Developing Unmanned Aerial Vehicle Software for Safe and Secure Drone Operations

Drone technology — also known as unmanned aerial vehicle (UAV) and unmanned aircraft system (UAS) technology — is expanding rapidly across commercial, industrial, and defense sectors. As these systems become more complex, they increasingly rely on sophisticated software for aerial embedded systems. However, increased complexity can introduce critical safety and security risks, particularly when commercial systems — which often have less robust infrastructure — are adapted for defense use. Outdated supply chains and software failures in autonomous systems can lead to data breaches, collisions, or loss of control of the drone to a bad actor. 

As the first line of defense, drone software developers should be aware of regulations for military airworthiness that integrate drones into existing aviation systems and establish safety and security systems. 

Here, we examine tools and best practices that help improve drone safety, code quality and enforce compliance with aerospace and defense standards. 

How Are UAVs Used Today? Unmanned Aerial Vehicle Military and Civilian Use 

UAVs are important for both military and civilian applications.

Military UAVs are used frequently in: 

• Surveillance
• Object targeting
• Supply delivery
• Force protection
• Damage assessment 

Civilian UAV use is also expanding, with applications in: 

• Agriculture
• Construction
• Real estate
• Broadcasting
• Express shipping
• Emergency services

In the United States alone, the Federal Aviation Administration (FAA) predicts that commercial drone fleets will reach 955,000 and recreational fleets will extend to 1.82 million by 2027, according to the U.S. Government Accountability Office. With so much growth, regulating and safely integrating UAVs in national airspace is becoming more complex. Drone manufacturers will need to take a proactive approach to UAV software development and stay ahead of challenges if they are to manage safe and secure drone operations. 

Unique Software Challenges in Drone Safety and UAV Development

Whatever the application, developing software for autonomous aviation presents unique challenges for manufacturers. These are not typical IT environments; they are high-stakes, often resource-constrained, and operate in dynamic conditions where the cost of failure is high. 

Complexity of Onboard Systems

A modern UAV is a complex integration of numerous components that must work in perfect harmony. The software is the central nervous system, managing everything from navigation systems and GPS data to communication links, sensor arrays, and flight control logic. A single flaw in the code that governs these integrations can lead to systematic failure. 

Real-Time Operating Constraints and Artificial Intelligence (AI)

UAV systems need to provide an immediate and predictable response to both environmental changes and operator commands. This requires software built for real-time performance, where every millisecond counts. Whether it's adjusting flight paths to avoid an obstacle or responding to control input, any delay or non-deterministic behavior can have immediate physical consequences — but now that AI is being introduced to airborne systems, any models still evolving during operation can introduce unpredictable behaviors that increase safety and security risks. Autonomous decision-making can introduce safety risks such as mid-air collisions and damage to people or property, and security risks such as adversarial AI attacks. Developers will need to adapt to new AI functional safety processes and follow emerging guidelines such as ISO/IEC TR 5469 and ISO/DPAS 8800. 

Stringent Resource Limitations

Unlike enterprise applications with access to vast server resources, drone software runs on embedded systems with significant constraints. Developers must contend with limited processing power, memory, and battery life. In addition, code must be highly efficient and optimized to perform complex tasks without overwhelming the hardware or depleting the power source prematurely. That means the code should be high-quality and bug-free. 

Hostile Operating Environments

Oftentimes, UAVs operate in not just physically harsh but electronically hostile environments in terms of electronic warfare. While traditional aircraft rely on more secure avionics systems (including protected ATC channels and hardened cockpit systems), UAVs rely on unmanned control links (like RF signals and Wi-Fi), which make them more vulnerable to attacks. The software must be robust enough to mitigate a range of cyber threats including signal jamming, GPS spoofing, and other malicious attacks designed to take control of the vehicle or intercept its data. Security should be a priority early in development to identify coding problems and fix defects before they become unmanageable. 

📕 Related Resources: Read more about: 

• Shift-Left Security
• Shift-Left Compliance Solutions
• Functional Safety 101

To help address mission-critical challenges and minimize risks in drone software, development teams can follow safety and security standards used in aerospace and defense development. 

Process standards ensure the development process is followed so that the finished product is written in a safe or secure manner; while coding standards are documented rules and conventions that help developers write high-quality, consistent, secure, and maintainable code. 

Drone Software Regulatory Frameworks and Security Standards

UAV software development should comply with specific guidelines defining mandatory requirements and technical implementation practices. 

DO-178C 

DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is an essential functional safety standard that provides guidance to airborne software development. At its core, DO-178C requires a systematic approach to software planning, development, and verification activities to ensure the airworthiness of an aircraft — including drones. 

  📕 Related Resource: Discover why aerospace and defense software needs DO-178C, and the unique military advantages of applying this standard to the SDLC. 

Download the White Paper

FAR Part 5 Final Rule 

The 2024 FAR Part 5 Final Rule introduces comprehensive Safety Management Systems (SMS) requirements for Part 21 manufacturers that can significantly impact software development practices for UAV systems. The rule requires the mandatory implementation of automated hazard identification systems to continuously monitor system operation and detect potential safety issues. 

From a process perspective, the rule requires manufacturers to identify safety risks associated with their operations, manage them effectively, and collect data to facilitate continuous improvement. Given the complexity of these systems, sophisticated automation and integration strategies are best suited for technically implementing these measures, maintaining compliance, and supporting rapid development cycles. 

EASA Drone Regulation

The European Aviation Safety Agency has established a risk-based approach to drone regulation that significantly impacts software development requirements. Two main regulations guide European drone operations: 

• Delegated Regulation (EU) 2019/945 - requirements to ensure the safety, reliability, and compliance of UAS products within the European Union.
• Implementing Regulation (EU) 2019/947 - establishes rules and procedures governing the operation of UAS and personnel such as remote pilots within the EU states. 

The EASA drone regulations categorize operations based on risk profile, with each category imposing specific technical requirements on UAV manufacturers. 

While the Open Category represents lower risk operations, software developers still must carefully consider basic safety features. As operations move into the Specific Category, the guidelines become more stringent, particularly for Beyond Visual Line of Sight (BVLOS) operations. Systems require an operational authorization (OA) issued by a National Aviation Authority (NAA) with limitations adapted to the risk posed by the operation. To address the increased operational complexity, software developers must implement robust risk assessment frameworks and enhanced cybersecurity measures. 

The Certified Category represents the highest level of scrutiny, requiring certification (i.e., a "type of" certificate and a certificate of airworthiness). Depending on the product, this could mean DO-178C compliance alongside enhanced security requirements. 

DISA ASD STIG

The Defense Information Systems Agency (DISA) provides Security Technical Implementation Guides (STIG) that inform organizations on how to comply with best practices around aerospace cybersecurity, with one that is specific to Application Security and Development (ASD). The DISA ASD STIG provides a layered approach to security that spans the software stack of UAVs. At the operating system level, STIGs mandate specific hardening requirements that impact real-time operating system configurations commonly used in UAV platforms. At a network level, DISA guides developers on how to minimize encryption, authentication, and access control risks. 

Best Practices for Safe and Secure UAV Development

Developing safe and secure drone software requires a combination of robust engineering practices, adherence to standards, and a focus on cybersecurity — but it doesn't have to be rocket science. By focusing on the following areas, development teams can create innovative aerospace and defense software that is not only safe and secure but reliable and compliant with industry standards. 

1. Adopt a DevSecOps Mindset

Implementing DevSecOps in UAV software development augments traditional DevOps actions with security-specific practices. These practices verify and validate code at every stage of the development pipeline to reduce the feedback time between issue identification and remediation action.

Common benefits of DevSecOps are: 

• Reduced development and operation costs
• Shortened development cycles
• Faster detection of software vulnerabilities and errors
• Reduced number of failures and rollbacks associated with deployment. 

2. Shift-Left: Early Integration of Safety and Security Testing

Traditional testing, often performed near the end of the development cycle, frequently uncovers issues that are expensive and time-consuming to remediate. The shift-left approach integrates safety and security testing throughout the development process, beginning with requirements analysis and architectural design.

Teams implement this philosophy in the following ways: 

• Requirements analysis: Safety and security requirements are defined and validated alongside functional requirements, ensuring that controls are built into the system architecture rather than added as an afterthought. For example, authentication mechanisms for drone command and control systems are designed with the core communication architecture rather than overlaid after the fact.
• Design reviews: Safety and security-focused design reviews occur early in the development process, allowing teams to identify and address potential issues before implementation. For example, including threat modeling and attack surface analysis in design reviews provides a view of security risks that can be addressed earlier in the lifecycle.
• Code implementation: Developers receive immediate reports on issues through integrated testing tools, enabling rapid remediation. This tight feedback loop reduces the cost and effort of fixing issues compared to traditional approaches. 

3. Use a Static Analysis Tool to Maintain Mission Integrity for Drone Operations

Automated testing is crucial for obtaining immediate feedback on the safety and security risks within a software release candidate. This includes static analysis to identify potential vulnerabilities, such as null pointer issues, buffer overflows, and memory leaks. 

Static analysis tools such as Perforce QAC and Perforce Klocwork can support compliance with process standards like DO-178C and coding standards like CERT by automating verification of coding rules. Additionally, these tools can run automatically on the developer's desktop or from a CI/CD orchestration tool based on triggers from the source control system. 

Tool selection must consider not only the basic capability to check compliance with standards but also the tool's ability to understand complex codebases and provide meaningful analysis results. 

Fly Safely and Securely 

Developing safe and secure software for UAVs is a complex challenge that requires sophisticated technical solutions and careful attention to regulatory requirements. Success requires a comprehensive approach, integrating multiple technical disciplines while maintaining practical development processes. 

As these systems continue to evolve, the importance of balancing security, safety, and operational capability will only increase. Organizations that successfully implement these practices while maintaining development agility will be best positioned to advance the state-of-the-art in UAV technology. 

See for yourself how Perforce Static Analysis tools help enforce coding standards and shift development to the left. Request your free trial today. 
Free 7-Day Trial