Military Review

The vulnerability of the control channels shtatovskih tactical UAV: ​​technological moments

28

"Hand Raven" of the Ukrainian Armed Forces - Raven UAV RQ-11B, caught and planted with electronic warfare devices of the Luhansk People's Republic



From a tactical point of view, a very weighty and interesting event took place at the theater of military operations of Donbass in early December of 2016. As 8 of December became known, closer to midnight, specialists of electronic intelligence and electronic warfare successfully attempted to intercept the radio channel for controlling the unmanned aerial vehicle RQ-11B Raven. This was reported by the well-known news agency "Reuters" with reference to the command of the Air Force of Ukraine. The radio channel of the drone control was successfully analyzed by the electronic intelligence units of the People’s Militia Corps of the Lugansk People’s Republic, and then duplicated by EW militias, but with completely different “packages” of teams with which Raven was safely put on the territory controlled by the LC of the LC. The fact of vulnerability to interception of these drones had a tremendous impact on the General Staff of the Armed Forces of Ukraine, up to and including the temporary abandonment of the use of RQ-11B in the Donbas.

As stated by "Reuters" with reference to the Ukrainian sources, the Ukrainian Armed Forces use drones with analogue radio control modules, which are very easy to hack into data packets with various radio commands, which is why such cases occur. Nevertheless, this question looks much more complicated than it is described by Reuters employees who are poorly qualified in this field, as well as the speakers of the “independent” General Staff. After all, we are all perfectly familiar with the more “daring” examples of the interception of control and landing of more sophisticated and large regional reconnaissance UAVs, which include the RQ-170 "Sentinel" from Lockheed Martin. As is known, this machine, with a length of 4,5 m and a wingspan of 20 m, is controlled through complex digital radio control channels using pseudo-random tuning of the operating frequency (with a tuning frequency of up to tens of kHz), as well as various methods of scrambling telemetry and radio command channels. Nevertheless, even the super secret and “stuffed” advanced element base “Sentinel” was “planted” by Iranian EW in the eastern part of Iran, even 5 years ago, in December, 2011.

According to sources in the General Staff of the Islamic Republic of Iran, the operators of Iranian EW were able to gain control over the control systems of the American drone by analyzing, copying and replacing the information "packages" of the GPS radio control channel radiated by antenna installations at one of the US air bases or military camps in Western Afghanistan . Such a technique looks extremely implausible, since it is known that the management of a UAV of such a class as Sentinel is made not by a direct radio channel within the radio horizon, but by a specialized GPS channel from a satellite. At the same time, the channel uses exclusively precisely directional antennas mounted on the upper part of the UAV fuselage, directed to the upper hemisphere. The question automatically arises: how did they manage it?

The most plausible is the version with the use of upgraded GPS-spoofers - portable radio transmitters with frequencies 1227,6 MHz and 1575,42 MHz (all GPS receivers of the civilian and military sectors operate on these frequencies; the latter are often equipped with radio coding modules). These transmitters carry out the so-called “spoofing” attack on the receiving GPS-module of a unit (drone, ground-based unmanned combat vehicle), which slowly deflects it from the specified path by transmitting false data about the true location in space. Making a civilian GPS device with a standard omnidirectional follow the false coordinates is much easier than a unit with a precisely directed antenna installation. To influence the latter, it is often necessary not only to have a more powerful L-band UHF amplifier, in which there are two main channels of GPS operation, but also a top location of a GPS spooler emitting a false radio signal, which may require the use of a higher-altitude drone or a specialized electronic reconnaissance aircraft and EW , acting in this bundle leading machine. This will create a more powerful false signal to the GPS receiving antenna, which “looks” into the upper hemisphere of the enemy’s reconnaissance UAV. Iran could easily use its own EW airplanes equipped with modern Chinese "iron", including GPS-spoofers, to seize control of the "Centinel".

Given that control over the US RQ-170 was intercepted over the western border areas of Afghanistan and Eastern Iran, there is another version of the incident, associated with the favorable terrain. Eastern Iran is replete with many mountain ranges with peaks from 2800 to 4000 meters, and the deployment of GPS spoolers in this area several dozen times increases the likelihood of successful suppression of a satellite GPS channel by a spurious channel emitted directly by the spoofer with a powerful amplifier, since the antenna of the intercepting complex is located on a few kilometers closer to the enemy drone. The most favorable such interception could be if the flight of the RQ-170 "Sentinel" UAV took place at an altitude of 2,5 - 3 km. In this case, Iranian spoolers had enough to be located on any mountain elevation in the eastern part of the country to get into the RQ-170 GPS antennas survey zone, after which you could begin “spoofing” attack.

To carry out flawless “spoofing” attacks, constantly updated information is needed with the exact coordinates of the GPS module unit carrier, which can be obtained thanks to modern means of electronic reconnaissance, which are used by the Air Force of the Islamic Republic of Iran. The simplest and most accurate of them is Radar "Caste-2Е2". The station operates in the decimeter range, and is capable of detecting and tracking small air targets, including UAVs, up to 100 m. This is quite enough for a reliable determination of such a large drone as the RQ-170 "Sentinel". When the radar assigns the target path, and the data packets with a changing real location of the target arrive at the operator's “spoofing” complex with short interruptions, the first stage of the attack begins - impacting the drone with a slightly more powerful GPS signal of the spoofer with the correct coordinates package targets obtained by radar. Then, the EW operators, using the software “spoofing” algorithm, gradually reject the satellite’s flight path of the enemy’s unmanned machine, turning it from an autonomous into a driven air “tool”, with which you can do almost everything, even turning it into a kamikaze drone, but only only within the scope of the “spoofing” -complex (Iran does not yet have its own satellite navigation group).


American UAV RQ-170, "intercepted" by Iranian EW equipment


It is also worth noting here that the Russian radio intelligence systems 1L222 Avtobaza purchased for the needs of the Iranian Air Force, from a technical point of view, cannot be used to suppress and “crack” the Sentinel GPS channel RQ-170, since Avtobaza is passive RTR. Moreover, 1L222 cannot be used as a means for analyzing “packets” of data from the GPS orbiting satellite constellation, since its receiver covers only a centimeter frequency range from 8 to 17,544 GHz. The Avtobaza complex is intended for direction finding of tactical X- / J- and Ka-band airborne radars aviation, Tomahawk TFR radio altimeters and other high-precision missile weapons flying around the terrain, as well as active radar seeker missiles of the air-ship / ground class and medium and long-range air combat missiles. More logical may look like information regarding the use in the RQ-170 Sentinel control interception procedure of the experienced Belarusian electronic warfare systems “Canopy-U” designed to suppress GPS channels.

Other sources also weave a complete absurdity, arguing that the malfunctioning of the INS and the entire avionics of the RQ-170 drone could create powerful noise interference stations, SNP-4, set by Belarus. Psevdospetsialista absolutely forgot about the true purpose of the complex SNP-4. First, the station was designed for passive radio-technical reconnaissance of radio-emitting multifunctional on-board radar systems of the enemy operating in the centimeter range, as well as their further suppression at a distance of no more than 60 km. The SNP-4 station is not a super-power ground-based electronic countermeasure device capable of completely disrupting the stable operation of the autopilot systems of the RQ-170 “Sentinel” UAV, as a super-high-frequency complex “Ranets-E” is capable of doing. Secondly, most of the elemental base of modern avionics, including all cables, wiring and other components, is shielded, and is also often covered with specialized radio absorbing materials to get rid of the negative effects of electronic countermeasures. Yes, and the maximum power of the station noise interference SNP-4 does not exceed 2,5 kW, which by the standards of modern radio engineering concepts - a drop in the ocean. The bottom line is this: “spoofing” -attack is the most realistic version of the interception of control over the American RQ-170 “Sentinel” UAV.

The most advanced characteristics of the "hacking" of the radio channels of the UAV today have the domestic electronic warfare complex "Dogov-AERO". This unit is able to perform: electronic reconnaissance for the presence of radio control channels of enemy UAVs, analysis of these radio channels (including extracting “packets” of data with control commands and return telemetry information), full-fledged “spoofing” attacks on enemy drones using the GPS suppression channel for all kinds of consumers. A large number of different types of antenna installations allows you to most accurately find the sources of radio control of the UAV in the range from 25 to 2500 MHz. To suppress the radio control of the Shiprock-AERO drones, the 4 has a range of electronic countermeasure and counter-interference radio emission: 0,025 - 0,08 GHz, 0,4 - 0,5 GHz, 0,8 - 0,925 GHz, and 2,4 - 2,485 GHz.


"Rosehip-AERO"


"Dogov-AERO" was first demonstrated to the public in 2012 year, in the framework of the International Forum "Technologies in mechanical engineering-2012" of the radio engineering concern "Vega". And in July of the 2016-year, the first messages from the Ukrainian side about the arrival of the complex in the capital of the Donetsk People's Republic appeared. Of course, listening to the statements from Kiev is a very ungrateful task, but I would like to hope that the “Rosehip-AERO” complexes really stand guard over the long-suffering Russian city of Donbass - Donetsk. These complexes could be an excellent help in protecting the population of Novorossia from constant destructive artillery strikes on schools, shops, houses, as well as strongholds of the Armed Forces of the DPR, which did not stop even after the conclusion of new agreements on the ceasefire for the New Year holidays. Conducting territorial aerial reconnaissance with the help of UAVs from the Kiev Nazis is not only an indirect threat, which consists in reconnaissance of the most populated objects for artillery strikes, but also a direct threat, since the Ukrainian Armed Forces have been engaged in natural terror for more than six months. Thus, the Osa-AKM self-propelled anti-aircraft missile systems and the NM LDNR anti-aircraft artillery systems intercepted more than 5 reconnaissance drums of the Armed Forces of Ukraine equipped with home-made suspension points with makeshift air bombs built on various hand grenades, projectiles and other explosives. "Rosehip AERO" in such conditions turns into an indispensable tool.

Let us return to the cases of interception of the radio channel of control of the American RQ-11B UAV “Raven” purchased by the “Square” UAV. For “hacking” of this drone, which starts from the hand, absolutely no sophisticated tools like Dogrose-AERO are needed at all. “Raven” is also equipped with a GPS module, but with a simpler non-directional antenna: this allows you to “jam” the drone's navigation system even using the simplest portable set of suppression of the GPS channel. But given that the Ukrainian militants more often use the RQ-11B radio command guidance within the line of sight (up to 10 km), it is not difficult to calculate the command and control points for the militia. What is enough for direction finding of the control channel sources RQ-11B within the radio horizon?

Today, for most knowledgeable residents of the liberated and occupied territories of the Donetsk and Lugansk People's Republics, a very small digital device called DVB-T tuner is very familiar. The device combines the functions of a full-fledged radio receiver, TV tuner, as well as a frequency scanner capable of serving radio frequencies in the range from 24 to 1750 MHz. The compact DVB-T tuner card is built around an RTL2832U + R820T2 radio frequency microchip, which has a fairly high sensitivity with an excellent noise suppression factor in the air. The population and military personnel of the LDNR often use the device to detect the radio stations of the Ukrainian military formations on the air, which sometimes can help prepare for unforeseen circumstances (shelling, movement of equipment, and also places of possible escalation of hostilities). As you know, the frequency range of portable radio stations is in the range from 136 to 174 MHz, while the analogue range of UAV control is at higher frequencies.

Armed with a self-made exactly directional antenna connected through an antenna output and an adapter to an SDR tuner, using the peaks in the frequency diagram, you can easily determine the approximate direction of the radiated radio control channel drone RQ-11B. The frequency chart is displayed in the SDRShurp program installed on a portable tablet or laptop running on the Windows OS. For devices on the Android OS (smartphones and tablets) there is a similar software called “SDRTouch”. Tuners are connected to computer technology via the USB interface. The price of the issue is no more than 550 - 600 rubles, and therefore DVB-T tuners are one of the most purchased electronic devices that volunteers deliver for the needs of the intelligence units of the People’s Militia of the LDNR.

The reconnaissance UAV RQ-11B, which was "intercepted" and forcibly planted by means of EW LNR, moved to the line of contact with the LPR from the direction of the village Crimean. The terrain in this area is relatively flat, and therefore it was absolutely no problem to determine the radio emitting station of the drone control. The signal was analyzed and transmitted to the "Raven" with more power, so there was a control interception, then the car was simply given a command to land. For analyzing the analog radio signal by the “Raven” control (defines “packages” with plane control commands), more advanced software is needed than “SDRSharp” or “SDRTouch”, which uses more serious drivers and filters, which are obviously used by specialists of the Armed Forces of the LC .

There is also a mass of other software, drivers and filters designed to collect traffic from satellite channels. They can be slightly upgraded to scan the decompression of poorly protected telemetric information channels broadcast by various reconnaissance UAVs. So, back in the year 2008, the US military captured a rebel, whose laptop was loaded with photos taken by American UAVs in the Iraqi theater of operations, computers with video files lasting several hours were found in other rebels already in 2009. On which also reconnaissance scenes of American unmanned drones. According to information from Western information resources, a modified software package like “SkyGrabber” with the price of 26 dollars was used to receive files.

Summing up our today's review, which is intended to reveal in detail the issues of “hacking” of radio channels controlling modern reconnaissance UAVs, we can note two main points.

1. The most comprehensive protection from the "interception" of control and removal of telemetry information have a heavy strategic reconnaissance UAV type RQ-4A / B / C "Global Hawk / Triton"; Operating at altitudes up to 19,5 km, these machines are less susceptible to the false signals of even the most powerful ground-based EW equipment, the maximum damage that can be caused to their work is the suppression of the AN / ZPY-2 on-board radar; as for navigation and GPS control systems with precisely directed receiving antennas, it is very difficult to “score” them. Indeed, not one Global Hawk has yet been “planted” by either Russian or Chinese EW equipment, although these machines fly both over the South China Sea and directly near our air borders near the Crimea ... We draw conclusions.

2. Taking control over the digital control channels of low-altitude and medium-altitude UAVs is a rather complicated task, but quite feasible. Success depends on the performance of the computing facilities of the EW complex, which carries out a “spoofing” attack on the drone’s GPS module, as well as on the power of the attacking radio channel amplifier, which must exceed the capacity of the satellite correction channel. Given that the "spoofing" -attack programs are regularly improved, then 100% protection should not be expected. As for the analogue radio control channels, which is applicable in the case of the Ukrainian RQ-11B "Raven", it is easy to crack them even with the help of the simplest means of electronic intelligence and EW.

Information sources:
https://xakep.ru/2012/01/19/58149/
http://www.rusarmy.com/pvo/pvo_vvs/reb_spn-4.html
http://radiolubitel.net/index.php/obzory-ustrojstv/341-radioskaner-sdr-priemnik-iz-usb-tv-tyunera-rtl2832u-r820t
https://informnapalm.org/25187-rossijskij-kompleks-shipovnik-aero-v-tsentre-donetska/
Author:
28 comments
Information
Dear reader, to leave comments on the publication, you must to register.

I have an account? Sign in

  1. Gray brother
    Gray brother 26 December 2016 08: 00
    +2
    . The most comprehensive protection against “interception” of control and telemetry data acquisition is provided by heavy strategic reconnaissance UAVs of the RQ-4A / B / C type

    But not a fact.
    1. Gray brother
      Gray brother 26 December 2016 08: 11
      +7
      although these machines fly both over the South China Sea and directly near our air borders near Crimea ... We draw conclusions.

      I made this conclusion: they didn’t enter someone else’s airspace and therefore no one touched them.
      They come in - they touch it.
      as for navigation and GPS control systems with precisely oriented receiving antennas, it’s very difficult to “hammer” them.

      How Accurately Directed? No, well, unless of course he has a "plate", then yes.

      And then when you approach the Kremlin in Moscow, the navigator usually shows that you are in Vnukovo or Domodedovo (airports by the way) and these territories are closed for UAV flights - which leads to interesting thoughts.
      1. spech
        spech 27 December 2016 08: 24
        +2
        as for navigation and GPS control systems with precisely oriented receiving antennas, it’s very difficult to “hammer” them.

        How Accurately Directed? No, well, unless of course he has a "plate", then yes.

        and no one canceled the side lobes of the radiation patterns.
  2. avdkrd
    avdkrd 26 December 2016 10: 57
    +2
    thanks for the competent review
    1. karabas-barabas
      karabas-barabas 28 December 2016 08: 26
      +1
      Yeah, very good, especially the fake Iranian photo. It is hard to believe that Iran has landed such a UAV. One of them, just like "intercepted", declared, but no matter how hard they tried, it was clear that the car was broken, that is, most likely due to a defect, it fell. And the Iranians have already seized the Merkava and made other models for their media.
      1. APASUS
        APASUS 1 January 2017 17: 17
        0
        Quote: karabas-barabas
        It is hard to believe that Iran has landed such a UAV. One of them, just like "intercepted", declared, but no matter how hard they tried, it was clear that the car was broken, that is, most likely due to a defect, it fell.

        The air defense system brought the fighter to the target, then calmly crushed this UAV with a jet. There are hundreds of options. At the same time, for me, such a UAV has a more complicated control system and still needs to be hacked. It’s not enough to give a fake field from GPS data transmitters, it is necessary that the program marks them as priority, compares them with the map.
        1. sa-ag
          sa-ag 2 May 2017 11: 46
          0
          Quote: APASUS
          The air defense system brought the fighter to the target, then calmly crushed it with a jet.

          Yeah, from such a “pressure” on the UAV, the planes will fly off at the moment
  3. Lopatov
    Lopatov 26 December 2016 11: 14
    0
    Considering that spoofing programs are regularly improved, you should not expect 100% protection.

    Easy. Make teams from the ANN a priority. Install a fairly simple software that checks the information received by global positioning for truth.

    In general, these "spoofing attacks" are in fact a dead-end path. Not only for a long time, in real combat this kind of sources of false signals will be quickly destroyed.
    http://www.defensenews.com/story/defense/air-spac
    e / 2015/05/31 / guided-bomb-makers-gps-jammers-battl
    efield-spoof-munitions-laser-jdam / 28117951 /
    1. dauria
      dauria 26 December 2016 12: 51
      +2
      Easy. Make teams from the ANN a priority.


      Not only ANN. There are also autonomous radio equipment - DISS, RV, ARC. In general, integration in navigation is a long-standing thing. Even visual or radar landmarks and astronavigation are not last. And given the fact that artificial intelligence is not far off, soon the UAVs will be no different from the manned one. And the only way to "plant" will be air defense. Fortunately, the price of the products will be comparable.
      1. Lopatov
        Lopatov 26 December 2016 12: 57
        0
        Just resetting the priorities is the easiest method. ANNs for most UAVs are already installed.
        1. Operator
          Operator 26 December 2016 13: 24
          +1
          UAV protection from control interception is a complex task:
          - encryption of communication channels;
          - Duplication of determination of coordinates using GPS and ANN;
          - transition to autopilot according to a given program in case of jamming of communication channels.

          The entire package has so far been implemented on medium and heavy UAVs.
          1. Lopatov
            Lopatov 26 December 2016 14: 19
            +2
            And why, in fact, intercept?
            The minimum goal. Disrupt the UAV in real-time reconnaissance missions. It is good enough to drown out the output signal from it.

            Maximum goal: destruction. There are much more effective methods here than trying to take control.
            1. avg-mgn
              avg-mgn 26 December 2016 15: 16
              +2
              Please note that the primary goal is not landing the device (this is a consequence), but intercepting the control channel in order to conduct a mat. analysis of information packages, operating time data libraries, and then a matter of technology
            2. Operator
              Operator 26 December 2016 15: 40
              0
              The transmission of the output signal from the UAV in the form of a highly directional transmission using AFAR cannot be drowned out - well, it can only be done by spraying dipoles in the air.

              But the transfer of information will still take place, though with a time delay - after the drone flies through the cloud of dipoles.
          2. neri73-r
            neri73-r 26 December 2016 15: 41
            0
            Operator Today, 13:24 ↑ New
            UAV protection from control interception is a complex task:
            - encryption of communication channels;
            - Duplication of determination of coordinates using GPS and ANN;
            - transition to autopilot according to a given program in case of jamming of communication channels.
            The entire package has so far been implemented on medium and heavy UAVs.

            While
            So, back in 2008, American soldiers captured a rebel, whose laptop loaded with photographs taken by American UAVs at the Iraqi theater of operations, other rebels, already in 2009, found computers with video files lasting several hours on which are also the intelligence scenes of American unmanned drones. According to Western information resources, a modified software package of the type “SkyGrabber” at the price of $ 26 was used to receive the files.


            and the article was that the problem is that it is very large-sized equipment for reliable signal encryption and it is difficult to install it on a drone, especially a small one! Maybe I'm wrong, but that was exactly how it was presented in the article.
  4. Felix
    Felix 26 December 2016 12: 30
    +1
    After all, not one Global Hawk has not yet been "planted" by either Russian or Chinese electronic warfare equipment, although these aircraft fly both over the South China Sea and directly near our air borders near Crimea ...


    Perhaps they do not make attempts to intercept any more out of the need not to reveal the real capabilities of the means of interception ahead of time ...
    1. avg-mgn
      avg-mgn 26 December 2016 15: 20
      +1
      Control channels must have been opened long ago, and not planted due to the absence of serious danger. There is no doubt that in case of need they will be planted in bundles.
      1. Operator
        Operator 26 December 2016 15: 49
        +1
        The control channels of modern UAVs are protected by encryption keys that change with each flight. The opening time of one key exceeds the flight time of the UAV.
        1. avg-mgn
          avg-mgn 26 December 2016 16: 11
          +2
          Not a fact (about flight / decryption time), modern tools, taking into account the accumulative data arrays, will allow analysis and opening of the channel within several tens of minutes. Difficulties can arise only when using floating codes, but this is for serious devices.
          Primitively, you can connect the moment the team passes and the subsequent UAV maneuver, but this is so for children with a calculator.
          1. Operator
            Operator 26 December 2016 16: 32
            0
            Floating means floating.
          2. yanus
            yanus 28 March 2017 18: 07
            +1
            Quote: avg-mgn
            Not a fact (about flight / decryption time), modern tools, taking into account the accumulative data arrays, will allow analysis and opening of the channel within several tens of minutes. Difficulties can arise only when using floating codes, but this is for serious devices.
            Primitively, you can connect the moment the team passes and the subsequent UAV maneuver, but this is so for children with a calculator.

            You are now on a site that uses ssl certificates for encryption.
            if you refresh the page, and then refresh it again after a minute, then the intercepted “teams” will be different. Absolutely. That is, they’re completely different.
            This is for fans of "primitive" hacking of encrypted signals.
          3. Walanin
            Walanin April 17 2017 15: 18
            0
            Quote: avg-mgn
            allow for several tens of minutes to analyze and open the channel

            a few tens of minutes at a cipher change frequency of several tens or hundreds of times per second will not do anything.
  5. opus
    opus 26 December 2016 15: 58
    +2
    Quote: Author
    then UAV control of such a class as "Sentinel" is far from a direct radio channel within the radio horizon, and via a dedicated GPS channel from a satellite


    It is not true
    The basic architecture of STANAG 4586. An example of the use of a satellite channel for communication with UAVs.


    Communication is not via GPS satellites, via mythical information "packets" of the GPS radio control channel ...
    And through communication satellites:
    1. Mobile satellite communications using VSAT technology (up to 5 Mbps).

    These satellites are produced =
    Advanetch Wireless (Canada);
    Hughes Network System (USA) - HughesNet (DirecWay), HX;
    Gilat (Israel) - SkyEdge;
    ViaSat (USA);
    iDirect (USA);
    NDSatCom (Germany);
    Istar (Russia);
    Newtec
    ComTech.
    2. The global Iridium L-band satellite communications system

    SBD technology that allows you to send (MO - 1960 bytes) and receive (MT-1890 bytes)

    The basic requirements for the data transfer speed from UAV onboard sensors are formulated in the NATO standard
    STANAG 4609 Edition 2 and in the second edition of the Implementation Guide of this AEDP-8 standard.
    All messages of the standard have the structure shown in the figure.


    3. Among the open NATO standards governing the transfer of data from unmanned aerial platforms, we indicate the standard STANAG 4607 / AEDP-7. It defines the content and format of data obtained from radars for detecting moving targets on the background of the earth's surface (GMTI - Ground Moving Target Indicator).

    Depending on the bandwidth of the communication channels, the GMTI format described in the standard allows you to transmit only information about moving targets or also related high-resolution radar images


    STANAG 4660 (The draft standard is being finalized), governs all aspects of the highly secure data exchange channel for the IC2DL UAV.

    Quote: Author
    To influence the latter, not only a more powerful decimeter wave L-band amplifier is often needed, in which there are two main channels of GPS operation, but the upper position of the GPS-spoiler emitting a false radio signal



    Well, of course wassat
    This one:


    has a beam width (BH) of this type of antenna less than 10 °

    How to "spam" him?
    ONLY ABOVE AND ABOVE him.

    Well, as an example of a radar (radar), that would be clearer:


    it radiates and receives (reflected).
    Well, try to make a mistake in the received / emitted signal. FINDING NOT BETWEEN the canvas and the target.
    from the "stern" for example, or somewhere from the side

    but still need to fake SourceID and CheckSum
    "fake" the signal propagation time through the satellite communication channel (from 250 ms, and taking into account multiplexing, switching and signal processing delays, the total delay can be up to 400 ms)

    ====================================
    So I can assume that the Iranians have adjusted the "brain" of PB:
    He and so with an error (example) =
    the radio altimeter A-079E, which is a radar station of a long-range missile ″ air-to-surface ″ X-59 MK, has an error of height measurement at roll and pitch angles of ± 15 °:
    - systematic component, 0,4 m at H <50 m,
    - random component, 0,5 m at 50≤N≤500 m, where N is the measured height.


    Or made nonsense in the positioning system for control points (substitution of radio contrast reference points)
    1. Operator
      Operator 26 December 2016 16: 36
      0
      Everything is much simpler - in 2011, without exception, all means of protecting the navigation and communications of American UAVs used over Iran were at an embryonic level (such as for the Persians, and so it goes).

      And then something / someone went wrong bully
  6. avg-mgn
    avg-mgn 29 December 2016 20: 20
    0
    Long looked through the comments on the article, a lot of blizzards. I’ll try to return the community to the main idea of ​​the article - suppress UAV ground control channels. (if not laziness, re-read the article and my previous comments and VO materials on the topic for the previous 3 days). It's not for nothing that in one of the comments it was written not REP but REP - feel and understand the difference (struggle and reaction are not the same words and concepts). Not all the gold that glitters in the neighbor’s toilet! We blocked only one control zone, from the ground - I hope so far.
    1. sa-ag
      sa-ag 2 May 2017 11: 53
      0
      Quote: avg-mgn
      I will try to return the community to the main idea of ​​the article - to suppress UAV ground control channels.

      Well, the UAV flies along the route (control points in the device’s memory "), the task is to photograph and video a certain area, basically nothing comes from the ground control to it, or via satellite
      1. avg-mgn
        avg-mgn 2 May 2017 13: 05
        0
        the article does not talk about a dumb automaton, therefore there is a control channel. Therefore, there are options for intercepting these channels and neutralizing them or replacing control commands. These options, including the "satellite - UAV" in the article with a half-hint, but are still indicated.
  7. brosai_kurit
    brosai_kurit 11 May 2017 00: 39
    0
    1. The most comprehensive protection from the "interception" of control and removal of telemetry information have a heavy strategic reconnaissance UAV type RQ-4A / B / C "Global Hawk / Triton"; Operating at altitudes up to 19,5 km, these machines are less susceptible to the false signals of even the most powerful ground-based EW equipment, the maximum damage that can be caused to their work is the suppression of the AN / ZPY-2 on-board radar; as for navigation and GPS control systems with precisely directed receiving antennas, it is very difficult to “score” them. Indeed, not one Global Hawk has yet been “planted” by either Russian or Chinese EW equipment, although these machines fly both over the South China Sea and directly near our air borders near the Crimea ... We draw conclusions.


    One conclusion, I guess. We need EW satellites.