UAS certification which marks a significant leap in drone security. Green UAS, an integral part of AUVSI’s broader Trusted Cyber Certification program, is designed to assess and verify commercial drones, emphasizing the highest levels of cybersecurity and compliance with the National Defense Authorization Act (NDAA) supply chain requirements.
Whether you’re a manufacturer or a user, you should pay attention to such certifications to ensure compliance. Getting these certifications means these drones are top-notch regarding product security, remote operations security, supply chain risk management, and keeping things cyber-clean in the corporate world. To get certified, the drones go through a detailed check of their security controls, plus some vulnerability and penetration tests. This makes sure they meet the newest security rules, like the ones in the DIU’s Blue UAS 2.0 program.
Green UAS certification process
The GreenUAS builds on the success of the Defense Innovation Unit’s (DIU) Blue UAS certification program, extending its benefits to the non-defense drone community. The aim is to enhance security across the drone manufacturing base, fostering innovation and increased utilization of dual-use systems. A network of cybersecurity firms is engaged to rapidly vet drones and components seeking Green UAS certification, utilizing frameworks that address threats and cyber risks across various domains, including corporate cyber hygiene, product and device security, remote operations, connectivity, and supply chain risk management.
The Green UAS certification process operates on a framework that includes assessments in key areas:
- Corporate Cyber Hygiene: This involves evaluating an organization’s enterprise cybersecurity strategy and program against leading industry standards like ISO and NIST Cyber Security Framework.
- Product and Device Security: The assessment focuses on ensuring that drones and components are designed, developed, and manufactured with the utmost attention to the safety and security of the data supporting UxS Systems and mission operations.
- Remote Operations & Connectivity: Examining UxS systems’ connectivity for remote operations, ensuring that command and control is restricted to authorized operators and that telemetry and mission data transmission is secure.
- Supply Chain Risk Management: Conducting a physical vulnerability assessment of drones and their components, ensuring compliance with NDAA requirements for those seeking to transition to Blue UAS/DoD use.
One unique aspect of Green UAS is its flexibility and transparency. Manufacturers not selling to the Department of Defense (DoD) can still benefit from the certification, with flexibility based on criticality and use-case, providing transparency to inform acquisition decisions.
As the first product of AUVSI’s Trusted Cyber Program, Green UAS sets the stage for enhanced security across the drone industry. By aligning with the DIU’s Blue UAS certification program, it not only mirrors defense standards but also opens doors for dual-use systems and increased innovation. With a robust framework that addresses key cybersecurity aspects, Green UAS certification adds a layer of assurance for both manufacturers and users. As the drone industry continues to grow and diversify, initiatives like Green UAS play a crucial role in building trust and ensuring the responsible and secure integration of unmanned aerial systems into our airspace.
