Drones on Operations: Splunking the Data
Summary
Drones are a common component of modern warfare. When operating they produce a tonne of machine data which can be ingested into Splunk and used to improve the operational capability of the platform as well as enhancing the commander’s decision-making process. This can be used to identify early problems with the serviceability of the aircraft to prevent early surprises; track and monitor maintenance issues; as well as improve its ability to react to what it is observing and therefore restrict an adversary’s ability to impact on its operation.
Drones - What are they?
Some estimates claim there are approximately 6000+ non-military drones in operation at any one time in Ukraine alone. In recent times only a handful of nations controlled access to and the deployment of drones, but technological advances and an expansion of the commercial drone market has seen a significant rise in their use.
The average military drone requires complex, technologically advanced teams, as well as secure compounds and benign airspace in which to operate.
Non-military or commercial drones not only avoid the expense and procurement problems, but come with a host of advantages. Ease of operation, reliability, modular (munitions, optics, and communications etc.) and are in plentiful supply and therefore expendable. It is easy to see why their use is becoming more commonplace on the battlefield. Additionally, they are routinely used in other ways’ notably: route reconnaissance and area patrols; Battle Damage Assessment and Aid Combat Search and Rescue operations.
What Kind of Machine Data can a Drone Produce?
Below are just the basics of what data a small commercial drone is producing continually for every flight. This does not cover the host of environmental sensors, cameras and other devices that can be retro-fitted:
• Time stamps
• Camera – settings and functions
• Remote Control (RC) data
• On Screen Display (OSD) settings
• Battery – temperature, charge, warnings etc.
• System Details – serial numbers, system status etc.
• Home Mode – distances reached, course locks etc.
• Gimbal – yaw, pitch, roll etc.
As technology advances and drones become more capable, they will generate more data. When this happens it will require fast and powerful insights in order to enhance the commander's ability to make decisions.
How can these Metrics be Leveraged on Operations?
The Splunk platform can ingest raw machine data regardless of source. Below we have extracted the basic flight log data from a Mavic3 post flight. The metrics visible are being analysed per event from the moment the drone is turned on, to powered off and packed away.
Data from any drone or smart device is fed live to the central command centre. From there the command centre feeds the information to Splunk to normalise and further contextualise it to make it easily digestible for the user. This is then fed into custom dashboards showing exactly what the team needs to see when they need to see it. Additionally, it can reduce the requirement for asset SITREPs from ground troops, as the information is already in the hands of the Splunk users to build reports and plans.
Asset Inventory Management | Log the total numbers of assets, type, category, location and use. Helping to enable efficient delivery of systems. |
---|---|
Asset Operational Health
| Drone can be damaged in service and therefore require regular checks. Internal sensors of drones can provide detailed understanding of the condition of the asset.
|
Asset Operational Effectiveness
| Correlate a drone’s mission data acquired to decide what is the best tool for the job e.g. quieter fix wing drones may be on average more successful during night time reconnaissance than the louder rotary models.
|
Maintenance Windows
| Plan the maintenance of assets on scale by correlating the Operational Health data of all drone together.
|
Compliance with safety of Service Asset
| Meet any and all compliance regulations with robust documentation of inservice record.
|
Small, low flying drones are significantly more susceptible to the environmental impacts of even slight changes in weather conditions. Monitoring these seasonal changes and how they affect the systems in use could help make or break a successful mission.
Depending on the operational requirements monitoring can be Real Time and fed into a SOC or HQ, or the data files can be collected from the drone and uploaded later for assessment and report building.
Scalability
Fast and reliable, Splunk is an infinitely scalable solution that can also be used to monitor a fleet of equipment, including swarms of drones that can interact and work together, or to support other assets in the air/ground. This allows you to gain confidence in the reduction of risk, tracking activity, improved efficiency, minimising the risk of failure while in use, and proactive service monitoring.
By leveraging the GeoLocation provided in the drone log files, we can plot one or many drones to mapping. By monitoring the location of the drones we can build a pattern of life, conduct missions safely by strictly controlling the airspace of each drone and help ensure mission success.
Asset Protection through Active Monitoring
GPS ‘Spoofing’ or ‘Drone Jacking’ is just one of the non-kinetic methods to attempt to interfere with a drone’s operating ability. Splunk can utilise the GPS data of the drone to detect abnormal flight path or behaviour. If something tries to alter the flight path, Splunk can run a script overriding all outward signals and return to a preapproved ‘safe’ place.
Looking Forward…
Everything outlined in this short article can be applied to all smart devices across the spectrum of military operations. Commanders have vast quantities of data at their disposal. Making sense of those data insights in real time can help predict and prescribe actions whilst concurrently mitigating risk and thus enhancing operational effectiveness of the platform.
If you have any questions about how you could use Splunk to help your organisation, get in touch. Somerford Associates are a partner for Splunk and the MOD.