Governance, Risk & Compliance Security Bloggers Network

Home » Cybersecurity » Governance, Risk & Compliance » Securing the Skies: Software Supply Chain Readiness for Unmanned Aircraft Systems

Securing the Skies: Software Supply Chain Readiness for Unmanned Aircraft Systems

by Tom Tapley on October 1, 2025

Today’s Unmanned Aircraft Systems (UAS) and defense mission platforms are software-intensive systems operating across highly complex ecosystems. As these systems grow more sophisticated, so do the threats they face.

And like much of the software that powers the modern world, they are not always maintained as rigorously as they should be. This is particularly the case with commercial systems being adapted for defense use. Like other industries, UAS software supply chains struggle with outdated dependencies, legacy components, and insufficient vulnerability remediation. However, the stakes are high, with national security and lives potentially at risk.

The drive for speed compounds the problem. Getting the right tools into the field quickly is a priority in national defense, which means sourcing from the commercial sector. Yet many of these manufacturers lack the experience of building to military airworthiness or cybersecurity standards. A compromised software supply chain threatens mission success, national security, and puts lives at risk.

The Unique Risks in Federal Aerospace and Defense Software

The role of UAS has expanded dramatically — from intelligence, surveillance, and reconnaissance to long-range missions that include both autonomous and kinetic operations. Unlike conventional enterprise software, defense aviation platforms face a distinct risk profile.

Embedded Software Complexity and Technical Debt

Many unmanned systems are built from layers of dependencies that mirror the complexity of vehicles, helicopters, or fixed-wing aircraft. Software modules for flight, communication, and sensors each carry their own subcomponents, some maintained, others far from the most recent versions. In practice, this means fleets can operate with a patchwork of software ranging from up-to-date frameworks to components potentially untouched for years.

Beyond Visual Line of Sight (BVLOS) Operations

Beyond Visual Line of Sight (BVLOS) operations represent a distinct challenge for unmanned systems. Unlike recreational drones flown within visual range, BVLOS missions may extend hundreds of (Read more...)

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Tom Tapley. Read the original post at: https://www.sonatype.com/blog/securing-the-skies-software-supply-chain-readiness-for-unmanned-aircraft-systems

October 1, 2025February 25, 2026 Tom Tapley Compliance, executive order, Federal, government, SBOM, software supply chain

Securing the Skies: Software Supply Chain Readiness for Unmanned Aircraft Systems

The Unique Risks in Federal Aerospace and Defense Software

Embedded Software Complexity and Technical Debt

Beyond Visual Line of Sight (BVLOS) Operations

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Randall Munroe’s XKCD ‘Husband and Wife’