Scroll to top

Advanced SDR for Drones

So I ended up having a deep conversation with a good friend and team mentor code named ‘JUNGLE’ a robotics genius. We went into depth about a few things. The coolest part about our conversation is that I can start with a simple act of broad statements and it’s like opening up a can of worms with this guy.

The topic of discussion was SDR -or- Software Defined Radio. The broad question asked is “I want to make an SDR repository (much like the one’s on github) that find and hunt signals to deAuth.

First things first. Get your ChatGPT to act as a boeing level engineer or expert with a few quick prompt starters. Keep the prompt simple, assign ChatGPT a role, and absolutely know the basics for which you are asking…

I knew for sure I had to ask the Ai to write me a code for simple “GNUradio UHD Code”

Online Learning

Then from there you need a solid PC with GPU available because we have to utilize intensive data slicing. The machine (UAV or UGV) doesn’t really matter. At this point what matters is drawing power maybe and not skimping on your code. This is absolutely no minor task.

So the conversation with JUNGLE went on. We talked about learning SIGNALS. Cool there’s a couple books you can research on electronic warfare and also youtube university you can find guys like Atlas, Mike Ossman, and Travis Goodspeed who are all great teachers and source great intel.

“Not sure how far a long you are in SDR, it’s pretty f*ckin Voodoo” -JUNGLE

Doing detections and feature extractions is not a simple task by no means. He mentioned that we shouldn’t be looking at doing MCU usage. That’s a given. I wasn’t headed that route to be honest. “You need to be looking at a Jetson Orin and BladeRF.” Ding-Ding-Ding. That’s where I knew the conversation was headed and I was waiting to hear where he stood on the SDR concept and employment.

Here’s where it gets good. I knew we weren’t on the ETTUS level of employing FPGA’s [A field-programmable gate array (FPGA) is an integrated circuit designed to be configured after manufacturing. The FPGA configuration is generally specified using a hardware description language (HDL), similar to that used for an application-specific integrated circuit (ASIC).]

N-Type RF Power Meter V7 10GHz Type-C High Performance Full-band RF Circuit Development Network Serial Communication

Description:
– RF-Power-Meter-V7.0 series is a high-performance low-cost portable TYPE-C simple RF power meter with simple instruction, small size, stable performance, high accuracy, preset offset, wide dynamic range and fast measurement speed. 5V power supply and high-speed data communication are provided through TYPE-C. The software matched with this power meter enables users to configure the power meter on the PC and makes it easy to record and share data.

Advantages:
– Support a variety of high-speed dynamic acquisition, with a maximum of 500kbps (2uS) upper computer acquisition.
– Up to 10GHz RF signal acquisition function is supported.
– Built-in digital programmable attenuator (0-31.75DB), the maximum input power measured with digital attenuator is 30dBm (1W), and the dynamic range is +30dBm to – 60dBm.
– The power meter V7.0 comes with 1.3-inch TFT LCD and built-in Li battery, which can be operated offline.
– The 4-port aviation plug is used to provide TTL serial port reading and writing function, and provide single and continuous data reading mode.
– The upper computer has two MARK cursor functions to measure the modulation pulse width; Automatic calculation of maximum and minimum values; The maximum storage depth is 500 points; Support pause, data saving and export functions.
– RF input interface: N-type male

Application:
– Calibration of RF instruments
– Detection and maintenance of RF equipment
– Measurement of standing wave ratio of RF circuit (adding feedback bridge)
– Measurement of return loss of RF circuit
– Interference detection between wireless communication equipment
– RSSI (received signal strength indication) and transmit power level detection
– Performance evaluation of step attenuator
– Amplifier gain and network attenuation measurement
– Measurement of forward power and reflected power in directional coupler
– For GMSK modulation GSM signal power measurement

Two routes for SDR

There’s two routes you can go. If you want to do SDR don’t waste it with just power / signal detection. There’s so much more you can do. Like look for preambles. If you’re going to do the second route find a good FPGA and run a simple scan logic, it’s just got limited utility. The unit above pictured does all the FPGA work for you. It’s the best thing going. They’re also using it in the conflict overseas. For $80 you cannot beat it. You can jam signals by throwing noise at it – with it. Try it doing a car alarm system. Basically you throw noise at the system.

Also keep in mind you can have your payload run Dragon OS. You can check the DEFCON29 youtube video on RF Village. That’s something we focus on. But that running on an image on a Jetson Orin is the way. You just have to keep it cool, keep it powered, backed up, and secured. And definitely connected to your c2. Again do not skimp on your payload resources.

If it was me I’d buy the thing above, and see what feedback it gives you over UART starting with the basic while I ramped up blade RF and some flow for detection, feature extraction, and potential mitigation. At the end of the day you’re attacking and you’re going to have time to radio slice. Meaning it’s a possibility that you miss potential detections and mitigation windows.

The SDR Gold Mine Company

So JUNGLE mentioned… “you need unique timing and baller SDR gear with GPS reference for precision clocking”. I said “cool and….” BOOM! He mentions “AARONIA” a company that specializes in just that. They offer some amazing tools and give you a 360 degree view of the spectrum in real time with a new patent pending CHOPPER hardware.

ANTENNAS . BATTERIES . CONNECTIONS . DATA

Related posts