The Quality Council of India (QCI) has recently released an NPNT Test Tool. The purpose of this tool is to simulate the process of permission artifact generation. QCI had earlier outlined the process for NPNT compliant testing of drones. With this tool, anyone can understand how NPNT compliance works and test it in the real world. Although this tool is a work in progress, it offers a detailed look into the steps involved. Let us understand how to use the tool and how it works.
Before we break down the test tool, let us first become familiar with the technology it works upon, public key cryptography.
Public Key Cryptography
Public key cryptography is a method for encrypting data and verifying digital signatures. The way this works is by using a key pair – a private key and a public key. Therefore, this method of cryptography is also known as asymmetric encryption because the two keys being used are different. The public key is used to encrypt data while the private key is used to decrypt data.
Public & Private Key
A public key, as the name suggests, can be freely shared with anyone to encrypt their data and verify digital signatures. A private key, on the other hand, is kept secret and is used to decrypt data and create digital signatures.
There are two main applications of the public and private key:
- Encryption: This is the most common use of this method. Content is encrypted using the public key and can be consequently decrypted with the same individual’s private key.
- Digital Signatures: Digital signature verification is used to verify the integrity of the sender and the data. This is the basis for drone log verification on Digital Sky. An individual signs the data with their private key and is then verified by their public key.
NPNT Test Tool
To begin with, create an account on QCI’s NPNT Tool Signup page. Once signed up, log in to your account. QCI has released user documentation to help you get started. The dashboard is quite straightforward with the central panel to generate test cases and upload files.
Generating a Test Case
Click on the generate test case button at the top right to begin the process. A window will pop up with the prompt to enter the details of the drone and the flight. Firstly, enter the drone’s UUID. A is generated by the manufacturer during registration. However, since this is a test, you can generate any random ID stored in your drone and use it to generate a test case.
Enter the make and model of your drone. Then, you will be required to either enter the coordinates of your flight area or the .kml file of the flight area. Coordinates can be entered via Google Maps. Here, you will have to enter the four coordinates (2 latitudes, 2 longitudes) that act as a boundary to your flight area. After entering the coordinates, upload the drone key (.pem file).
What is a drone key (.pem)?
A drone key is the drone’s public key. As discussed above, the drone key helps to encrypt the data which the Digital Sky can later decrypt and verify.
After this step, you will be directed to download a .zip file containing all the test cases. The folder upon extraction will contain five different test cases. The purpose of these test cases is to verify which among the 5 test cases is the valid permission artifact. To find the correct one follow the steps given below:
Conduct Drone ARM Tests
- Load every test case one by one onto your drone and see if it arms.
- If the drone does not arm, download the log file generated by the drone and check for the anomaly.
- Record the anomaly along with the test case on the flight log window. For example, Drone did not arm due to ‘Bad Geo Limit’.
- As soon as the drone ARMS itself, record the flight log as valid permission and select the same on the flight log window.
Conduct Breach Tests
The next step to be taken is to ensure that the drone is compliant with the valid flight permission artifact. To do this, ARM the drone and perform flight breach tests:
- Fly in the location marked earlier in the valid time period and return to the home position. Extract this flight log. Perform this action twice. Upload the first file in position 6, second file in position 7 of the flight log window.
- Start flying from the location marked earlier, go outside the geofence boundary and return to home. Extract this log. Upload this file in position 9
- Start flying 5-10 minutes before the 3 hours are about to end, fly till the time limit is breached, return to home. Extract this log. Upload this file in position 8
The way this works is that the drone signs each flight log with its private drone key. This log is sent to Digital Sky, which then verifies the digital signature and the flight log with the drone’s public key.
Once all the flight logs have been submitted, a sample test report is generated in the dashboard. The report indicates whether the drone passed the NPNT test or not. If the ARM tests are conducted on an actual NPNT-compliant drone with real-world parameters, the drone would pass. However, since this is a simulated demo test, the report indicates a Failed value. You can download this report.