Photograph by D Ramey Logan, CC BY 4.0
Company Provides Details of DJI’s Security Enhancements and Certifications in Response to Global Data Safety Concern
by DRONELIFE Staff Writer Ian J. McNabb
As tensions rise around the use of Chinese-manufactured drones in critical industries, like first response teams, UAV systems developer DJI recently released a white paper designed to showcase their security features. These include hardware features, like their processor and encryption systems, software options designed to maximize user control, and third-party certifications designed to reassure customers that their data remains safe.
Throughout the white paper, DJI aims to underline that the user is in control of their own encrypted information which is stored entirely locally. The ARM-based chips most DJI drones run on are TrustZone enabled, meaning that processes like booting, updating, and encryption occur entirely within a secure environment. The FIPS 140-2 certified DJI Core Crypto Engine is another tool to protect data, generating secure keys that are then inaccessible to all software to keep data quarantined and safe at all times.
DJI also highlights the security features within their software, which include storing all data produced outside of China in the US, Japan, or Europe. All drone data shared with DJI is TLS-protected, meaning that its resistant to data breaches and attacks, and all personal information shared with DJI is AES-286 encrypted during storage. Many DJI software projects include “secure modes” that allow DJI only the most necessary data, and their data management team has achieved ISO 27001 certifications underlining their commitment to information security.
To back up their claims, DJI commissioned two third-party audits in the US and Europe, receiving the (previously mentioned) FIPS 140-2 and ISO 27001 certifications for data security and encryption. FIPS 140-2 is a US government-issued certification that is validated by both the United States and Canada. In addition, they highlighted their bug bounty program, which is designed to find security vulnerabilities by offering rewards for their discovery.
More information on the DJI Drone Security White Paper is available here.
Miriam McNabb is the Editor-in-Chief of DRONELIFE and CEO of JobForDrones, a professional drone services marketplace, and a fascinated observer of the emerging drone industry and the regulatory environment for drones. Miriam has penned over 3,000 articles focused on the commercial drone space and is an international speaker and recognized figure in the industry. Miriam has a degree from the University of Chicago and over 20 years of experience in high tech sales and marketing for new technologies.
For drone industry consulting or writing, Email Miriam.
TWITTER:@spaldingbarker
Subscribe to DroneLife here.