Unifly, in cooperation with Nexova, have successfully completed the SecureUTM 2 Phase I under the European Space Agency’s (ESA) NAVISP program, with emphasis on mitigating GNSS jamming and spoofing.
The project establishes a certification-aligned, risk-driven cybersecurity foundation for secure, resilient and scalable unmanned traffic management (UTM) and U-space services across Europe.
As drone operations grow in complexity and cross-border interoperability, cybersecurity is becoming essential for operational continuity and public trust. SecureUTM 2 embeds cybersecurity engineering into the core architecture of UTM systems, aligning with European U-space regulations, Common Criteria methodology and ENISA risk frameworks. Security is treated as a foundational design principle rather than a late-stage compliance requirement.
Building on SecureUTM 1, SecureUTM 2 Phase I significantly expanded the cybersecurity baseline for UTM systems. Key outcomes include:
- Refinement of a harmonized Protection Profile (PP) for UTM
- Development of an updated Security Target (ST) for the Unifly platform
- Structured risk assessment and certification-aligned gap analysis
- Definition of a secure architectural baseline addressing real-world U-space complexity
- Setup of a PoC Testbed
Risk-based engineering roadmap
A control-by-control gap assessment translated cybersecurity requirements into a prioritised implementation roadmap. Focus areas include:
- PNT source authentication and plausibility checks
- Enhanced session integrity and transport protection
- Denial-of-Service resilience
- Device-level authentication and auditing
- Secure storage and encryption
This structured approach supports operational deployment and future EU cybersecurity certification readiness.
Validated mitigations for GNSS and PNT threats
SecureUTM 2 phase I placed strong emphasis on GNSS jamming and spoofing risks increasingly observed in drone operations. Practical, layered mitigations were validated through a dedicated U-space proof-of-concept testbed with Hardware-in-the-Loop UAV simulations.
Validated measures include:
- On-board GNSS jamming detection
- Fleet-level interference inference
- Trajectory plausibility and conformance monitoring
- OSNMA-based message verification
- Structured anomaly logging and alerting
The testbed enables repeatable attack simulation, KPI-based evaluation and regulator-ready evidence generation.
Foundation for Phase II and European deployment
Phase I also delivered a structured U-space testbed blueprint, verification methodologies and digital twin foundations to support continued validation, operator training and continuous cybersecurity testing.
SecureUTM 2 directly supports Belgium’s U-space deployment strategy and strengthens its position in secure drone integration.
Phase II will focus on implementing prioritised controls, expanding validation capabilities and further aligning with EU certification frameworks.