WO2022093397A2 - Networked air defense infrastructure with integrated threat assessment - Google Patents

Networked air defense infrastructure with integrated threat assessment Download PDF

Info

Publication number
WO2022093397A2
WO2022093397A2 PCT/US2021/048719 US2021048719W WO2022093397A2 WO 2022093397 A2 WO2022093397 A2 WO 2022093397A2 US 2021048719 W US2021048719 W US 2021048719W WO 2022093397 A2 WO2022093397 A2 WO 2022093397A2
Authority
WO
WIPO (PCT)
Prior art keywords
threat
sensor data
assessment engine
threat assessment
sensor
Prior art date
Application number
PCT/US2021/048719
Other languages
French (fr)
Other versions
WO2022093397A3 (en
Inventor
Daniel Hyman
Jeffrey Norris
Byron Del Castillo
Michael Dekoker
Original Assignee
Ixi Technology Holdings, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ixi Technology Holdings, Inc. filed Critical Ixi Technology Holdings, Inc.
Publication of WO2022093397A2 publication Critical patent/WO2022093397A2/en
Publication of WO2022093397A3 publication Critical patent/WO2022093397A3/en

Links

Classifications

    • FMECHANICAL ENGINEERING; LIGHTING; HEATING; WEAPONS; BLASTING
    • F41WEAPONS
    • F41HARMOUR; ARMOURED TURRETS; ARMOURED OR ARMED VEHICLES; MEANS OF ATTACK OR DEFENCE, e.g. CAMOUFLAGE, IN GENERAL
    • F41H11/00Defence installations; Defence devices
    • F41H11/02Anti-aircraft or anti-guided missile or anti-torpedo defence installations or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Definitions

  • the disclosure relates in general to infrastructure security, and more particularly, to secure systems and methods of assessing and engaging unmanned airborne threats (e.g., drones) across a network.
  • unmanned airborne threats e.g., drones
  • Such systems and methods are not limited to countering drones, however, although such systems and methods are particularly useful for detecting and preventing unwanted drone activity.
  • Typical unmanned air system (UAS) defense systems are deployed to protect a single site (e.g., a security force station or prison), or a site region with a fixed perimeter (e.g., a forward operating base or airport). These applications are convenient and affordable to protect, as a small area of a few city blocks or square km is defensible with a single sensor suite and single effector or cabled/fiber-connected cluster of short-ranged assets.
  • Such systems typically physically co-locate sensing assets with one or more effector assets providing either an omnidirectional radio-frequency (RF) or directional turret-aimed engagement (RF, directed energy, and/or kinetic) response.
  • RF radio-frequency
  • RF directional turret-aimed engagement
  • Additional distributed sensing assets such as remote acoustic and low-cost cameras or electro-optical/infrared (EO/IR) have been deployed and networked to a command asset proximate to a primary effector.
  • EO/IR electro-optical/infrared
  • sensor fusion techniques have been used to merge acoustic with optical and/or active radar sensor data to dramatically reduce the detection rate of false positives.
  • distributed sensing and sensor fusion approaches provide dramatically improved target location and tracking, including the location and tracking of potential threats to operational assets such as UAS pilots at ground control stations. Distributed sensing further improves response coordination and effector impact assessment (i.e., “kill verification”).
  • Distributed sensing assets have intrinsic redundancy, so that removal, destruction, down-time, or underperformance of individual nodes will not result in precipitously reduced surveillance capabilities. This will generally be true provided the network(s) employed for sensor data and notification promulgation are sufficiently robust as to not be dependent on that specific down node’s presence.
  • Typical UAS defense systems including military systems, use local (short range) connection methods, typically wired but sometimes wireless, to interface between its sensing assets, effector asset(s), and its command asset. What is lacking, however, is the ability to coordinate sensor data (and/or fused sensor data) across long distances such as hundreds of km (e.g., with “long” defined as longer than the range of a single effector) across fundamentally insecure networks.
  • the disclosure is directed to a system comprised of a system comprising a first plurality of sensor nodes, a second plurality of sensor nodes, a fusion node, and a threat assessment engine.
  • the first plurality of sensor nodes provide first sensor data.
  • the second plurality of sensor nodes provide second sensor data.
  • the fusion node in communication with the first plurality of sensor nodes, merges the first sensor data into a combined sensor data set and to provide the combined sensor data set.
  • the threat assessment engine in communication with the fusion node and the second plurality of sensor nodes, receives the second sensor data and the combined sensor data set, determines, based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set, and notifies the subject of the potential intersect of the threat with the subject.
  • the first and second sensor data includes at least one of electro-optical/infrared camera data, RF sensor data, and acoustic data.
  • the fusion node is a first fusion node and the combined sensor data set is a first combined sensor data set.
  • the system further comprises a third plurality of sensor nodes to provide third sensor data and a second fusion node, in communication with the third plurality of sensor nodes, to merge the third sensor data into a second combined sensor data set and provide the second combined sensor data set.
  • the threat assessment engine further to receive the second combined sensor data set and make the threat assessment based on at least one of the second sensor data, the first combined sensor data set, and the second combined sensor data set.
  • the threat is a drone and the subject is at least one of a truck, a train, a ship, and a harbor facility.
  • the system further comprises a time & control factors resource.
  • the threat assessment engine receives command and security control factors from the time & control factors resource, the security control factors from the time & control factors including at least one of digital signature keys to validate a legitimacy of the first and second sensor data, an allowable communications waveform, and a data packet size of the second sensor data and the combined sensor data set.
  • the system further comprises a cellular network, the first plurality of sensor nodes providing the first sensor data via the cellular network and the fusion node providing the combined sensor data set via the cellular network.
  • the system further comprises a database to provide the threat assessment engine with a library of different threat profiles of data representing previously encountered threats in at least one of training and in the field.
  • the threat assessment engine is a first threat assessment engine.
  • the system further comprises a third plurality of sensor nodes to provide third sensor data, and a second threat assessment engine, in communication with the third plurality of sensor nodes and a third threat assessment engine, to receive the third sensor data, determine, based on the received third sensor data, another time and another location of another potential intersect of another threat with another subject based on the third sensor data, and notify the another subject of the potential intersect of the another threat with the another subject, the third threat assessment engine receiving the determined another potential interest of another threat with another subject from the second threat assessment engine.
  • the threat assessment engine further notifies an engagement asset of the potential intersect of the threat with the subject.
  • the engagement asset is a jammer.
  • system further comprising a fusion node controller associated with the fusion node, the fusion node controller to relay control commands for the fusion node to begin searching for the threat.
  • the threat assessment engine provides notification that the system has been compromised.
  • system further comprises a first plurality of sensor controllers, associated with the second plurality of sensor nodes, to receive notification from the threat assessment engine to track the threat.
  • the disclosure is also directed to a method comprising providing, by a first plurality of sensor nodes, first sensor data, and providing, by a second plurality of sensor nodes, second sensor data.
  • the method further comprises merging, by a fusion node in communication with the first plurality of sensor nodes, the first sensor data into a combined sensor data set, and providing, by the fusion node, the combined sensor data set.
  • the method even further comprises receiving, by a threat assessment engine in communication with the fusion node and the second plurality of sensor nodes, the second sensor data and the combined sensor data set, determining, by the threat assessment engine and based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set, and notifying, by the threat assessment engine, the subject of the potential intersect of the threat with the subject.
  • the first and second sensor data includes at least one of electro-optical/infrared camera data, RF sensor data, and acoustic data.
  • the fusion node is a first fusion node and the combined sensor data set is a first combined sensor data set.
  • the method further comprises providing, by a third plurality of sensor nodes, third sensor data, and merging, by a second fusion node in communication with the third plurality of sensor nodes, the third sensor data into a second combined sensor data set and provide the second combined sensor data set.
  • the method even further comprises receiving, by the threat assessment engine, the second combined sensor data set, and making, by the threat assessment engine, the threat assessment based on at least one of the second sensor data, the first combined sensor data set, and the second combined sensor data set.
  • the threat is a drone and the subject is at least one of a truck, a train, a ship, and a harbor facility.
  • the method further comprises receiving, by the threat assessment engine, command and security control factors from a time & control factors resource, the security control factors from the time & control factors including at least one of digital signature keys to validate a legitimacy of the first and second sensor data, an allowable communications waveform, and a data packet size of the second sensor data and the combined sensor data set.
  • the first plurality of sensor nodes provide the first sensor data via a cellular network and the fusion node provides the combined sensor data set via the cellular network.
  • the method further comprises providing, by a database, the threat assessment engine with a library of different threat profiles of data representing previously encountered threats in at least one of training and in the field.
  • the threat assessment engine is a first threat assessment engine.
  • the method further comprises providing, by a third plurality of sensor nodes, third sensor data, and receiving, by a second threat assessment engine in communication with the third plurality of sensor nodes and a third threat assessment engine, the third sensor data.
  • the method even further comprises determining, by the second threat assessment engine, based on the received third sensor data, another time and another location of another potential intersect of another threat with another subject based on the third sensor data, and notifying, by the second threat assessment engine, the another subject of the potential intersect of the another threat with the another subject, and receiving, by the third threat assessment engine, the determined another potential interest of another threat with another subject from the second threat assessment engine.
  • the method further comprises notifying, by the threat assessment engine, an engagement asset of the potential intersect of the threat with the subject.
  • the engagement asset is a jammer.
  • the method further comprises relaying, by a fusion node controller associated with the fusion node, relay control commands for the fusion node to begin searching for the threat.
  • the method further comprises providing, by the threat assessment engine, notification that the system has been compromised.
  • the method further comprises receiving, by a first plurality of sensor controllers associated with the second plurality of sensor nodes, notification from the threat assessment engine to track the threat.
  • FIG. 1 illustrates a block diagram for an example networked air defense system with secure integrated and centralized threat assessment capability, in accordance with at least one configuration disclosed herein;
  • FIG. 2 illustrates a block diagram for another example networked air defense system with secure integrated and distributed threat assessment capability, in accordance with at least one configuration disclosed herein;
  • FIG. 3 illustrates an example flow diagram for receiving and validating of sensor data and subsequent threat assessment activities of an example networked air defense system with secure integrated threat assessment capability, in accordance with at least one configuration disclosed herein.
  • FIG. 4 illustrates an example flow diagram for retrieval of threat information, threat recording, and agent notifying activities of an example networked air defense system with secure integrated threat assessment capability, in accordance with at least one configuration disclosed herein.
  • FIG. 5 illustrates an operating example of an example communications data link of a networked air defense system with secure integrated threat assessment capability during a threat detection, assessment, notification, and engagement scenario, in accordance with at least one configuration disclosed herein.
  • FIG. 6 illustrates an example of a communications mesh network of a networked air defense system with secure integrated and distributed threat assessment capability during a threat detection, assessment, notification, and distributed engagement scenario, in accordance with at least one configuration disclosed herein.
  • FIG. 7 illustrates an example of restricted antenna coverage in elevation for an RF effector used in a networked air defense system with secure integrated and distributed threat assessment capability, in accordance with at least one configuration disclosed herein.
  • FIGS. 8A and 8B illustrate examples of restricted antenna coverage in azimuth for an RF effector and RF sensing asset, respectively, as used in a networked air defense system with secure integrated and distributed threat assessment capability, in accordance with at least one configuration disclosed herein.
  • FIG. 9 illustrates an example of a resource-efficient deployment of a networked air defense system with secure integrated and distributed threat assessment capability for a large harbor complex, in accordance with at least one configuration disclosed herein.
  • FIG. 10 illustrates an example of a resource-efficient deployment of a networked air defense system with secure integrated and distributed threat assessment capability for a large multi-level bridge, in accordance with at least one configuration disclosed herein.
  • FIG. 11 illustrates a schematic representation of an example general-purpose computing device, in accordance with at least one configuration disclosed herein.
  • This disclosure is directed to a system(s) that receive(s) sensor data, assesses this data to determine if there is a threat to one or more protected subjects, and notify(ies) a command asset as to a nature and risk profile of the threat.
  • the system(s) optionally notify(ies) one or more engagement assets, one or more subjects, and/or one or more sensing assets.
  • the system(s) is comprised of a coordinated threat assessment engine having secure sensor inputs and secure notification outputs across an open and otherwise less-secure network.
  • the threat assessment engine receives input from one or more databases containing threat profiles, wherein each threat profile is defined by its characteristics encountered with respect to one or more sensing assets.
  • the threat assessment engine further receives one or more additional inputs associated with the timing of a detection event and potential threat as well as its history, and may further receive inputs from control factors containing security codes, white-list data (e.g., allowable intrusions that otherwise appear substantially similar to one or more threat profiles), command overrides, known errors/failures, known false targets, and/or other factors.
  • the system(s) access(es) data from one or more sensing assets comprised of one or more sensor nodes and/or one or more sensor fusion nodes.
  • One or more sensing assets is connected to the threat assessment engine through a networked communication system, one or more of which may be an open communication system defined as a communication system having readily retrievable user metadata, limited data security, and/or limited availability or use of encryption resources such as a consumer insecure cellular network.
  • a sensing asset gathers data containing an event which has the potential to represent a threat, it notifies the threat assessment engine through one or more networked communication systems.
  • a digital signature is submitted by the sensing asset and, as part of notification receipt, the threat assessment engine (or its associated communication subsystem) verifies the legitimacy of the signature against a database containing valid keys.
  • additional control factors may include the timing and/or time-based historical data of the incoming notification, and/or the nature of the data itself which may have an incorrect data content size, encoding, header, or other aspects contained within the data and/or in the metadata characteristics of the notification.
  • these additional control factors include the synchronization of timing resources between sensing assets and threat assessment assets.
  • a closed networked communication system is made available for the sensing element to provide notifications to the threat assessment engine in addition to an open networked communication system.
  • the multiple networked communication systems operate in a meshed fashion, wherein the multiple communication options provide redundancy in case of network outage, poor conditions for data transfer, timing, or security failures.
  • Threat profiles contain data associated with typically encountered conditions and may optionally contain data associated with uncommonly encountered conditions but still associated with the same or similar threat.
  • a threat’s profile data will contain information appropriate for the types of sensors and fusion nodes deployed as sensing assets. Such data may contain such information as the threat’s product type, sound, size, shape, visible color and texture, markings, optical emissions (e.g., marking lights), thermal emissions, intentional and/or unintentional RF emissions, operating bands, speed, aeronautical characteristics, and/or other potentially identifiable characteristics including metadata thereof.
  • the threat assessment engine has access to receive information from one or more of its databases and, in some configurations, update one or more of its databases. This capability permits a threat assessment engine to create or modify a threat profile with new information regarding that threat, or to classify a new threat previously not recognized and catalogued in one or more available databases.
  • the system notifies its command and engagement assets when a relevant threat has been detected, located, and assessed with respect to its location and bearing relative to the location (and bearing, if motive) of one of more subjects.
  • notification may include details as to the nature of the threat and data that may assist in improved local sensing and/or engagement of the threat.
  • such details include the threat’s product type, sound, size, shape, color, thermal emissions, and other identifying characteristics, the threat’s location and bearing, and/or RF waveform characteristics of the threat’s command and control and/or data channels.
  • the system(s) can optionally notify one or more subjects and/or one or more of its sensing assets.
  • notifications include details as to the nature of the threat and data that may assist in improved local sensing and/or mitigation of the threat’s potential to engage the subject.
  • details include the threat’s product type, sound, size, shape, color, thermal emissions, and other identifying characteristics, the threat’s location and bearing, and/or recommendations for reducing subject speed, evasive maneuvers, and/or readiness for impact, explosion, derailment, emission, or other potentially calamitous interaction and/or danger posed by the threat.
  • the system(s) is/are further comprised of one or more additional geographically dissimilar threat assessment engines that are networked together as a distributed threat assessment capability.
  • each threat assessment engine maintains its own local access to one or more databases, to time and/or historical event data, and to other control factors.
  • Each threat assessment engine may have its own databases, time/history event data, and control factors that are different from those of other threat assessment engines in the system.
  • threat assessment engines would have databases that would be updated by a command database.
  • the threat assessment engine considers the location, bearing, and/or bearing history of a likely threat to predict the likelihood of the threat interacting with a subject. In certain of these configurations, the threat assessment engine further considers the location, bearing, bearing history, and/or projected bearing future of one of more subjects to predict the likelihood of threat interaction.
  • an air defense system 10 is disclosed illustrated as including infrastructure, that is a plurality of components and subsystems represented as blocks in a block diagram, as shown.
  • the air defense system 10 depends on input from a plurality of sensing assets illustrated as a series of sensor nodes, some being combined with sensor fusion assets, and some feeding directly into a communications network.
  • a first sensor node Al 1 a second sensor node A2 2, and a third sensor node A3 3 provide first sensor data to a first fusion node Al 11.
  • the first sensor node Al 1 provides electro-optical/infrared camera data
  • the second sensor node A2 2 provides RF sensor data
  • the third sensor node A3 3 provides acoustic data.
  • the first fusion node Al 11 merges the data sets together to provide a combined sensor data set that may or may not contain events associated with potential threats.
  • This combined data set is transmitted through a sensor input communications network A 20 (e.g., cellular network, satellite network, Wide Area Network (WAN), fiber optic network, or any other type of network that allows for data communications over long distances) to the threat assessment engine A 24 where it is received.
  • the sensor input communications network A 20 can be either an insecure consumer cellular network such as that provided by various national carriers (e.g., Verizon, T-Mobile, AT&T) or a secure cellular network.
  • Additional sensing assets can send data directly through the communications network A 20 to the threat assessment engine A 24 without being first fused with other sensor data, such as sensor nodes A4 4 - A6 6 that provide second sensor data.
  • sensor nodes A4 4 - A6 6 that provide second sensor data.
  • a fourth sensor node A4 4 provides night vision camera data for a central region near an asset, such as a bridge, protected by the air defense system 10.
  • a fifth sensor node A5 5 provides RF sensor data to the same region.
  • a sixth sensor node A6 6 provides long-range radar data through the sensor input communications network A 20 to the threat assessment engine A 24 directly as well.
  • the sensor input communications network A 20 provides the air defense system 10 with a capability to collect and detect threats over long- distances, such as those for linear infrastructure, that is not possible with typical threat assessment systems.
  • a third set of sensors are part of the air defense system 10 and connected to the second fusion node A2 12, sensor nodes A7 7 - A9 9 that provide third sensor data.
  • a seventh sensor node A7 7 provides electro-optical/infrared camera data
  • an eighth sensor node A8 8 provides RF sensor data
  • a ninth sensor node A9 9 provides acoustic data.
  • the second fusion node A2 12 merges the data sets together to provide a combined sensor data set transmitted through the sensor input communications network A 20 to the threat assessment engine A 24 where it is received.
  • the first fusion node Al 11 and the second fusion node A2 12 can be located long-distances apart, such that they fuse sensor data from disparate parts of a single infrastructure, such as the long-distance linear infrastructure discussed above, respectively.
  • the sensor input communications network A 20 is a Long Term Evolution (LTE) Fourth-Generation (4G) cellular network that is neither owned nor operated by a user of the air defense system 10, and is incorporated in the discussion and definition of the air defense system 10 by reference in capability though not ownership or control.
  • LTE Long Term Evolution
  • 4G Fourth-Generation
  • the user of the air defense system 10 is a paying customer of the operator of the 4G network, which is considered an “open network” in the presently disclosed subject matter in accordance with terms defined above.
  • the threat assessment engine A 24 is centralized as an important node in the air defense system 10. This block is responsible for receiving data, making assessments, updating databases, and sending status notifications to other blocks for action or inaction as appropriate. There is no additional resource making threat assessment calculations, meaning this engine regardless of input and output networks may be a single point of failure. As the input and output networks are commercial cellular networks, this presents a vulnerability to cyberattack, and implementing operational security in network access layers is an important implementation.
  • the threat assessment engine A 24 receives the sensor data and verifies each input is legitimate using a process described in the flowchart of FIG. 3 described in detail below.
  • the threat assessment engine A 24 also receives input from additional blocks representing databases, timing resources, historical archives, and control factors.
  • a set of databases A 25 provide the threat assessment engine A 24 with libraries of different threat profiles of data representing previously encountered threats in training, in the field, and as modified by a set of command databases A 44.
  • the threat profile database is not editable by the threat assessment engine A 24 and could only be updated by a set of command databases A 44. In such configurations, access to the command databases A 44 would be highly restricted and information flow may be unidirectional.
  • a second database contained in the set of databases A 25 is a list of historical events wherein events exceeding a significance threshold have been stored. Any data similar in quantitative and/or qualitative nature to the presently assessed sensing event will be retrieved from historical archives. Previous assessment outcomes (and the results of associated engagement activities, if any) based on prior similar events may therefore assist in the generation of an appropriate assessment and generally or comparatively desirable outcome.
  • the threat assessment engine A 24 also receives input from a time & control factors resource A 26. This input includes a timing resource that tracks the time any event is received by a sensing asset.
  • This input also includes an electronic memory of recent events, so that the threat assessment engine A 24 can determine if a given sensing event may be coupled to other recent sensing events without resorting to historical data.
  • Such recent events may be milliseconds, seconds, or minutes old, and too recent to have been uploaded to archives that are part of the set of databases A 25. Having recent history available for assessing events is a valuable input for correlating data through sensor fusion techniques and can significantly improve both detection rate and reduction of false positives.
  • the air defense system 10 comprises timing resources that are synchronized with external timing references. These external timing references are provided by the Global Positioning System (GPS) and other Global Navigational Satellite System (GNSS). In some configurations using GNSS services or other atomic-clock external references, timing resources may be synchronized to within one microsecond to permit improved signal processing and sensor fusion between sensing assets.
  • GPS Global Positioning System
  • GNSS Global Navigational Satellite System
  • the air defense system 10 further synchronizes the communications methods through one or more channels of the network so that data is transmitted and/or received in a synchronous manner between multiple assets.
  • FIG. 2 One such configuration is illustrated in FIG. 2 detailed below.
  • the threat assessment engine A 24 also receives command and security control factors through the time & control factors resource A 26.
  • control factors include digital signature keys as well as additional control factors to validate the legitimacy of the incoming sensor notification, including the allowable communications waveform and data packet size of the incoming notification, as well as other metadata characteristics as listed in the control factors database.
  • Additional control factors include inputs from command assets to inform the threat assessment engine A 24 to ignore sensor data input from any sensors that are malfunctioning or that have otherwise been compromised, with example data and metadata provided in these databases.
  • These control factors allow the threat assessment engine A 24 to dynamically and automatically reject data that is suspect even if it is cleared by wireless network security protocols and digital signature validation. In such a case when data is rejected, the threat assessment engine A 24 will notify its command A 40 that one or more aspects of the air defense system 10 have been compromised and may warrant attention.
  • the threat assessment engine A 24 performs calculations of the likelihood that a sensed event represents a threat in accordance with the flowcharts of FIGS. 3 and 4 detailed below using the input from the sensors, databases, time, and control factors. If the sensed event is assessed as likely representing a threat having a previously known or unknown profile, a notification is generated and promulgated through a notification output communications network A 30 to various recipients. In the configuration described in the illustration of FIG. 1, the nature of the notification and the specific recipients varies by the nature of the threat and the calculated likelihood that said threat will intersect with one or more subjects under protection by the air defense system 10. It is envisioned that in other configurations, any assessed threat regardless of anticipated danger or probability level would be reported to command along with all subjects, effector assets, and sensing assets capable of receiving notifications.
  • This notification will be saved in a threat database, one of the command databases A 44, used for reference at later times and for building up a history of tracking the activities of the same or similar threats in the same region or different regions.
  • This historical data set can then be used to form an update provided to the threat profile and long-term historical information of threat assessment engine A 24’s local databases A 25.
  • the air defense system 10 will provide a notification to each subject potentially affected, including subjects who may be affected by line stoppage so that they can prepare for additional hold time or have the potential to reroute.
  • the threat assessment engine A 24 is able to notify up to three subjects potentially affected by detected and assessed threats.
  • the first subject Al 41 is determined to be potentially in the direct line of travel with an incoming threat and is provided the notification that a drone is traveling towards her track and may impact her cab, and is also provided notification that the threat engine recommends significant speed reduction to greatly reduce the potential for derailment in case of a crash.
  • the notification does not recommend full stoppage, as the drone is small and cannot carry enough payload in an IED to derail a slow-moving train.
  • subject Al 41 is a train engineer of a high-speed train heading towards a bridge, and she has the authority to apply her brakes to begin reducing speed so she does not need additional input from command A 40 to make this decision in a timely and safe manner.
  • the second subject A242 is a bridge security station located at the bridge close to where the drone is operating.
  • the operator is provided the drone type and vector along with a notification of which sensing assets were responsible for the detection. He has the authority to provide warning to passenger cars and delivery trucks also using the bridge and does not need additional information from command. Because the drone is small, he decides to turn on yellow flashing warning lights to slow traffic but decides to continue monitoring the situation without stopping traffic flow.
  • the third subject A3 43 is another train that is at a station down the tracks twenty minutes in the opposite direction. It was about to leave the station, but the engineer decides to hold for a few minutes at the station to see if there is any further activity from the drone, knowing he can easily make up the time in transit due to the otherwise good weather and smooth operation of the line that week. Once he leaves the station, his passengers would have a hard time making other arrangements should the bridge be closed due to an attack, so a short delay is warranted in the interest of safety and alternatives.
  • the threat assessment engine A 24 determines that the first fusion node Al 11 is near the area where the detection occurred, and may be able to provide additional threat detection of the drone or the pilot if it searches in a different mode than its typical operation.
  • the threat assessment engine A24 retrieves information from its databases 25 on the ground station profile that is commonly mated to the drone threat detected, and provides this information as a notification to fusion node Al’s controller 31 through the notification output communications network A 30. Fusion node Al’s controller 31 then relays this into control commands for the first fusion node Al 11 to begin searching for the threat as well as for ground stations commonly associated with that threat. If detected, the pilot might then become the target of a totally different internal or external engagement asset, such as the local police department.
  • Fusion node A2 s controller 32 is out of range of the threat profile but is also provided a notification containing the information about the ground station commonly associated with that threat, so it can also begin searching for the pilot.
  • the original fourth sensor node A4 4 that provided the data for the initial detection is not centered on the target and does not have local control to stay locked on.
  • the contrast between light and shadows is severe at this time of day when using the normal camera vision mode, despite being in daylight conditions.
  • the threat assessment engine A 24 sends a notification to sensor node A4’s controller 34 to track the target more effectively using the infrared mode so that the image can appear with higher contrast in the region and altitude where the target is flying.
  • the fifth sensor node A5 is an RF emissions sensor operating close to the region where the drone was detected, although its detections were not consistent and the threat assessment engine A 24 did not characterize the threat fully based on the incomplete and contradictory data sets provided over the recent few seconds by this sensing asset. If the target continues its present vector, however, it should approach close enough for improved RF detection. Sensor node A5’s controller 35 is given a notification to focus sensing capabilities on the frequency bands that this type of drone is most likely to use for command, control, telemetry, and video data channels.
  • the sixth sensor node A6 is a radar sensor close to the region where the drone was detected, but it is not anticipated to be in the flight path based on the recent vectors of flight used to track the target and the predictive calculations made by the threat assessment engine A 24. Furthermore, historical data has shown that drones of this type that fly in the region are often launched from an overlook spot, and only rarely come over the hill separating the region covered by fourth sensor node A4 4 and sixth sensor node A6 6. As a result, sensor node A6’s controller 36 is not provided any notification, command, or control signal because of this unlikely imminent future participation.
  • the threat is determined to still be operating in a lawful manner at an acceptable standoff range from the tracks, so the first engagement asset Al 45 is not yet allowed to engage the threat.
  • the threat assessment engine A 24 sends the first engagement asset Al a notification containing the most likely type of drone it is, as well as the characteristics of its most likely ground station.
  • these predictions can be validated or updated, and the first engagement asset Al 45 will be primed and ready to engage with a waveform (or combination of waveforms) that are likely to be effective.
  • the second engagement asset A2 46 is in no position to aid any actions against the drone, and the ground station has not been located, so the threat assessment engine A 24 does not bother providing it a notification at this time.
  • FIG. 2 Another system 200 according to the presently disclosed subject matter is described in block diagram of FIG. 2.
  • the following discussion provides an example detection and engagement scenario wherein multiple drone threats are detected simultaneously, which is a challenging scenario for centralized systems such as the example centralized air defense system 10 of FIG. 1 to manage due to a need that each threat be assessed serially by a single threat assessment engine.
  • the distributed system 200 of FIG. 2 depends on infrastructure, that is input from a plurality of sensing assets, some being combined with sensor fusion assets, and some feeding directly into a communications network.
  • a first sensor node Bl 101, a second sensor node B2 102, and a third sensor node B3 103 provide sensor data to a first fusion node Bl 111.
  • the first sensor node Bl 101 provides electro-optical/infrared camera data
  • the second sensor node B2 2 provides RF sensor data
  • the third sensor node B3 3 provides radar data.
  • the first fusion node Bl 111 merges the data sets together to provide a combined sensor data set transmitted to the first threat assessment engine Bl 121. This transmission is performed through a closed communications network that is not separately identified.
  • Additional sensing assets send data directly through a sensor input communications network B 120 to the third threat assessment engine B3 124 without being first fused with other sensor data.
  • a fourth sensor node B4 104 and a fifth sensor node B5 105 provide night vision camera data for two different regions protected by the distributed system 110.
  • a sixth sensor node B6 106 provides long-range radar data.
  • a third set of sensors are part of the distributed system 110 and connected to a second fusion node B2 112.
  • a seventh sensor node B7 107 provides electro-optical/infrared camera data
  • an eighth sensor node B8 108 provides RF sensor data
  • a ninth sensor node B9 109 provides acoustic data.
  • the second fusion node B2 112 merges the data sets together to provide a combined sensor data set transmitted to the second threat assessment engine B2 24 where it is received.
  • the sensor input communications network B 120 can be a Fifth-Generation (5G) cellular network that is neither owned nor operated by the user of the distributed system 110, and that is also considered an “open network”, that is an unsecured network that can be accessed by anyone within a vicinity of the sensor input communications network B 120.
  • the sensor input communications network B 20 can likewise be either an insecure consumer cellular network such as that provided by various national carriers (e.g., Verizon, T-Mobile, AT&T) or a secure cellular network.
  • the distributed threat assessment engines Bl 121, B2 127, and B3 124 of the present example substantively diverges at this point from the consolidated threat assessment engine A 24 example of FIG. 1.
  • the data stream from the first fusion node Bl 111 is sent directly to a first threat assessment engine Bl 121.
  • the data stream from the second fusion node B2 112 is sent directly to a second threat assessment engine B2 127.
  • Each of these two distributed threat assessment engines Bl 121 and B2 127 are connected together through a closed network, as shown, and to the third threat assessment engine B3 120 through the sensor input communications network B 120.
  • no threat assessment engines in the distributed system 110 may be connected through an open network as previously defined.
  • all threat assessment engines in the distributed system 110 may be connected through an open network.
  • a combination of open and closed networks with redundant mesh connectivity may be used to connect threat assessment engines.
  • these engines may be connected by open networks at times when closed networks are not available, and by one or more closed networks when they are available.
  • An example would be a threat assessment engine operating from a convoy vehicle that moves between forward operating bases in a conflict zone. It would be attached to its own sensing assets, fusion node, engagement asset, and interact with other sensing assets, fusion nodes, and engagement assets of other convoy vehicles when on the road, and operate with the rest of a base security system when it arrives at its destination.
  • the distributed threat assessment engines Bl 121, B2 127, and B3 124 of FIG. 2 each interact with their own databases and control factors.
  • the first threat assessment engine Bl 121 accesses a first set of databases Bl 122 for libraries of different threat profiles of data representing previously encountered threats in training, in the field, and as modified by a set of command databases B 144.
  • the first threat assessment engine Bl 121 is able to update its own first set of databases Bl 122 but does not update other databases directly.
  • the first set of databases Bl 122 also contains a list of historical events and previous assessment outcomes and engagement activities.
  • the first threat assessment engine Bl 121 also receives input from a first time & control factors resource Bl 123.
  • This input includes a timing resource that tracks the time any event is received by a sensing asset and an electronic memory of recent events to assist in correlating data through sensor fusion techniques and can significantly improve both detection rate and reduction of false positives.
  • the first time & control factors resource Bl 123 of FIG. 2 comprises timing resources that are synchronized with external timing references.
  • the distributed system 110 further synchronizes the communications methods through one or more channels of the sensor input communications network so that data is transmitted and/or received in a synchronous manner between multiple assets, and threat assessment timing is shared between the distributed threat assessment engines Bl 121, B2 127, and B3 124.
  • the first threat assessment engine Bl 121 also receives command and security control factors through the first time & control factors resource Bl 123. As with the configuration of FIG. 1, these control factors include digital signature keys as well as additional control factors to validate the legitimacy of the incoming sensor notification, These control factors allow the first threat assessment engine Bl 121 to dynamically and automatically reject data that is suspect even if it is cleared by wireless network security protocols and digital signature validation and notify its command B 140 of the failure and/or intrusion.
  • the first threat assessment engine Bl 121 performs calculations of the likelihood that a sensed event represents a threat using input from the sensors, databases, time, and control factors. If the sensed event is assessed as likely representing a threat having a previously known or unknown profile, a notification containing information needed to defeat or mitigate the threat in an appropriate fashion is sent to the first engagement asset Bl 147.
  • a single engagement asset is shown connected to the first threat assessment engine Bl 121, but in other configurations it is envisioned that a suite of multiple engagement assets would be present. It is recognized that one or more engagement assets may be unsuitable for addressing a given threat, but that other engagement assets may be fully suitable.
  • the local engagement assets may not be suitable for engaging a particular threat, but that other assets in the distributed system 110 (engagement assets associated with a different threat assessment engine) or external to the distributed system 110 (e.g., nearby tactical bomb squad unit) may be available and/or utilized to counter a given threat.
  • a notification of a detected threat and the nature of this threat will be provided to the second threat assessment engine B2 127, so that it may participate in further threat assessment, new and/or related threat detections, and/or using its own local second engagement asset B2 148 if appropriate.
  • This notification is treated as a full threat identification event, but this information contained in the notification will be merged with additional input from the second fusion node B2 112.
  • the second threat assessment engine B2 127 As with the initial threat identification performed by the first threat assessment engine Bl 121, all of these inputs are analyzed by the second threat assessment engine B2 127 to determine if there are other factors such as the timing of other detections or potentially related threats. This secondary analysis is performed using its own local databases B3 125 and command and security control factors through the second time & control factors resource B2 129.
  • a notification with similar content is generated and promulgated through a sensor input communications network B 120 to the third threat assessment engine B3 124.
  • This notification is a full threat identification event to be merged with additional inputs from the second threat assessment engine B2 127 along with the inputs from the additional sensor nodes as previously described.
  • all of these inputs are analyzed by the third threat assessment engine B3 124 to determine if there are other factors such as the timing of other detections or potentially related threats identified by itself or by the second threat assessment engine B2 127.
  • This secondary analysis is performed using its own local databases B3 125 and command and security control factors through the third time & control factors resource B3 126.
  • Every detected event that is assessed as matching a threat profile by any threat assessment engine, regardless of which threat engine, and regardless of which threat vector and the vectors of any subjects will generate a notification provided to the command B 140.
  • This notification will be saved in a threat database, one of the command databases B 144, to develop its history of tracking threats.
  • this historical data set will be used to form an update provided to the threat profile and long-term historical information of the first databases Bl 122, the second databases B2 128, and the third databases B3 125.
  • threat assessment engine B3 124 will also notify both of the other assessment engines by informing assessment asset Bl controller 131 and assessment asset B2 controller 137.
  • Each of these controllers 131 and 137 in the presently described configuration are comprised of the communications interface radios and modems directly connected to the notification output communications network B 130. These radios and modems are then connected to the artificial intelligence data inputs at the core of each of the distributed threat assessment engines Bl 121, B2 127, and B3 124 so that each notification and, especially, additional threat assessment and/or update performed by the more connected third threat assessment engine B3 124 will be provided to the distributed assets for improved local assessment.
  • the distributed system 110 will additionally provide a notification to each subject potentially affected.
  • the third threat assessment engine B3 124 is able to notify up to three subjects potentially affected by detected and assessed threats, except in this configuration the subjects can be notified by the third threat assessment engine B3 124 regardless of where in the distributed system 110 chain of assessment engines the threat was originally identified and assessed.
  • the first subject Bl 141 e.g., an experienced vessel captain of a cargo ship determined to be potentially in the direct line of travel with an incoming threat, is provided the notification that an industrial grade drone is traveling towards her vessel, and that it is carrying a thirty to fifty pound payload as determined by the audio pitch of its propellers relative to its airspeed in the present wind conditions.
  • the notification does not recommend full stoppage, as there is no time to redirect the vessel within the 75-second estimated timeframe until potential engagement.
  • the notification instead recommends slewing a remote camera towards its bearing to record the event locally, and for the crew, especially bridge crew based on the threat’s bearing, to take cover and prepare for IED or biological attack.
  • first subject Bl 141 is the experienced vessel captain, and he alerts his crew immediately, sets all remote cameras for automated motion detect and tracking, and retreats from the bridge to the armory where most of the crew are already donning flak and breathing protection by the time 60 seconds have passed.
  • the second subject B2 142 is a crane supervisor station located near to where the drone was first detected.
  • the security officer is provided the drone type and coordinates of the initial detection, along with a notification of which sensing assets were responsible for the detection.
  • Her notification also includes the request to alert nearby operators to look for suspicious activity in the loading zones at and around their equipment, as the pilot may physically be present in their immediate area.
  • the third subject B3 143 is the gate access headquarters, who are responsible for manning each security station at the gates to each dock area. They are sent a similar notification as the second subject B2 142. Their notification includes a request to close the gate for the zone where the first detection occurred and detain all personnel attempting to leave the area until the threat passes or is resolved. This is in case the pilot (or a conspirator who may have placed the drone for a pilot located in a different area) is attempting to leave that controlled zone before the suspected attack may strike its target.
  • the local security guards at the access gates of the zone in question is contacted by the third subject B3 143 within seconds, and they immediately close all gates.
  • the third threat assessment engine B3 124 determines that the fourth sensor node B44 is not likely to physically see the threat as it is an optoelectronic sensor suite focused on the port operations side rather than the water side. It is given a command for wide sweeping coverage to locate persons that may match the profile of a pilot or person manipulating equipment. These persons may be involved in the threat or not but locating persons who may be participating in the larger threat are now important to locate and track.
  • the fifth sensor node B5 105 also an optoelectronic sensor suite, is determined to be in position to potentially see the threat, so it is provided a notification with the threat location and bearing with a command to attempt to detect and track the target. This would provide additional tracking information from a different visual direction, and improve the precise location and velocity estimates for improved threat assessment and prediction of its true target and/or capabilities.
  • the sixth sensor node B6 106 is a radar sensor located on the waterfront that should be able to detect the drone shortly as it approaches open water. It is provided a notification to track the drone once it becomes visible and pre-seeds the tracking system with the known size and bearing of the known threat and to cycle between general scans for new threats and focusing in on tracking this one known threat.
  • the third threat assessment engine B3 124 sends the third engagement asset B3 and the fourth engagement asset B4 notifications containing the most likely type of drone it is, as well as the characteristics of its most likely ground station, so both engagement assets will be primed and ready by the time command B 140 makes the tactical decision to engage.
  • additional information comes in from any sensing assets in the future (such as locating the pilot through RF emissions or optical detection)
  • these predictions can be validated or updated, including the location of one or more new targets for effective engagement with a minimum of collateral spectral or physical risk.
  • a flowchart 250 for processes of threat assessment is provided in FIG. 3, which walks through the process from sensor input and communications validation through gathering of additional information from control factors, time history and log files, database, and calculations that a threat is or is not likely present.
  • the flowchart 250 begins with the detection of an event by a sensing asset, which may be the presence of an unknown object in its zone of surveillance, an atypical RF emission, sound above the noise floor, or other type of sensor data represented by the status event detected by sensor 200.
  • the air defense system 10 and distributed system 1 lO providefor the ability for that sensing asset to notify threat assessment engine 201 by a communications network as described previously in FIGS. 1 and 2.
  • the signature of the notification provided by the sensing asset is verified by the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124. It is possible that a sensing asset has been corrupted or compromised such that an event detection should not immediately be treated with consideration without validation from other sensing assets. It is further possible that an external agent has provided the notification posing as a sensing asset to overwhelm, misdirect, or otherwise confound the threat assessment engine. Such possibilities are more likely if the communications network between the sensing asset and the threat assessment engine are open as previously defined.
  • a signature key database 203 is consulted to determine whether or not the incoming notification has a valid key code.
  • the signature key code database 203 is physically proximal to the threat assessment engine inside the same computer hardware housing, so there is little perceived risk of interception of the code verification interrogation process.
  • key codes are statically assigned to each sensing asset in the air defense system 10 and distributed system 110, and the signature codes themselves are encrypted as part of the supplied data content and not viewable or reverse-engineerable without the decryption key.
  • these signature keys may be dynamically assigned between each regular or irregular period of sensor notifications based on time, number of interrogations, previous data sets, or any of a plurality of options for dynamic signature key allocation methods.
  • An additional resource used to perform the verify notification digital signature 202 task can include additional control/factor identification 204 information.
  • This additional control/factor identification 204 information helps validate the legitimacy of the incoming sensor notification by utilizing an additional parameter besides the signature key to match predetermined expectations (e.g., two-factor/multi-factor identification).
  • additional control factors may include the timing and/or time-based historical data of the incoming notification, and/or the nature of the data itself which may have an incorrect data content size, encoding, header, or other aspects contained within the data and/or in the metadata characteristics of the notification.
  • these additional control factors include the synchronization of timing resources between sensing assets and threat assessment assets.
  • these include the dynamically attributed timing of one or more characteristics of an incoming notification synchronized to pre-determined timing needs, such as matching a particular tenth of a second for when a notification began or when non-zero data was sent.
  • these pre-determined timing needs change over time according to a pre-determined pattern or random variable known only one or more notifications in advance.
  • the purpose of the multi -factor verification is to ensure a high probability of a high-integrity answer to the question: is message authenticated? 205. If the answer is “no”, then the notification will be flagged as not complying, leading to a report signature for retry/security review 206 task.
  • the air defense system 10 and distributed system 110 (s) then restarts the flowchart 250 and wait(s) for a new detection by one or more sensing assets.
  • the flowchart proceeds to the gathering of additional event time and history 211 for the task to gather & correlate time data 210.
  • the purpose of this task is to gather all recent and prior historical data regarding the same or similar types of sensor events, which may include data from tens of milliseconds ago to data from years ago. If prior events contribute to a pattern, the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 may be able to extract that pattern to help determine whether a particular event or detection is likely to be a threat.
  • the next step is to continue gathering other information that can assist in the credible assessment of the event.
  • Data not necessarily other suspicious event notifications from sensor assets, but including all relevant data from all sensing assets in the time frame and region of coverage appropriate for assessing a potential threat, is provided from all relevant sensing assets.
  • This data is received as additional sensor input 213 so the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 may fuse sensor data 212 together to improve the quantity and quality of available data regarding the suspicious event.
  • An example final set of data utilized by the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 is the profiles of threats that are the same or similar to the event profile compiled from the fuse sensor data 212 process colored by the additional sensor input 213.
  • the profiles of similar threats from the threat database 215 are then used to compare event to previous threats 214. The comparison is made between one or more profiles from the threat database 215 to create a probability matrix of possibilities.
  • the process of creating this matrix is performed in the calculate event threat profile 216 process whereupon multiple potential threats are represented as probabilities and/or weighting functions used to answer the important question: is this event a likely threat? 217.
  • the answer to this question is a weighted set of yes/no answers to different threat profile matches.
  • the setting of a threshold for answering “yes” vs. “no” for each individual threat profile, as well as a universal “yes” vs. “no” for a consolidated threat of any type is an important aspect of the programming and training of the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124.
  • a weighted non-binary value is assigned to the likelihood of an event being a threat, and then a binary decision is applied as to which path to a new process is taken. It is envisioned that regardless of the path, the non-binary value is retained as part of the event record. Continued events that are correlated to this event may have different threat assessment values assigned. As an example, consider a potentially threatening UAS was once flying away from subjects, and was applied a low nonbinary value which was below the yes/no cutoff and the event/target was deemed not to be a threat.
  • the potentially threatening UAS altered its course and is now racing directly towards a potential subject interaction, which increases its non-binary value and is now above the yes/no cutoff and the event/target is now deemed to be a threat.
  • the event record keeps track of nonbinary values for not only active threat assessment actions as a target is tracked, but also for historical record-keeping and/or additional threat training to assist in proper threat assessment of future (unrelated) event assessments.
  • non-binary value is not recorded as part of the event history.
  • non-binary values are not used for threshold calculations, and a set of binary values (e.g., “yes/no question”) are used to ascertain whether or not an event is classified as a threat.
  • the methods of programming and training an artificial intelligence engine for providing an answer to this specific question of process 216 is an element beyond the scope of the presently disclosed subject matter but that should be addressed in any implementation of the air defense system 10 and distributed system 110 that make(s) such a decision.
  • the decision-making process is dynamic and necessarily involves near-term activity monitoring as well as historical pattern matching, time of day, range of detected event, proximity to infrastructure, known or anticipated presence of high-profile subjects needing protection, and other factors that change throughout the operational conditions of any security system.
  • the threat assessment engine determines that the detected event does not likely represent a threat, then the answer is “no”, leading to the action event not relevant; restart threat sense/response flowchart 218.
  • the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 is/are not convinced that a threat is present, and the air defense system 10 and distributed system 110 should continue monitoring, although the event itself will be recorded along with relevant control factors and potential correlation to historical data, fused sensor data from other sensing assets, or to one or more previous threats for consideration, as discussed above.
  • threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 instead determine(s) that the detected event does likely represent a threat, then the answer is “yes”, leading to the action continue to threat assessment/response 219.
  • the process of assessment of subject risk, communication with command, and potential response and/or deployment of engagement assets is addressed in the discussion of the flowchart of FIG. 4.
  • FIG. 4 provides a flowchart 260 that can begin with the starting event represented by the final statement 219 of the previous flowchart 250 of FIG. 3, designated as threat identified by assessment engine 220.
  • This process leads to a new question regarding the near- term or long-term historical status of this particular event, and whether or not such a threat has previously been detected: Is threat new? 221.
  • the answer is “no, it is not new” as it was previously detected milliseconds, seconds, and minutes ago as the threat continues to be present.
  • the flowchart 260 proceeds to an action to retrieve historical engagement data 222 so that any relevant information about this threat can be correlated to previous information known about this type of threat. For example, if the threat is only loosely categorized, such as a “DJI Phantom-class drone” manufactured by Shenzhen DJI Sciences and Technologies Ltd., then the physical characteristics may be well known, but the RF characteristics become an important unknown that should be addressed. This information is then recorded as a threat of this particular class of threat in the add threat detection event to database 224 action in the flowchart 400.
  • a “DJI Phantom-class drone” manufactured by Shenzhen DJI Sciences and Technologies Ltd.
  • the level of detail and confidence is also tracked in this event database 224. In other configurations, the level of detail and/or confidence level may not be tracked. In some configurations, the calculations of potential threat profile matching will be associated with this level of detail and/or confidence level.
  • the new threat may be an evolving threat or threat that is new yet exhibits the characteristics of a previous threat.
  • a DJI Phantom V2 exhibits RF characteristics that are very different than a DJI Phantom IV Pro, although their physical exteriors are nearly identical.
  • the initial detection was made by an electro-optical suite, it may have classified the threat as a DJI Phantom-class threat without inference to its specific model and RF behavior. While studying the threat, new information arrives from the RF sensing asset that suggests the threat is more likely to be a DJI Phantom V2 than any other type of DJI Phantom-class drone. Therefore, the answer at this point in the flowchart 400 at process 221 is “yes, the threat is new” because it is now more correctly identified.
  • the first notification is to notify command 230 of the presence of the threat and the nature of the threat to the best of an ability of the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 to define it.
  • This notification may contain probability information about the likelihood the threat represents one or more specific types of threats given available inputs.
  • Additional notifications are sent out to any sensing assets in a relevant position and capability to possibly participate in providing new information for the next threat assessment cycle.
  • the management of which sensing assets should be notified and/or adjusted through control or command functions depends on the nature of the threat and whether these resources are most efficiently deployed addressing the presently assessed threat.
  • the decision to notify/adjust sensor node(s) 231 incorporates this decision-making task balancing the risk of reducing unknown or other event data with the reward of receiving additional data that may be used to further characterize, define, or track the presently assessed threat.
  • the threat vector(s) 233 of the location and bearing of the threat presently being assessed are provided as inputs, along with the subject vector(s) 234 of the location and bearing of the subjects under protection. These vectors will then be correlated and predicted based on known historical data and/or planned vector adjustment of subjects.
  • An example of historical vector adjustment is knowing that a high-speed train will be slowing as it comes around a particular bend to an adjusted vector, and knowing that the existing track forces a specific coordinate path regardless of speed. These additional factors help predict the future vector of a specific subject.
  • Another example is historical data that drone flights near a particular bluff adjacent to a port typically experiences flyovers of an oil platform, but these flights rarely get closer than 250 meters to the commercial shipping lane. Previous drone flights typically curve away starting at 400 meters, therefore a prediction can be made that most flights incoming along that curve will be likely to curve away, and therefore the risk of interaction with a commercial vessel will be low. If the drone is continuously monitored and it does not begin to curve away at 400 meters, then the threat profile changes, as does the anticipated future vector of its flight path.
  • the threat is determined to have a vector unlikely to result in subject interaction, that is, a threat to a subject, then the answer is "no", leading the flowchart 260 to end.
  • the event is formally designated as Threat is not imminent; restart threat sense/response flowchart 237 leading to a restart of the flowchart 250.
  • Threat is not imminent; restart threat sense/response flowchart 237 leading to a restart of the flowchart 250.
  • This condition means the threat is present but poses no immediate danger to one or more subjects, and therefore does not warrant an elevated response yet.
  • the threat will continue to be monitored so long as it is still detected by a sensing asset, and if it continues to be classified as a threat, its sensor-provided data along with time stamp and event correlation shall continue to be recorded and monitored.
  • the command notification shall also include recommendations as provided to one or more notified subject(s) with respect to potential risk mitigation plans to either reduce the likelihood of an interaction or to reduce the potential damage to the subject, its infrastructure, and/or the environment, including crew, passengers, security forces, and/or unaffiliated persons and equipment nearby.
  • This risk mitigation plan may include commands and/or recommendations such as slowing a vehicle, taking evasive maneuvers, initiating safety procedures, initiating counter-measures and/or engagement assets aboard the subject vehicle, and/or informing passengers with additional instructions. In other configurations of the presently disclosed subject matter, no activity recommendations would be provided.
  • the air defense system 10 and distributed system 110 will further notify/adjust sensor node(s) 242 of the predicted threat-subject interaction, and modify sensitivity, aim, or other characteristics accordingly to prepare for data gathering that may enhance the prediction of the interaction risk or enhance the calculation of improved potential to mitigate risks posed to one or more subject(s).
  • Such information may include further data collection on flight characteristics or optical assessment of payload to improve threat assessment and therefore improve threat mitigation response.
  • the air defense system 10 and distributed system 110 will further notify local engagement asset(s) 243 to prepare for engagement.
  • the nature of engagement initiation will be dependent on federal, state/provincial, and/or local laws on how and when threats of different types may be engaged, if at all.
  • This notification step is to provide the engagement asset(s) with the qualitative and quantitative data needed by each type of asset to best perform their duties along with restrictions to minimize collateral damage potential of each asset.
  • an RF engagement asset e.g., GNSS jammer
  • this may include restriction of which sectors, aim point, and GNSS frequencies and systems may be used for initial engagement.
  • the initial notification to a GNSS jammer engagement asset may be to use GNSS waveforms that disrupt nearly all consumer GNSS operations but leaves the one important service unaffected.
  • the notification may permit GPS LI, L2, and L5, BeiDou B1I, E5b, and E6, GLONASS Gl, G2, and G3, and Galileo El, E5a, and E5b, but avoiding Galileo E6.
  • a single angular sector is selected for the disruption transmissions to minimize impact on nearby airfield operations having a flight path to the right-hand side of the protected region.
  • Each of these notifications 240-243 can occur in an effectively simultaneous fashion. It is envisioned that in other configurations, the notifications are sent out one after another in a procession. In such configurations, it is recognized that there may be intrinsic value in notifying command and/or engagement assets first before notifying subjects or sensor assets. It is further envisioned that in other configurations, it is recognized that notifying one or more subjects may take priority, or some other combination of notifications would be sent out first followed by other notifications of relatively decreased temporal relevance.
  • FIG. 5 An illustrated example of the communication network connections used for one configuration of the embodiments described herein is provided in FIG. 5.
  • the deployment application in this configuration protects a region of track for a high-speed railway.
  • a first region of track 341 is connected by rail by some distance (e.g., miles) represented by the dotted line connection to a second region of track 342.
  • a rail subject 310 e.g., a train or High-Speed Rail (HSR)
  • HSR High-Speed Rail
  • the rail subject 310 has two resources of communication with the defense system 300, a subject cellular radio 334 and a subject satellite radio 343, which are connected by highspeed datalink cable to at least one cab of rail subject 310 for the engineer to operate.
  • a subject cellular radio 334 and a subject satellite radio 343, which are connected by highspeed datalink cable to at least one cab of rail subject 310 for the engineer to operate.
  • more than two types of communications as possible including other types of communications (e.g., cellular network, satellite network, WAN, fiber optic network, or any other type of network that allows for data communications over long distances).
  • the subject satellite radio 343 can send and receive data through a satellite 342 to a command satellite radio 341.
  • the uplink and downlink details of this datalink are beyond the scope of the presently described subject matter, but the satellite communications network is considered to be a closed network based on the previous definition due to its high level of encryption security.
  • the command satellite radio 341 connects through an access node 330 to a centralized threat assessment engine 324. Each of these connections are also considered closed networks with the additional benefit of physical security from being co-located in a protected facility along with a security command 340 and their access portal 339.
  • the access node 330 further provides for a datalink between the centralized threat assessment engine 324 and the fiber backhaul 320.
  • the fiber backhaul 320 can be part of a cellular network 301 providing direct optical data connections between cellular towers, shown making a direct connection to a first cellular tower 321 and a second cellular tower 322.
  • the defense system 300 could include any number of cell towers.
  • Customers of the cellular service responsible for operating the cellular network 301 are able to connect to cellular radios in range of the first cellular tower 321 and second cellular tower 322 by transmitting digital data through the fiber backhaul 320 to each cellular tower and then wirelessly to the end user’s cellular radio.
  • a total of four cellular radios are shown connected to the cellular network 301.
  • the first cellular tower 321 is in range of and responsible for making connections to the subject cellular radio 334 previously discussed, but also to a first fusion radio 331 and a second fusion radio 332.
  • the second fusion radio is also in range of the second cellular tower 322 and may be connected to the cellular network 301 through the second cellular tower 322 determines that a higher quality connection will result given the network status and environment at the time and network usage by other customers.
  • the second cellular tower 322 is further connected to a third fusion radio 333.
  • the three fusion radios 331, 332, 333 are cellular radios used for communication of fused sensor data to the centralized threat assessment engine 324 as well as for receiving notifications from the threat assessment engine, as discussed above, to local engagement assets physically co-located with sensing assets and sensor fusion engagement nodes in a field.
  • the first fusion radio 331 is wired to a first fusion engagement node 311, which contains multiple sensors, sensor fusion signal processing, and RF effector capabilities incorporated in physical proximity within a single housing.
  • the second fusion radio 332 is wired to the second fusion engagement node 312 and the third fusion radio 333 to the third fusion engagement node 313, the second fusion engagement node 312 and the third fusion engagement node 313 being likewise at least similarly configured as the first fusion engagement node 311.
  • these three fusion engagement nodes 311-313 provide both the local sensing and effecting functions utilized by the defense system 300 to detect potential threats and engage them when the threat has been assessed and the system 300 is lawfully permitted to engage.
  • a perpetrator 350 has launched a threatening drone 349 which is flying just above the rails of the second region of track 342 a short distance away from the oncoming rail subject 310 traversing down the first region of track 341.
  • the sensing assets of the second fusion engagement node 312 and third fusion engagement node 313 have already provided sufficient data through the cellular network back to the centralized threat assessment engine 324, which determines a nature of the threat as the threatening drone 349 having a vector highly likely to intercept the vector of the rail subject 310.
  • the centralized threat assessment engine 324 further identifies and locates the perpetrator 350.
  • Records are retrieved that details the RF channels and waveform used by the perpetrator 350 to control the threatening drone 349, and these details are provided to the second fusion engagement node 312 and third fusion engagement node 313 to assist them in ensuring maximum efficacy of response with a minimum of collateral damage including, but not limited to, spectral contamination of unused operating bands and channels that might otherwise be potentially used for drone control.
  • the centralized threat assessment engine 324 is able to use sensor data to effectively locate the operating regions of the perpetrator 350 and threatening drone 349. Based on location and efficacy data detailing similar threats centralized threat assessment engine 324 determines that the most effective use of resources is to have the second fusion engagement node 312 target the threatening drone 349 while the third fusion engagement node 313 target the perpetrator 350.
  • the security command 340 has already received authority to engage in the event of a potential drone strike, and so the security command 340 provides a follow-up notification ordering the fusion engagement nodes 311, 312, 313 to begin engaging their targets.
  • the second fusion engagement node 312 transmits a drone neutralizing emission
  • the third fusion engagement node 313 transmits a ground station neutralizing emission
  • both engagement nodes 312, 313 jam GNSS services for each target, so both targets 349, 350 are not only blind and unable to communicate, but their instruments have lost their positions and can therefore no longer help each other carry out their mission.
  • the drone 349 in this example is programmed to land safely when it loses its command and control link, as well as all GNSS services. It descends to a spot near the tracks within a few seconds just as the rail subject 310 approaches the second region of track 342.
  • the threatening drone 349 and remote controller of the perpetrator 350 change their emissions when they lose control, and this change is immediately detected by the fusion engagement nodes 312, 313 nearby with data sent through the cellular network 530 back to the centralized threat assessment engine 324.
  • the centralized threat assessment engine 324 recognizes the change in RF emissions as indicative of the engagement being successful in severing the command and control and data/telemetry links, and retrieves information from its databases that details a modified waveform and revised channel set is now being used to attempt to reconnect.
  • a new notification is sent out to the fusion engagement nodes 312, 313 with an update to adjust their RF waveforms to maintain the severed data link and prevent reconnection.
  • Another new notification is sent out to an engineer of the rail subject 310 to let him know the threatening drone 349 is now under control due to successful engagement and is likely to land. The engineer watches the drone 349 veer off course and descend nearby, as he speeds past safely.
  • the air defense system 520 turns to gathering more information about the perpetrator 350 and their threatening drone 349.
  • the entire event is, of course, captured and archived in the databases of events, but additional data can still be gathered.
  • the second fusion engagement node 312 focuses its camera on the grounded threatening drone 349 to get as high of a resolution image as it can to see if there are any identifying markings such as custom bandings, decals, or tape over lights, potential payload modifications or characteristics, as well as markings such as an FAA number, which by law is supposed to be visibly marked on all drones flying in the United States. Any of these items can help correlate the threatening drone 349 to an identity of the perpetrator 350.
  • the second fusion engagement node 312 concentrates its RF detection sensor(s) to sense any land mobile radio or cellular emissions from the threatening drone 349.
  • any cellular transmission could be a trigger for a bomb, beacon, or a replacement command and control signal to help the perpetrator 350 regain control of his downed aircraft!
  • All RF transmissions in the region are recorded along with available meta-data as being of potential value in future correlation and threat assessment activities, including threat mitigation of the existing and yet unknown payload.
  • a local police station can be contacted by security command 340 and informed of the downed drone 349 and any other status known about its appearance and payload.
  • the third fusion engagement node 313 focuses its attention on the perpetrator 350.
  • the camera is slewed and zoomed on the region where the perpetrator’s RF emissions were detected.
  • a sedan is seen pulled off to the side of a nearby road, and the camera switches views between the sedan and the woods located as the center of the RF emissions, with data provided back to security command 340, who again updates the local police of the suspicious lead.
  • An RF emission sensor from the third fusion engagement node 313 is similarly active listening for continued command and control emissions and attempting to locate the perpetrator 350 through these emissions as he moves, as well as checking for any cellular band activity also emanating from a similar location in case the perpetrator 350 makes a phone call to conspirators to update them on his failed action.
  • the third fusion engagement node 313 records the activity to the best of its ability and time stamps it for later analysis. In follow-up, these details will be shared with detectives to contact the cellular network provider with a warrant to help track down that suspicious phone caller and put numbers and names to faces that never appeared on camera.
  • FIG. 6 An example of a UAS defense system 400 having a distributed threat assessment engine and supporting wireless mesh network is illustrated in FIG. 6.
  • a high-speed subject 410 e.g., HSR
  • HSR high-speed subject
  • the high-speed subject 410 has two resources of communication by way of a subject multiband radio 434.
  • a first resource is provided through an open cellular network 401 with infrastructure owned and operated by a partnership of cellular service providers and the second resource is a closed wireless mesh network owned and managed by an operator of the UAS defense system 400.
  • the cellular network 401 jointly owned and operated by the cellular service providers is comprised of a joint fiber backhaul 420 connected to a plurality of cellular towers and data modems.
  • the example of FIG. 6 illustrates two towers taking part in an engagement, a first cell tower 421 and a second cell tower 422 with fiber connections to the joint fiber backhaul 420.
  • the cellular network 401 could include any number of cell towers.
  • a single data modem 430 configured to present the cellular network 401 with data to and from a command assessment engine 424.
  • a command portal 439 is connected to the command assessment engine 424 and provides access to databases and operational information to the commander 440 as well as translating commands and notifications for dissemination to proper recipients.
  • a mesh network by contrast, has no dedicated centralized infrastructure.
  • a peer- to-peer data link is created between mesh radios within range and availability.
  • the mesh network provides direct connection between the subject multiband radio 434 and a first fusion node radio 431, which is itself also connected to the field engine radio 432.
  • the field engine radio 432 completes the mesh network through its additional connection which is to the second fusion node radio 433.
  • Each node in the mesh network can send data, receive data, or act as a relay for data to pass through from a sender to a receiver.
  • the high-speed subject 410 is able to share data, commands, and notifications with the field assessment engine 427 using its subject multiband radio 434 through the first fusion node radio 431 arriving at the field engine radio 432.
  • Any node in the mesh network can similarly provide data along to any other node, although data throughput and buffering may be an issue if multiple senders are attempting to pass data through one node at one time.
  • the mesh network is used as a closed network system that is a low- bandwidth backup in case there is an outage, slow-down, or security breach with the open cellular network 401.
  • One important aspect of the networked UAS defense system 400 with distributed threat assessment example of FIG. 6 is that it incorporates a field assessment engine 427 located in the deployed region of protection.
  • the field assessment engine 427 of this configuration is physically co-located with sensing, sensor fusion, and engagement assets inside a field engagement node 412.
  • the field assessment engine 427 is able to communicate with a first sensor fusion node 411 and second sensor fusion node 413 in the field using the mesh network and cellular network 401 through their associated fusion node radios.
  • the first sensor fusion node 411 has data connections as well as command and control connections (connections not explicitly illustrated in FIG. 6) to sensor nodes including a first acoustic sensor 401 and a first imaging camera 402.
  • the first sensor fusion node 411 provides data to the field assessment engine 427 and the command assessment engine 424 but, in at least one configuration, not to the second sensor fusion node 413 or high-speed subject 410 despite the fact that they are connected on the same cellular and wireless mesh networks.
  • the second sensor fusion node 413 is connected to a second acoustic sensor 404 and a second imaging camera 405.
  • the second sensor fusion node 413 similarly provides data to the field assessment engine 427 and the command assessment engine 424 but, in at least one embodiment, not to the first sensor fusion node 411 or high-speed subject 410 despite being redundantly connected.
  • the purpose of the sensor fusion nodes 411, 413 is to gather data, fuse data to reduce network traffic and overhead, and respond to the monitoring requests and demands of the field assessment engine 427 and command assets.
  • a rogue pilot 450 sends a command to fly a rogue drone 449 over a second track region 442 in the path of an incoming high-speed subject 410.
  • the radio frequency waveforms of the command signals from the rogue pilot 450 are detected by sensing and sensor fusion assets within the field engagement node 412.
  • the telemetry and data signals back from the rogue drone 449 are detected by sensing and sensor fusion assets associated with the second sensor fusion node 413. These detection events are sent to the field assessment engine 427 with a full data stream and to the command assessment engine 424 with a partial data stream.
  • a full data stream can be provided to one or more field assessment engines and to at least one command assessment engine.
  • a full data stream can be provided to one or more field assessment engines and to at least one command assessment engine.
  • a full data stream can be provided to one or more field assessment engines and to at least one command assessment engine.
  • having communication networks with low bandwidth available e.g., the same configuration but at a peak traffic time and higher network bandwidth pricing available from the cellular service operator
  • the field assessment engine 427 determines that the RF signatures do, in fact, represent an immediate threat based on their characteristics and location.
  • the field assessment engine 427 notifies its own attached field engagement node 412 of the rogue drone 449 and the rogue pilot 450, including their locations and RF disruption details appropriate for neutralizing both targets. It further notifies the command assessment engine 424 of its findings through the cellular network by way of the second cell tower 422 and the joint fiber backhaul 420.
  • the field assessment engine 427 further sends a backup notification to the high-speed subject 410 to alert the engineer and provide targeting information for the subject engagement asset 447 just in case the mesh network is unsuccessful in securing a data link and notification event.
  • the high-speed rail air defense system 400 has been pre-authorized to engage potentially lethal threats, so the field engagement node 412 and the subject engagement asset 447 automatically engage the rogue drone 449 and rogue pilot 450.
  • the rogue drone 449 is engaged by a field UAS disruption signal 445 emitted by the field engagement node 412 and engaged by a subject UAS disruption signal 448 emitted by the subject engagement asset 447.
  • the rogue pilot 450 is engaged by a field GCS disruption signal 446 emitted in a separate directional sector simultaneously by the field engagement node 412.
  • a key benefit of a distributed threat assessment architecture is that the system incorporates redundancy providing fault tolerance.
  • Each local threat assessment engine has the ability to assess a threat based on local resources, and a second opportunity to assess a threat is provided by one or more other threat assessment engines given sufficient time and processing resources. This necessarily includes the ability to have threat assessment engine resources readily available in cases where multiple events have been coordinated by accident or intent.
  • a key benefit of a distributed threat assessment architecture is that the decisionmaking surrounding the proper identification and characterization of a threat is performed in a more local manner than with the consolidated threat assessment architecture. This improves the speed of communications and response, especially valuable for engagement scenarios where seconds matter and a slow network or restricted portal could prevent a centralized threat assessment engine from accessing data or providing timely notifications for re-positioning or reprioritizing sensing assets that may be able to assist in gathering data for improved assessment.
  • a key disadvantage of the distributed threat assessment engine of the UAS defense system 400 is the increased cost and potentially increased maintenance due to the higher complexity of having multiple artificial intelligence engines throughout the deployed UAS defense system 400.
  • the field assessment engine 427 has authority over its own colocated assets as well as the nearby field sensor fusion nodes 411, 413. It may also have an override function for asserting command if directed by a human operator of sufficient authority.
  • a separate consideration is for determination of maintenance or malfunction, and how the UAS defense system 400 is tested and/or self-tested and reported so that the command assessment engine 424 can exert authority if the local field engines, such as the field assessment engine 427, needing reboot or repair.
  • An element of certain configurations of a UAS defense system is an RF engagement asset used to disrupt the command and control signals uplinked from a ground control station, the GNSS navigation signals used by a ground station or UAS to locate themselves, and/or the telemetry and data links downlinked from the UAS to the ground control station.
  • at least one RF engagement asset will be comprised of directional antennas having a limited field of effect.
  • such a directional RF engagement asset is shown having at least two antennas with limited elevation directivity.
  • a benefit of having directionality in an RF engagement asset is that it substantially reduces the potential for disruptive electromagnetic emissions to emit in directions where there is no perceived threat, but where there may be legitimate users including, but not limited to, important users such as aircraft, security equipment, first responder radios, and other RF applications needed for safety or emergency response. Negatively impacting any lawful users of RF services may be considered “spectral collateral damage” and has varying levels of tolerance in different deployment applications, regions, and even times of day based on lawful traffic and likely presence of important RF services.
  • the directional RF engagement asset has two regions arranged in line with a vertical axis 503 in line with the Earth’s gravitational pull and a horizontal axis 502 perpendicular to the vertical axis 503. Elevation is defined as being zero degrees (0°) in line with the horizontal axis 502 and as ninety degrees (+90°) in line with the vertical axis 503.
  • An RF asset lower region 500 is positioned below and substantially in line with an RF asset upper region 501, each region containing within at least one directional antenna that is part of an RF generation and transmission circuit.
  • At least one directional antenna contained in the RF asset lower region 500 is aimed out of the side of its cylindrical radome housing 504, with the highest power aiming vector of its effect designated by a lower antenna centerline 511 seen in FIG. 7 to be oriented at +20° elevation.
  • the relative antenna gain of this aiming vector is defined as 0 dBr, and the gain of the antenna in other directions is lower than this zero-reference level. It is worth noting that this 0 dBr represents a high gain antenna having high directionality, with the example configuration illustrated in FIG. 7 being +11 dBi at one frequency of relevance for RF engagement, but the overall ratings are not used in describing in describing the shape of the antenna gain at different angles relative to their peak aiming performance along their primary aiming vector.
  • the lower gain pattern 510 is seen to reduce effective radiated power as the direction angles away from the lower antenna centerline 511 in both positive and negative relative elevation.
  • the elevation beam width in this example is bounded by the lower antenna high angle 512 and the lower antenna low angle 513 representing the points along the lower gain pattern 510 where the relative antenna gain drops to -3 dBr (half of the original power level).
  • the lower antenna high angle 512 is at +50° and the lower antenna low angle 513 is at -10° (i.e., aimed below the horizon line in a slightly downward direction). Emissions from the lower antenna that are higher in elevation than +50° and lower in elevation than -10° will be less than -3 dBr in signal strength, reducing the potential for collateral spectral damage at particularly high or particularly low elevations.
  • the lower elevation aim direction was selected specifically to permit the engagement asset to be mounted in a tower with high visibility to airborne threats, and permit RF engagement of these threats whether they are incoming at a relatively high elevation or flying close to the ground so long as they are sufficiently far in ground-based distance from the tower. Because the elevation of the lower antenna low angle 513 is only -10°, it means that airborne threats down low but very close to the tower itself are less likely to be significantly affected by the RF engagement asset. This also means that there is a reduced impact on friendly spectral use below the tower itself in the immediate vicinity, which may be a security station or other important service asset.
  • At least one directional antenna contained in the RF asset upper region 501 is similarly aimed out of the side of its spherical radome housing, with the highest power aiming vector of its effect designated by an upper antenna centerline 521. Its vector is oriented at +15° elevation with its relative gain defined as 0 dBr and its absolute gain being +7 dBi at one frequency of relevance for RF engagement.
  • the upper gain pattern 520 is seen to reduce effective radiated power as the direction angles away from the lower antenna centerline 511, bounded by the upper antenna high angle 522 and the upper antenna low angle 523 aligned with the points along the upper gain pattern 520 where the relative antenna gain drops to -3 dBr.
  • the upper antenna high angle 522 is at +35° and the upper antenna low angle 523 is at -20°. Emissions from the lower antenna that are higher in elevation than +35° and lower in elevation than -20° will be less than -3 dBr in signal strength, similarly reducing the potential for collateral spectral damage at particularly high or particularly low elevations.
  • One aspect of the upper antenna gain characteristics is that a relatively high gain is preserved throughout the higher elevations, which is why this antenna was selected to be mounted in the RF asset upper region 501.
  • the gain of the upper antenna is -7 dBr, which is much higher than would be seen with typical antennas 55° off of their centerline.
  • This selection permits the upper antenna to effectively engage targets that are exactly above the RF engagement asset, with the recognition that the effective radiated power will be about 20% that of its primary centerline and therefore its effective range (upwards at high-elevation threats) will be reduced.
  • Range is generally an inverse square root relationship with transmission power, so the nominal effective range would be about 45% of its effective range at primary centerline.
  • FIG. 8A is a plan view illustration of a directional switched antenna subsystem 590 including a cross-sectional schematic of a sectorized RF engagement asset 530 comprised of switched high-gain antennas.
  • Other elements utilized for the proper configuration of a complete RF engagement asset are not pictured, so that the figure can focus on explaining an example for enabling an RF engagement asset to engage one or more threats from different directions with a reduced RF emission profile. Further benefits include reduced output power relative to that used by conventional omnidirectional RF engagement asset antennas.
  • No system has been successfully deployed using the configuration shown in FIG. 8A due to an increased complexity and cost and generally lack of need for reducing spectral collateral damage.
  • an air defense system deployed among publicly accessible areas (or functionally accessible for a drone regardless of legality) to protect large and long infrastructure like roads and bridges however, a major benefit of directional systems is the reduced spectral collateral damage to lawful radio frequency signal users.
  • FIG. 8 A illustrates a stationary example of the directional switched antenna subsystem 590, which has a particular benefit over a typical rotating pan-tilt system of increased mean time before failure due to the lack of moving parts.
  • This advantage is particularly important for systems deployed to protect remote regions such as oil pipelines and high-speed rails, which are often in areas challenging for regular maintenance crews to access complex equipment and perform regular service.
  • sufficient antennas are positioned around shared resources for RF generation and possibly including power amplification.
  • the antenna beam patterns are overlapped radially such that when one antenna begins to degrade, an adjacent antenna begins to perform better to take over an RF engagement response.
  • the arrangement of antennas shown in FIG. 8 A has a north antenna 531 that can be aimed with its primary aim direction along its north centerline 541 as +90° azimuth (due North) with relative gain defined as 0 dBr.
  • the antenna has a north gain pattern 540 describing its drop in gain with azimuthal direction in both clockwise (cw) and counterclockwise (ccw) directions.
  • the point where the gain drops to -3 dBr in the counterclockwise direction is the north ccw line 542 located at azimuth of +120°.
  • the point where the gain drops to -3 dBr in the clockwise direction is the north cw line 543 located at azimuth of +60°.
  • any threat that engages from an incoming vector in the region of azimuth +60° to +120° can be effectively engaged by the north antenna 531.
  • the radiated output power level drops precipitously as intimated by the sharp curvature of north gain pattern 540 and a different antenna should be selected for engagement.
  • the arrangement of antennas in the sectorized RF engagement asset 530 has a northwest antenna 532 that can be aimed with its primary aim direction along its northwest centerline 551 at +135° azimuth (due Northwest) with its relative gain defined as 0 dBr.
  • this antenna has a northwest gain pattern 550 dropping in each azimuthal direction away from its centerline, down to -3 dBr at the northwest ccw line 552 at +165° and at the northwest cw line 553 at +105°. Any threat that engages from an incoming vector in the region of azimuth +105° to +165° can be effectively engaged by the northwest antenna 532.
  • a northeast antenna 533 can be positioned with a northeast centerline 556 at +45° azimuth (due Northeast) with relative gain 0 dBr.
  • the northeast gain pattern 555 drops down to -3 dBr at the northeast ccw line 557 at +75° and at the northeast cw line 558 at +15°.
  • Any threat that engages from an incoming vector in the region of azimuth +15° to +75° can be effectively engaged by the northeast antenna 533, noting an overlap with the effective engagement area of the north antenna 531 between +60° and +75°.
  • antennas can be similarly arranged in an azimuthal pattern to face each of the ordinal directions for the effective engagement of any threats from any azimuthal direction. These antennas include a west antenna 534 at 180°, an east antenna 535 at 0°, a southwest antenna 536 at -135°, a southeast antenna 537 at -45°, and a south antenna 538 at -90°.
  • any four antennas can be powered by the RF generation circuitry not pictured, providing for sectorized coverage capable of any four sectors simultaneously while still allowing for high power efficiency and a minimum of spectral collateral damage in the four sectors that are not engaged.
  • phased antenna subsystem 591 for reducing collateral spectral damage is illustrated in the cross-sectional schematic of the quadratic antenna arrays of a phased array engagement asset 560, shown in FIG. 8B.
  • phased antenna subsystem 591 multiple phased array antennas are positioned in an azimuthal arrangement to cover different sectors.
  • Each phased array antenna has the capability to form one or more antenna gain patterns that provide a high gain and directivity in the azimuthal direction and can move the azimuthal aim direction of this beam through the reconfiguration of its beamforming circuitry.
  • phased antenna subsystem 591 illustrated in FIG. 8B uses a digital beamforming capability wherein the signals as generated contain the phase and amplitude variance, using significant processing power but generally having a simplified front end architecture as compared to analog beamforming circuitry.
  • the entire antenna array, front end, and beamforming circuitry are beyond the scope of discussion in the present subject matter but are well known to those skilled in the art of phased array antenna design.
  • Each phased array rather, is shown in schematic form as a 90° solid arc-segment with the curvature aimed in the four ordinal directions associated with the arranged sectors of coverage.
  • a northern array 561 physically can aim down a northern centerline 571
  • a western array 562 physically can aim down a western centerline 581
  • an eastern array 563 can physically aim down an eastern centerline 586
  • a southern array 564 can aim in a southern direction down a centerline not shown in the interest of clarity over completeness.
  • the northern array 561 is physically aimed with its broadside facing along the northern centerline 571, the aim direction of its northern radiation pattern 574 can be reconfigured anywhere in the northern sector 570.
  • phased array antennas can be formed with special attention to the formation of nulls in particular direction as well as high-gain beams, so that known friendly or neutral RF users can be minimally affected through the use of steering nulls in their direction. Their spectral use will therefore not be adversely affected even though an RF engagement action can be performed in their sector physically nearby.
  • the western array 562 can be physically aimed with its broadside facing along the western centerline 581, but its radiation pattern can be reconfigured anywhere in the western sector 580 between the western south bound 582 at -125° and the western north bound 583 at +125°.
  • an overlap is seen in the coverage available between the western sector and the norther sector between +125° and +145°. As with the switched array, this overlap is used for handing off RF engagement between two sectors for moving targets to best address multiple targets occupying both sectors and can permit the simultaneous engagement across multiple sectors as well.
  • FIG. 9 shows a layout of a hypothetical harbor complex 601 for a region, such as a metropolitan region, protected by a breakwall shown as a thick black line and with distributed assets protecting the harbor complex 60 las well as a nearby oil platform 602.
  • a scale in the lower left-hand area shows the tremendous realistic size of the metropolitan harbor complex 601, as the kilometer scale 690 and mile scale 691 showing two units each can attest.
  • the harbor complex 601 itself is shown with regions having a diagonal hatching representing pier areas where ships would be loaded and unloaded along with vertical and horizontal hatching representing predominantly freight areas where containers are stored and reconfigured for trucking in and out of the complex. These differentiated regions are important to note as the type of threats for each region are different, as is the level of security access.
  • a drone operator for example, could easily enter a freight area using a faked ID, whereas the pier areas have separately managed entrances and exits reserved for dedicated port employees and ship crew with escorts typically utilized for visitors.
  • a typical centralized threat assessment system may struggle with the complexity of available assets and may be more easily overwhelmed by a coordinated threat with multiple events that is assessed and correlated simultaneously, providing a single bottlenecked source of failure. Similar weaknesses in networking between assets can be readily imagined in a port environment, where network availability will change from day to day based on the presence of large docked ships and mountainous stacks of containers higher than observation towers used to provide security (and mount sensing assets and communication networking equipment).
  • the primary shipping lanes used for the port complex are shown as dashed lines that pass through dredged channels in the waters approaching a breakwall.
  • the western shipping lane 606 passes through a gap between the western breakwall 603 and the central breakwall 604 to access the first major pier 611, second major pier 612, third major pier 613, and minor piers beyond including a first minor pier 617, second minor pier 618, and third minor pier 619 deep within the complex.
  • An eastern shipping lane 607 passes through a gap between the central breakwall 604 and an eastern breakwall 607 to access the fourth major pier 614, fifth major pier 615, and sixth major pier 616 beyond.
  • the minor piers 617-619 can be four to five miles within the port complex, they need a similar level of air defense, so pervasive assets are deployed to cover the region with overlapping areas of effect to cover both directions of anticipated blockages by large vessels and cargo storage regions.
  • the innermost freight regions continue into other facilities that have generally different air defense needs and are not illustrated for the purposes of this deployment, although they would still be networked for coordinated defense.
  • the terminal freight area 620 is a major access point and needs coverage from both north and south approach avenues, plus coverage from its southwestern piers where line of sight will be restricted throughout different periods of each day.
  • the forward freight area 621 though small, plays a similar role for the eastern major piers, serving more for organization and transport access and therefore would have more open access for sensing assets as well as coordinated engagement.
  • the western freight area 622 provides a mix of ephemeral storage with high movement of contents to the first minor pier 617 but generally has good visual and RF access as the loads are smaller and distribution even, therefore does not need dedicated internal assets for protection.
  • the general freight area 624 focuses on longer-term storage and customs holds, with a low movement rates of cargo and a low security profile not needing dedicated assets and limited coverage.
  • the access freight area 623 features the weakest physical security with many gates and high truck traffic, and the highest movement of small loads in and out. It also has the easiest escape paths for agents provocateur seeking to leave the scene of an attack, and therefore needs a high level of air security and overlapping asset coverage.
  • an oilrig threat node 630 comprises sensing and sensor fusion assets, engagement assets, and a threat assessment engine, providing an oilrig radius 631 of protection.
  • the oilrig threat node 630 has both open network and closed wireless mesh network connections to buoy-based sensor fusion nodes providing seamless event detection capabilities of the eastern shipping lane 607 and marina traffic up to and beyond the breakwater.
  • a first buoy fusion node 632 provides a first buoy radius 633 of detection, and a second buoy fusion node 634 provides a second buoy radius 635 of detection.
  • a buoy engagement node 636 provides a buoy engagement radius 637 of protection with a combined sensor fusion suite and engagement assets covering several square miles of open water within the breakwall that might otherwise be hidden from line of sight of other engagement capabilities.
  • Another primarily water asset is a marina threat node 638 having both open network and closed wireless mesh network connections to its neighboring assets as well as its own sensing, fusion, and engagement assets protecting a marina radius 639.
  • One of these neighbors is the eastern engagement node 640 protecting the entrance for the eastern shipping lane 607 with an eastern shipping radius 641.
  • a second neighbor is the eastern interior node 642, also with sensing, fusion, and engagement assets protecting an eastern interior radius 643.
  • This node is further connected with open and closed wireless networks to further neighbors for maximum speed and redundancy of data sharing.
  • the third neighbor is the access engagement node 656 providing sensing, fusion, and engagement assets protecting an access radius 657.
  • the western shipping lane 606 and major ports served are protected initially by a western engagement node 646 providing sensing, fusion, and engagement assets protecting western shipping radius 647.
  • This node is connected through open and closed wireless networks to the western threat node 650, the threat assessment engine and supporting assets for this region.
  • An additional west pier engagement node 648 provides additional open water coverage with its sensing, fusion, and engagement assets across west pier radius 649.
  • the last asset protecting water access to the terminal freight area 620 is the terminal engagement node 644 providing sensing, fusion, and engagement protection across terminal radius 645.
  • the central waterways and inland freight area region have their own threat monitoring provided by command threat node 654, providing the full suite of protection assets across the command radius 655 and also serving as the master command center for the air security system 600.
  • This command threat node 654 protects the north side and waterway access by small craft to the terminal freight area 620, an important zone for a backside of the highest volume of cargo traffic.
  • the western central waterways and piers are covered by the central engagement node 652, providing sensing, fusion, and engagement protection across the central radius 653.
  • UAS protection system 701 shown in the stylized schematic illustration of FIG. 10, which shows a bridge defense application.
  • a large bridge 700 has an attached incoming highway 66 and an attached incoming railway 55, as well as an attached outgoing highway 766 and an attached outgoing railway 755.
  • An incoming rail class 710 is traveling towards the large bridge 700 and similarly, an incoming prime truck 775 is optimally traversing the incoming highway 66 towards the large bridge 700. Meanwhile, a dangerous drone 749 is flying low along the riverbed and enters the bridge region.
  • the large bridge 700 has been outfitted with sensing, effecting, fusion, and threat detection assets for protection, and both an open cellular network and a closed wireless mesh network are used for communications between the various assets, as discussed above.
  • an open cellular network and a closed wireless mesh network are used for communications between the various assets, as discussed above.
  • certain wireless data links have been compromised for a variety of reasons as described, and the open cellular network becomes an important pathway for several data links between nodes.
  • incoming fusion node 711 Along a region of the incoming highway 66 is deployed an incoming fusion node 711 outfitted with acoustic, RF, and camera sensing assets.
  • Incoming fusion node 711 is connected to the system through the open wireless network by way of an incoming cellular tower 722.
  • the incoming fusion node 711 is sufficiently far away that its onboard wireless network radio does not reach any other assets with a reliable data connection at the time of year of the example engagement, as non-native foliage grows in an aggressive manner to partially block the line of sight established between antennas during initial winter-time installation. Fortunately, the incoming fusion node 711 was installed close to the incoming cellular tower 722 and has a year-round reliable connection.
  • the threat assessment node 712 contains sensing, sensor fusion, engagement, and threat assessment assets, as discussed above, and is deployed on the incoming side of the bridge. It is also connected by an open cellular network by way of incoming cellular tower 722. It has a radio configured for wireless mesh networking to the incoming fusion node 711, but this data link is presently blocked by foliage as previously described. It also has a radio configured for wireless mesh networking to the outgoing engagement node 714 on the far side of the bridge, but the radio on the outgoing engagement node 714 is presently non-functional due to a corroded RF cable unprotected against the elements by an inappropriately trained installer.
  • the outgoing engagement node 714 contains sensing, fusion, and engagement assets, and, like the threat assessment node 712, is reliant exclusively on the open cellular network for communications links at this time, although its link is by way of outgoing cellular tower 723.
  • the command assets are not physically located in a geologically similar region to the large bridge 700 deployment. It is entirely reliant on communications through the open cellular network for notifications from the incoming threat engine 712 to keep apprised of local events and identified threats. Note that the backhaul connection between the cellular towers is omitted in FIG. 10 for the purpose of illustration clarity.
  • the example of detection, threat assessment, notification, and engagement begins as the dangerous drone 749 is detected by the remote acoustic and RF sensors of central fusion node 713 along the riverbed flying towards the large bridge 700.
  • the central fusion node combines the acoustic and RF emission data but has no optical confirmation of a drone operating in the area. It has no idea that the foliage has overgrown the riverbanks and blocks much of its view of the riverbed below three meters in elevation.
  • a blended combination of regionalized acoustic data is sent with coarsely triangulated RF emissions in a data package by mesh network to the outgoing fusion node 715 which relays this data package using the open cellular network to the threat assessment node 712.
  • the threat assessment node 712 has also picked up RF emission activity, but, like the central fusion node 713, it has no successful optical confirmation due to obstructed line of sight. No other sensor picks up any activity of the dangerous drone 749 and no assets of any kind detect any presence of a ground control station or pilot. As it happens, the pilot is actually located miles away and is using the cellular network itself to control the dangerous drone 749 by way of outgoing cellular tower 723, the same tower relaying sensor data for the air defense system(!).
  • the assessment engine in the threat assessment node 712 quickly determines that the event has an acoustic signature matching a heavily laden DJI Inspire-class drone and an RF signature matching the Inspire II model as updated for a neighboring nation with different channels available for command and control datalinks.
  • the event is immediately classified as an active threat, but unfortunately, the location is not yet well known because of the crude data and restricted data flow provided by the central fusion node 713.
  • the assessment engine has an internal clock that is synchronized between all of the various supporting assets and updated regularly through both the cellular network and its GNSS satellite positioning data. It is able to time correlate the incoming data, e.g., within twenty nanoseconds of its true time correlation, and calculates an incoming emission front that permits much finer resolution in transmitter triangulation. Of seven calculated eigensolutions for possible wavefront vectors of an emitting drone, only two are physically possible due to topography, and notifications are sent out to all camera assets in the region to inspect both sites and their surrounds in case the triangulation calculations are incorrect based on the variance from perfectly synchronized clocks. This is a limitation as every nanosecond of variance is equivalent to 3 meters of electromagnetic wave travel time and triangulation will be accordingly inaccurate unless analyzed over many sample times where clock variance can be largely eliminated.
  • the assessment engine of the threat assessment node 412 has now identified a threat, sent notifications to sensor assets to attempt to gather more data, and has now calculated an approximate bearing for a nearby threat. It estimates that the outgoing engagement asset 414 is best positioned for a "blind" attack through the foliage at the waterline, and it further calculates that despite the RF protection afforded by said foliage, its proximity to outgoing engagement asset 414 is likely to permit effective engagement. A notification is sent with the correct foreign channels presently being used and detected for long range telemetry and video data. A further notification is sent to a command regarding the lack of a command and control data link, and presence of a cellular call made a few seconds before the dangerous drone 749 was detected.
  • a further set of notifications are sent to the intrepid subjects hurtling towards their unrealized fate.
  • a first subject notification of the presence of a drone with moderate payload at the riverbed is sent to the prime truck 775 through the cellular network by way of mountain cellular tower 721.
  • a similar notification is attempted to be sent to the incoming rail class 710 through mountain cellular tower 721 as its last ping designated it as the most appropriate tower for the notification.
  • the incoming rail class 710 is presently being handed off to incoming cellular tower 722 as there is an intervening jumbo mountain 767 and cellular service through mountain cellular tower 721 fails quickly for the high-speed rail subject.
  • the pilots of both subject vehicles immediately slow their vehicles in response and a separate phone call direct to command is initiated for each pilot so that they may be apprised of additional developments over the coming minutes as they approach.
  • a specific notification is sent by command before GNSS or cellular disruption can be deployed by an engagement asset.
  • command reviews the threat profile and presence of the cellular data link, she approves the use of GNSS and cellular disruption, and outgoing engagement node 414 sends a disruption signal 745 to wipe out the uplink connection to the drone (defined as cellular tower downlink connection from the tower) as well as the GNSS connection of all bands in all satellite services.
  • the dangerous drone 749 now lacking command, control, and position data stays hovering a few meters above the river surface for a few seconds before it drifts and slowly veers sideways towards a watery doom. Based on the heightened threat of its laden weight detected by the acoustic sensors, the bomb squad of the local police force is summoned to retrieve the wreckage at their expedient convenience.
  • an exemplary general -purpose computing device is illustrated in the form of the exemplary general-purpose computing device 1100.
  • the general- purpose computing device 1100 may be of the type utilized for the sensor nodes 1-9, 101-109, the fusion nodes Al 11, A2 12, Bl 111, B2, 112, the threat assessment engines A 24, Bl 121, B2, 127, B3 1224 (FIGS. 1 and 2) as well as the other computing devices within the air defense system 10 and/or distributed system 110, as the other computing devices with which these devices may communicate through the networks A 20, A 30, B 120, and/or B 130 (FIGS. 1 and 2).
  • the network A 20, A 30, B 120, and/or B 130 FIG. 1 and 2
  • the exemplary general -purpose computing device 1100 can include, but is not limited to, one or more central processing units (CPUs) 1120, a system memory 1110, such as including a Read Only Memory (ROM) 1131 to store a Basic Input/Output System (BIOS) 1133 and a Random Access Memory (RAM) 1132, and a system bus 1121 that couples various system components including the system memory to the processing unit 1120.
  • the system bus 1121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures.
  • one or more of the CPUs 1120, the system memory 1130 and other components of the general-purpose computing device 1100 can be physically co-located, such as on a single chip.
  • some or all of the system bus 1121 can be nothing more than communicational pathways within a single chip structure and its illustration in FIG. 11 can be nothing more than notational convenience for the purpose of illustration.
  • the general-purpose computing device 1100 also typically includes computer readable media, which can include any available media that can be accessed by computing device 1100.
  • computer readable media may comprise computer storage media and communication media.
  • Computer storage media includes media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD- ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the general-purpose computing device 1100.
  • Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
  • communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of the any of the above should also be included within the scope of computer readable media.
  • the general-purpose computing device 1100 may operate in a networked environment via logical connections to one or more remote computers.
  • the logical connection depicted in FIG. 11 is a general network connection 1171 to the network 1190, which can be a local area network (LAN), a wide area network (WAN) such as the Internet, or other networks.
  • the computing device 1100 is connected to the general network connection 1171 through a network interface or adapter 1170 that is, in turn, connected to the system bus 1121.
  • program modules depicted relative to the general -purpose computing device 1100, or portions or peripherals thereof, may be stored in the memory of one or more other computing devices that are communicatively coupled to the general -purpose computing device 1100 through the general network connection 1171. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between computing devices may be used.
  • the general-purpose computing device 1100 may also include other removable/non-removable, volatile/nonvolatile computer storage media.
  • FIG. 11 illustrates a hard disk drive 1141 that reads from or writes to non-removable, nonvolatile media.
  • Other removable/non-removable, volatile/nonvolatile computer storage media that can be used with the exemplary computing device include, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like.
  • the hard disk drive 1141 is typically connected to the system bus 1121 through anon-removable memory interface such as interface 1140.
  • the drives and their associated computer storage media discussed above and illustrated in FIG. 11, provide storage of computer readable instructions, data structures, program modules and other data for the general-purpose computing device 1100.
  • hard disk drive 1141 is illustrated as storing operating system 1144, other program modules 1145, and program data 1146. Note that these components can either be the same as or different from operating system 1134, other program modules 1135 and program data 1136, stored in RAM 1132.
  • Operating system 1144, other program modules 1145 and program data 1146 are given different numbers here to illustrate that, at a minimum, they are different copies.
  • the network interface 1170 facilitates outside communication in the form of voice and/or data.
  • the communication module may include a connection to a Plain Old Telephone Service (POTS) line, or a Voice-over-Intemet Protocol (VOIP) line for voice communication.
  • POTS Plain Old Telephone Service
  • VOIP Voice-over-Intemet Protocol
  • the network interface 1170 may be configured to couple into an existing network, through wireless protocols (Bluetooth, 802.1 la, ac, b, g, n, or the like) or through wired (Ethernet, or the like) connections, or through other more generic network connections.
  • a cellular link can be provided for both voice and data (i.e., GSM, CDMA or other, utilizing 2G, 3G, and/or 4G data structures and the like).
  • the network interface 1170 is not limited to any particular protocol or type of communication.
  • the network interface 1170 be configured to transmit data bidirectionally, through at least one mode of communication.
  • the more robust the structure of communication the more manners in which to avoid a failure or a sabotage with respect to communication, such as to collect sensor data in a timely manner.
  • the program module 1135 comprises a user interface which can configure the disclosed components of the air defense system 10 and/or distributed system 110.
  • the program module 1135 comprises a keypad with a display that is connected through a wired connection with the CPU 1120.
  • the program module 1135 may comprise a wireless device that communicates with the network interface 1170 through a wireless communication protocol (i.e. , Bluetooth, Wi-Fi, etc.).
  • the program module 1135 may comprise a virtual programming module in the form of software that is on, for example, a smartphone, in communication with the network interface 1170.
  • such a virtual programming module may be located in the cloud (or web based), with access thereto through any number of different computing devices.
  • a user may be able to communicate with the disclosed components of the air defense system 10 and/or distributed system 110 remotely, with the ability to change functionality.

Abstract

A method and system include a first plurality of sensor nodes, a second plurality of sensor nodes, a fusion node, and a threat assessment engine. The first plurality of sensor nodes provide first sensor data. The second plurality of sensor nodes provide second sensor data. The fusion node merges the first sensor data into a combined sensor data set and to provide the combined sensor data set. The threat assessment engine, in communication with the fusion node and the second plurality of sensor nodes, receives the second sensor data and the combined sensor data set, determines, based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set, and notifies the subject of the potential intersect of the threat with the subject.

Description

TITLE
NETWORKED AIR DEFENSE INFRASTRUCTURE WITH INTEGRATED THREAT ASSESSMENT
CROSS-REFERENCE TO RELATED APPLICATION
[0001] This application claims priority from U.S. Prov. Pat. App. Ser. No. 63/073,164 filed September 1, 2020, entitled “NETWORKED AIR DEFENSE INFRASTRUCTURE WITH INTEGRATED THREAT ASSESSMENT”, the entire disclosure of which is hereby incorporated by reference in its entirety.
BACKGROUND OF THE DISCLOSURE
[0001] 1. Field of the Disclosure
[0002] The disclosure relates in general to infrastructure security, and more particularly, to secure systems and methods of assessing and engaging unmanned airborne threats (e.g., drones) across a network. Such systems and methods are not limited to countering drones, however, although such systems and methods are particularly useful for detecting and preventing unwanted drone activity.
[0003] 2. Background Art
[0004] Typical unmanned air system (UAS) defense systems are deployed to protect a single site (e.g., a security force station or prison), or a site region with a fixed perimeter (e.g., a forward operating base or airport). These applications are convenient and affordable to protect, as a small area of a few city blocks or square km is defensible with a single sensor suite and single effector or cabled/fiber-connected cluster of short-ranged assets. Such systems typically physically co-locate sensing assets with one or more effector assets providing either an omnidirectional radio-frequency (RF) or directional turret-aimed engagement (RF, directed energy, and/or kinetic) response.
[0005] Additional distributed sensing assets such as remote acoustic and low-cost cameras or electro-optical/infrared (EO/IR) have been deployed and networked to a command asset proximate to a primary effector. These systems have a broader sensing reach with multiple sensing technologies, and sensor fusion techniques have been used to merge acoustic with optical and/or active radar sensor data to dramatically reduce the detection rate of false positives. In addition to improved target detection and identification, distributed sensing and sensor fusion approaches provide dramatically improved target location and tracking, including the location and tracking of potential threats to operational assets such as UAS pilots at ground control stations. Distributed sensing further improves response coordination and effector impact assessment (i.e., “kill verification”). Distributed sensing assets have intrinsic redundancy, so that removal, destruction, down-time, or underperformance of individual nodes will not result in precipitously reduced surveillance capabilities. This will generally be true provided the network(s) employed for sensor data and notification promulgation are sufficiently robust as to not be dependent on that specific down node’s presence.
[0006] Typical UAS defense systems, including military systems, use local (short range) connection methods, typically wired but sometimes wireless, to interface between its sensing assets, effector asset(s), and its command asset. What is lacking, however, is the ability to coordinate sensor data (and/or fused sensor data) across long distances such as hundreds of km (e.g., with “long” defined as longer than the range of a single effector) across fundamentally insecure networks.
SUMMARY OF THE DISCLOSURE
[0007] The disclosure is directed to a system comprised of a system comprising a first plurality of sensor nodes, a second plurality of sensor nodes, a fusion node, and a threat assessment engine. The first plurality of sensor nodes provide first sensor data. The second plurality of sensor nodes provide second sensor data. The fusion node, in communication with the first plurality of sensor nodes, merges the first sensor data into a combined sensor data set and to provide the combined sensor data set. The threat assessment engine, in communication with the fusion node and the second plurality of sensor nodes, receives the second sensor data and the combined sensor data set, determines, based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set, and notifies the subject of the potential intersect of the threat with the subject.
[0008] In some configurations of the system, the first and second sensor data includes at least one of electro-optical/infrared camera data, RF sensor data, and acoustic data.
[0009] In some configurations of the system, the fusion node is a first fusion node and the combined sensor data set is a first combined sensor data set. The system further comprises a third plurality of sensor nodes to provide third sensor data and a second fusion node, in communication with the third plurality of sensor nodes, to merge the third sensor data into a second combined sensor data set and provide the second combined sensor data set. The threat assessment engine further to receive the second combined sensor data set and make the threat assessment based on at least one of the second sensor data, the first combined sensor data set, and the second combined sensor data set.
[0010] In some configurations of the system, the threat is a drone and the subject is at least one of a truck, a train, a ship, and a harbor facility.
[0011] In some configurations of the system, the system further comprises a time & control factors resource. The threat assessment engine receives command and security control factors from the time & control factors resource, the security control factors from the time & control factors including at least one of digital signature keys to validate a legitimacy of the first and second sensor data, an allowable communications waveform, and a data packet size of the second sensor data and the combined sensor data set.
[0012] In some configurations of the system, the system further comprises a cellular network, the first plurality of sensor nodes providing the first sensor data via the cellular network and the fusion node providing the combined sensor data set via the cellular network. [0013] In some configurations of the system, the system further comprises a database to provide the threat assessment engine with a library of different threat profiles of data representing previously encountered threats in at least one of training and in the field.
[0014] In some configurations of the system, the threat assessment engine is a first threat assessment engine. The system further comprises a third plurality of sensor nodes to provide third sensor data, and a second threat assessment engine, in communication with the third plurality of sensor nodes and a third threat assessment engine, to receive the third sensor data, determine, based on the received third sensor data, another time and another location of another potential intersect of another threat with another subject based on the third sensor data, and notify the another subject of the potential intersect of the another threat with the another subject, the third threat assessment engine receiving the determined another potential interest of another threat with another subject from the second threat assessment engine.
[0015] In some configurations of the system, the threat assessment engine further notifies an engagement asset of the potential intersect of the threat with the subject.
[0016] In some configurations of the system, the engagement asset is a jammer.
[0017] In some configurations of the system, the system further comprising a fusion node controller associated with the fusion node, the fusion node controller to relay control commands for the fusion node to begin searching for the threat.
[0018] In some configurations of the system, the threat assessment engine provides notification that the system has been compromised.
[0019] In some configurations of the system, the system further comprises a first plurality of sensor controllers, associated with the second plurality of sensor nodes, to receive notification from the threat assessment engine to track the threat.
[0020] The disclosure is also directed to a method comprising providing, by a first plurality of sensor nodes, first sensor data, and providing, by a second plurality of sensor nodes, second sensor data. The method further comprises merging, by a fusion node in communication with the first plurality of sensor nodes, the first sensor data into a combined sensor data set, and providing, by the fusion node, the combined sensor data set. The method even further comprises receiving, by a threat assessment engine in communication with the fusion node and the second plurality of sensor nodes, the second sensor data and the combined sensor data set, determining, by the threat assessment engine and based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set, and notifying, by the threat assessment engine, the subject of the potential intersect of the threat with the subject.
[0021] In some configurations of the method, the first and second sensor data includes at least one of electro-optical/infrared camera data, RF sensor data, and acoustic data.
[0022] In some configurations of the method, the fusion node is a first fusion node and the combined sensor data set is a first combined sensor data set. The method further comprises providing, by a third plurality of sensor nodes, third sensor data, and merging, by a second fusion node in communication with the third plurality of sensor nodes, the third sensor data into a second combined sensor data set and provide the second combined sensor data set. The method even further comprises receiving, by the threat assessment engine, the second combined sensor data set, and making, by the threat assessment engine, the threat assessment based on at least one of the second sensor data, the first combined sensor data set, and the second combined sensor data set.
[0023] In some configurations of the method, the threat is a drone and the subject is at least one of a truck, a train, a ship, and a harbor facility.
[0024] In some configurations of the method, the method further comprises receiving, by the threat assessment engine, command and security control factors from a time & control factors resource, the security control factors from the time & control factors including at least one of digital signature keys to validate a legitimacy of the first and second sensor data, an allowable communications waveform, and a data packet size of the second sensor data and the combined sensor data set.
[0025] In some configurations of the method, the first plurality of sensor nodes provide the first sensor data via a cellular network and the fusion node provides the combined sensor data set via the cellular network.
[0026] In some configurations of the method, the method further comprises providing, by a database, the threat assessment engine with a library of different threat profiles of data representing previously encountered threats in at least one of training and in the field.
[0027] In some configurations of the method, the threat assessment engine is a first threat assessment engine. The method further comprises providing, by a third plurality of sensor nodes, third sensor data, and receiving, by a second threat assessment engine in communication with the third plurality of sensor nodes and a third threat assessment engine, the third sensor data. The method even further comprises determining, by the second threat assessment engine, based on the received third sensor data, another time and another location of another potential intersect of another threat with another subject based on the third sensor data, and notifying, by the second threat assessment engine, the another subject of the potential intersect of the another threat with the another subject, and receiving, by the third threat assessment engine, the determined another potential interest of another threat with another subject from the second threat assessment engine.
[0028] In some configurations of the method, the method further comprises notifying, by the threat assessment engine, an engagement asset of the potential intersect of the threat with the subject.
[0029] In some configurations of the method, the engagement asset is a jammer.
[0030] In some configurations of the method, the method further comprises relaying, by a fusion node controller associated with the fusion node, relay control commands for the fusion node to begin searching for the threat.
[0031] In some configurations of the method, the method further comprises providing, by the threat assessment engine, notification that the system has been compromised.
[0032] In some configurations of the method, the method further comprises receiving, by a first plurality of sensor controllers associated with the second plurality of sensor nodes, notification from the threat assessment engine to track the threat.
BRIEF DESCRIPTION OF THE DRAWINGS
[0033] The disclosure will now be described with reference to the drawings wherein: [0034] FIG. 1 illustrates a block diagram for an example networked air defense system with secure integrated and centralized threat assessment capability, in accordance with at least one configuration disclosed herein;
[0035] FIG. 2 illustrates a block diagram for another example networked air defense system with secure integrated and distributed threat assessment capability, in accordance with at least one configuration disclosed herein;
[0036] FIG. 3 illustrates an example flow diagram for receiving and validating of sensor data and subsequent threat assessment activities of an example networked air defense system with secure integrated threat assessment capability, in accordance with at least one configuration disclosed herein.
[0037] FIG. 4 illustrates an example flow diagram for retrieval of threat information, threat recording, and agent notifying activities of an example networked air defense system with secure integrated threat assessment capability, in accordance with at least one configuration disclosed herein. [0038] FIG. 5 illustrates an operating example of an example communications data link of a networked air defense system with secure integrated threat assessment capability during a threat detection, assessment, notification, and engagement scenario, in accordance with at least one configuration disclosed herein.
[0039] FIG. 6 illustrates an example of a communications mesh network of a networked air defense system with secure integrated and distributed threat assessment capability during a threat detection, assessment, notification, and distributed engagement scenario, in accordance with at least one configuration disclosed herein.
[0040] FIG. 7 illustrates an example of restricted antenna coverage in elevation for an RF effector used in a networked air defense system with secure integrated and distributed threat assessment capability, in accordance with at least one configuration disclosed herein.
[0041] FIGS. 8A and 8B illustrate examples of restricted antenna coverage in azimuth for an RF effector and RF sensing asset, respectively, as used in a networked air defense system with secure integrated and distributed threat assessment capability, in accordance with at least one configuration disclosed herein.
[0042] FIG. 9 illustrates an example of a resource-efficient deployment of a networked air defense system with secure integrated and distributed threat assessment capability for a large harbor complex, in accordance with at least one configuration disclosed herein.
[0043] FIG. 10 illustrates an example of a resource-efficient deployment of a networked air defense system with secure integrated and distributed threat assessment capability for a large multi-level bridge, in accordance with at least one configuration disclosed herein.
[0044] FIG. 11 illustrates a schematic representation of an example general-purpose computing device, in accordance with at least one configuration disclosed herein.
DETAILED DESCRIPTION OF THE DISCLOSURE
[0045] While this disclosure is susceptible of configuration(s) in many different forms, there is shown in the drawings and described herein in detail a specific configuration(s) with the understanding that the present disclosure is to be considered as an exemplification and is not intended to be limited to the configuration(s) illustrated.
[0046] It will be understood that like or analogous elements and/or components, referred to herein, may be identified throughout the drawings by like reference characters. In addition, it will be understood that the drawings are merely schematic representations of the invention, and some of the components may have been distorted from actual scale for purposes of pictorial clarity.
[0047] It has become appreciated that such capability described does not enable UAS defense for long-distance linear infrastructure such as important highways, high-speed rail lines, bridges, pipelines, and shipping lanes. Because these applications have many thousands of km to protect, and no cost-effective options for distributing sensing and effecting assets, they remain unprotected or poorly protected at best. Networked systems with disparate locations of sensor, effector, and command assets have neither been previously designed nor deployed for counter- UAS purposes, representing an important vulnerability of national and international infrastructure. An attack to the front of a high-speed train by a single UAS carrying an improvised explosive device (IED) could cost a nation hundreds of millions of dollars in economic damage and commercial disruption, especially if a bridge, port, or other important byway or access point is affected. For example, a comparably small rupture in an oil pipeline, such as Enbridge Line 6B in 2010 resulted in $1.2 billion in direct damages and recovery expenses without even considering the tremendous ecological, business, and tourism impacts on the community. Similar ruptures could easily be triggered by UAS lEDs in remote regions across the globe causing incalculable economic, human, and environmental devastation.
[0048] This disclosure, described in detail below, is directed to a system(s) that receive(s) sensor data, assesses this data to determine if there is a threat to one or more protected subjects, and notify(ies) a command asset as to a nature and risk profile of the threat. The system(s) optionally notify(ies) one or more engagement assets, one or more subjects, and/or one or more sensing assets. The system(s) is comprised of a coordinated threat assessment engine having secure sensor inputs and secure notification outputs across an open and otherwise less-secure network.
[0049] The threat assessment engine receives input from one or more databases containing threat profiles, wherein each threat profile is defined by its characteristics encountered with respect to one or more sensing assets. The threat assessment engine further receives one or more additional inputs associated with the timing of a detection event and potential threat as well as its history, and may further receive inputs from control factors containing security codes, white-list data (e.g., allowable intrusions that otherwise appear substantially similar to one or more threat profiles), command overrides, known errors/failures, known false targets, and/or other factors.
[0050] The system(s) access(es) data from one or more sensing assets comprised of one or more sensor nodes and/or one or more sensor fusion nodes. One or more sensing assets is connected to the threat assessment engine through a networked communication system, one or more of which may be an open communication system defined as a communication system having readily retrievable user metadata, limited data security, and/or limited availability or use of encryption resources such as a consumer insecure cellular network. When a sensing asset gathers data containing an event which has the potential to represent a threat, it notifies the threat assessment engine through one or more networked communication systems.
[0051] As part of the notification process, a digital signature is submitted by the sensing asset and, as part of notification receipt, the threat assessment engine (or its associated communication subsystem) verifies the legitimacy of the signature against a database containing valid keys. In addition to valid digital signature keying, certain configurations consider additional control factors to validate the legitimacy of the incoming sensor notification (e.g., two-factor/multi-factor identification). Such additional control factors may include the timing and/or time-based historical data of the incoming notification, and/or the nature of the data itself which may have an incorrect data content size, encoding, header, or other aspects contained within the data and/or in the metadata characteristics of the notification. In certain configurations, these additional control factors include the synchronization of timing resources between sensing assets and threat assessment assets.
[0052] In certain configurations, a closed networked communication system is made available for the sensing element to provide notifications to the threat assessment engine in addition to an open networked communication system. In certain of these configurations, the multiple networked communication systems operate in a meshed fashion, wherein the multiple communication options provide redundancy in case of network outage, poor conditions for data transfer, timing, or security failures.
[0053] Threat profiles contain data associated with typically encountered conditions and may optionally contain data associated with uncommonly encountered conditions but still associated with the same or similar threat. In typical configurations, a threat’s profile data will contain information appropriate for the types of sensors and fusion nodes deployed as sensing assets. Such data may contain such information as the threat’s product type, sound, size, shape, visible color and texture, markings, optical emissions (e.g., marking lights), thermal emissions, intentional and/or unintentional RF emissions, operating bands, speed, aeronautical characteristics, and/or other potentially identifiable characteristics including metadata thereof. [0054] The threat assessment engine has access to receive information from one or more of its databases and, in some configurations, update one or more of its databases. This capability permits a threat assessment engine to create or modify a threat profile with new information regarding that threat, or to classify a new threat previously not recognized and catalogued in one or more available databases.
[0055] The system notifies its command and engagement assets when a relevant threat has been detected, located, and assessed with respect to its location and bearing relative to the location (and bearing, if motive) of one of more subjects. In some configurations and operating conditions, such notification may include details as to the nature of the threat and data that may assist in improved local sensing and/or engagement of the threat. In some configurations and operating conditions, such details include the threat’s product type, sound, size, shape, color, thermal emissions, and other identifying characteristics, the threat’s location and bearing, and/or RF waveform characteristics of the threat’s command and control and/or data channels.
[0056] The system(s) can optionally notify one or more subjects and/or one or more of its sensing assets. In some configurations, such notifications include details as to the nature of the threat and data that may assist in improved local sensing and/or mitigation of the threat’s potential to engage the subject. In some configurations, such details include the threat’s product type, sound, size, shape, color, thermal emissions, and other identifying characteristics, the threat’s location and bearing, and/or recommendations for reducing subject speed, evasive maneuvers, and/or readiness for impact, explosion, derailment, emission, or other potentially calamitous interaction and/or danger posed by the threat.
[0057] In some configurations, the system(s) is/are further comprised of one or more additional geographically dissimilar threat assessment engines that are networked together as a distributed threat assessment capability. In these configurations, each threat assessment engine maintains its own local access to one or more databases, to time and/or historical event data, and to other control factors. Each threat assessment engine may have its own databases, time/history event data, and control factors that are different from those of other threat assessment engines in the system. In some configurations, threat assessment engines would have databases that would be updated by a command database.
[0058] In certain configurations, the threat assessment engine considers the location, bearing, and/or bearing history of a likely threat to predict the likelihood of the threat interacting with a subject. In certain of these configurations, the threat assessment engine further considers the location, bearing, bearing history, and/or projected bearing future of one of more subjects to predict the likelihood of threat interaction.
[0059] Referring now to the drawings and in particular to FIG. 1, an air defense system 10 is disclosed illustrated as including infrastructure, that is a plurality of components and subsystems represented as blocks in a block diagram, as shown. The air defense system 10 depends on input from a plurality of sensing assets illustrated as a series of sensor nodes, some being combined with sensor fusion assets, and some feeding directly into a communications network. A first sensor node Al 1, a second sensor node A2 2, and a third sensor node A3 3 provide first sensor data to a first fusion node Al 11. For example, the first sensor node Al 1 provides electro-optical/infrared camera data, the second sensor node A2 2 provides RF sensor data, and the third sensor node A3 3 provides acoustic data. The first fusion node Al 11 merges the data sets together to provide a combined sensor data set that may or may not contain events associated with potential threats. This combined data set is transmitted through a sensor input communications network A 20 (e.g., cellular network, satellite network, Wide Area Network (WAN), fiber optic network, or any other type of network that allows for data communications over long distances) to the threat assessment engine A 24 where it is received. The sensor input communications network A 20 can be either an insecure consumer cellular network such as that provided by various national carriers (e.g., Verizon, T-Mobile, AT&T) or a secure cellular network.
[0060] Additional sensing assets can send data directly through the communications network A 20 to the threat assessment engine A 24 without being first fused with other sensor data, such as sensor nodes A4 4 - A6 6 that provide second sensor data. For example, a fourth sensor node A4 4 provides night vision camera data for a central region near an asset, such as a bridge, protected by the air defense system 10. A fifth sensor node A5 5 provides RF sensor data to the same region. A sixth sensor node A6 6 provides long-range radar data through the sensor input communications network A 20 to the threat assessment engine A 24 directly as well. Irrespective of whether the data is directly sent through the sensor input communications network A 20 or via fusion nodes Al 11 and A2 12, the sensor input communications network A 20 provides the air defense system 10 with a capability to collect and detect threats over long- distances, such as those for linear infrastructure, that is not possible with typical threat assessment systems.
[0061] As with the sensor nodes A1-A3 1-3 connected to the first fusion node Al 11, a third set of sensors are part of the air defense system 10 and connected to the second fusion node A2 12, sensor nodes A7 7 - A9 9 that provide third sensor data. For example, a seventh sensor node A7 7 provides electro-optical/infrared camera data, an eighth sensor node A8 8 provides RF sensor data, and a ninth sensor node A9 9 provides acoustic data. The second fusion node A2 12 merges the data sets together to provide a combined sensor data set transmitted through the sensor input communications network A 20 to the threat assessment engine A 24 where it is received. In some configurations, the first fusion node Al 11 and the second fusion node A2 12 can be located long-distances apart, such that they fuse sensor data from disparate parts of a single infrastructure, such as the long-distance linear infrastructure discussed above, respectively.
[0062] In the example illustrated by FIG. 1, the sensor input communications network A 20 is a Long Term Evolution (LTE) Fourth-Generation (4G) cellular network that is neither owned nor operated by a user of the air defense system 10, and is incorporated in the discussion and definition of the air defense system 10 by reference in capability though not ownership or control. The user of the air defense system 10 is a paying customer of the operator of the 4G network, which is considered an “open network” in the presently disclosed subject matter in accordance with terms defined above.
[0063] In the example configuration of FIG. 1, the threat assessment engine A 24 is centralized as an important node in the air defense system 10. This block is responsible for receiving data, making assessments, updating databases, and sending status notifications to other blocks for action or inaction as appropriate. There is no additional resource making threat assessment calculations, meaning this engine regardless of input and output networks may be a single point of failure. As the input and output networks are commercial cellular networks, this presents a vulnerability to cyberattack, and implementing operational security in network access layers is an important implementation.
[0064] The threat assessment engine A 24 receives the sensor data and verifies each input is legitimate using a process described in the flowchart of FIG. 3 described in detail below. The threat assessment engine A 24 also receives input from additional blocks representing databases, timing resources, historical archives, and control factors. A set of databases A 25 provide the threat assessment engine A 24 with libraries of different threat profiles of data representing previously encountered threats in training, in the field, and as modified by a set of command databases A 44. In other configurations, the threat profile database is not editable by the threat assessment engine A 24 and could only be updated by a set of command databases A 44. In such configurations, access to the command databases A 44 would be highly restricted and information flow may be unidirectional.
[0065] A second database contained in the set of databases A 25 is a list of historical events wherein events exceeding a significance threshold have been stored. Any data similar in quantitative and/or qualitative nature to the presently assessed sensing event will be retrieved from historical archives. Previous assessment outcomes (and the results of associated engagement activities, if any) based on prior similar events may therefore assist in the generation of an appropriate assessment and generally or comparatively desirable outcome. [0066] The threat assessment engine A 24 also receives input from a time & control factors resource A 26. This input includes a timing resource that tracks the time any event is received by a sensing asset. This input also includes an electronic memory of recent events, so that the threat assessment engine A 24 can determine if a given sensing event may be coupled to other recent sensing events without resorting to historical data. Such recent events may be milliseconds, seconds, or minutes old, and too recent to have been uploaded to archives that are part of the set of databases A 25. Having recent history available for assessing events is a valuable input for correlating data through sensor fusion techniques and can significantly improve both detection rate and reduction of false positives.
[0067] In the configuration illustrated in FIG. 1, the air defense system 10 comprises timing resources that are synchronized with external timing references. These external timing references are provided by the Global Positioning System (GPS) and other Global Navigational Satellite System (GNSS). In some configurations using GNSS services or other atomic-clock external references, timing resources may be synchronized to within one microsecond to permit improved signal processing and sensor fusion between sensing assets.
[0068] In some configurations wherein distributed sensing, fusing, effecting, and/or command assets have synchronized timing, the air defense system 10 further synchronizes the communications methods through one or more channels of the network so that data is transmitted and/or received in a synchronous manner between multiple assets. One such configuration is illustrated in FIG. 2 detailed below.
[0069] In addition to time and recent history, the threat assessment engine A 24 also receives command and security control factors through the time & control factors resource A 26. These control factors include digital signature keys as well as additional control factors to validate the legitimacy of the incoming sensor notification, including the allowable communications waveform and data packet size of the incoming notification, as well as other metadata characteristics as listed in the control factors database. Additional control factors include inputs from command assets to inform the threat assessment engine A 24 to ignore sensor data input from any sensors that are malfunctioning or that have otherwise been compromised, with example data and metadata provided in these databases. These control factors allow the threat assessment engine A 24 to dynamically and automatically reject data that is suspect even if it is cleared by wireless network security protocols and digital signature validation. In such a case when data is rejected, the threat assessment engine A 24 will notify its command A 40 that one or more aspects of the air defense system 10 have been compromised and may warrant attention.
[0070] The threat assessment engine A 24 performs calculations of the likelihood that a sensed event represents a threat in accordance with the flowcharts of FIGS. 3 and 4 detailed below using the input from the sensors, databases, time, and control factors. If the sensed event is assessed as likely representing a threat having a previously known or unknown profile, a notification is generated and promulgated through a notification output communications network A 30 to various recipients. In the configuration described in the illustration of FIG. 1, the nature of the notification and the specific recipients varies by the nature of the threat and the calculated likelihood that said threat will intersect with one or more subjects under protection by the air defense system 10. It is envisioned that in other configurations, any assessed threat regardless of anticipated danger or probability level would be reported to command along with all subjects, effector assets, and sensing assets capable of receiving notifications.
[0071] Every event that is detected by sensor assets and assessed as matching a threat profile by the threat assessment engine A 24, regardless of its vector and the vectors of any subjects (and whether or not they will intersect), will generate a notification provided to the command A 40. This notification will be saved in a threat database, one of the command databases A 44, used for reference at later times and for building up a history of tracking the activities of the same or similar threats in the same region or different regions. This historical data set can then be used to form an update provided to the threat profile and long-term historical information of threat assessment engine A 24’s local databases A 25.
[0072] If the detected threat was determined to potentially intersect the time and location of one or more subjects, the air defense system 10 will provide a notification to each subject potentially affected, including subjects who may be affected by line stoppage so that they can prepare for additional hold time or have the potential to reroute. In the example described in FIG. 1, the threat assessment engine A 24 is able to notify up to three subjects potentially affected by detected and assessed threats.
[0073] The first subject Al 41, is determined to be potentially in the direct line of travel with an incoming threat and is provided the notification that a drone is traveling towards her track and may impact her cab, and is also provided notification that the threat engine recommends significant speed reduction to greatly reduce the potential for derailment in case of a crash. The notification does not recommend full stoppage, as the drone is small and cannot carry enough payload in an IED to derail a slow-moving train. In this example, subject Al 41 is a train engineer of a high-speed train heading towards a bridge, and she has the authority to apply her brakes to begin reducing speed so she does not need additional input from command A 40 to make this decision in a timely and safe manner.
[0074] The second subject A242 is a bridge security station located at the bridge close to where the drone is operating. The operator is provided the drone type and vector along with a notification of which sensing assets were responsible for the detection. He has the authority to provide warning to passenger cars and delivery trucks also using the bridge and does not need additional information from command. Because the drone is small, he decides to turn on yellow flashing warning lights to slow traffic but decides to continue monitoring the situation without stopping traffic flow.
[0075] The third subject A3 43 is another train that is at a station down the tracks twenty minutes in the opposite direction. It was about to leave the station, but the engineer decides to hold for a few minutes at the station to see if there is any further activity from the drone, knowing he can easily make up the time in transit due to the otherwise good weather and smooth operation of the line that week. Once he leaves the station, his passengers would have a hard time making other arrangements should the bridge be closed due to an attack, so a short delay is warranted in the interest of safety and alternatives.
[0076] The threat assessment engine A 24 determines that the first fusion node Al 11 is near the area where the detection occurred, and may be able to provide additional threat detection of the drone or the pilot if it searches in a different mode than its typical operation. The threat assessment engine A24 retrieves information from its databases 25 on the ground station profile that is commonly mated to the drone threat detected, and provides this information as a notification to fusion node Al’s controller 31 through the notification output communications network A 30. Fusion node Al’s controller 31 then relays this into control commands for the first fusion node Al 11 to begin searching for the threat as well as for ground stations commonly associated with that threat. If detected, the pilot might then become the target of a totally different internal or external engagement asset, such as the local police department.
[0077] Fusion node A2’s controller 32 is out of range of the threat profile but is also provided a notification containing the information about the ground station commonly associated with that threat, so it can also begin searching for the pilot.
[0078] The original fourth sensor node A4 4 that provided the data for the initial detection is not centered on the target and does not have local control to stay locked on. The contrast between light and shadows is severe at this time of day when using the normal camera vision mode, despite being in daylight conditions. The threat assessment engine A 24 sends a notification to sensor node A4’s controller 34 to track the target more effectively using the infrared mode so that the image can appear with higher contrast in the region and altitude where the target is flying.
[0079] The fifth sensor node A5 is an RF emissions sensor operating close to the region where the drone was detected, although its detections were not consistent and the threat assessment engine A 24 did not characterize the threat fully based on the incomplete and contradictory data sets provided over the recent few seconds by this sensing asset. If the target continues its present vector, however, it should approach close enough for improved RF detection. Sensor node A5’s controller 35 is given a notification to focus sensing capabilities on the frequency bands that this type of drone is most likely to use for command, control, telemetry, and video data channels. [0080] The sixth sensor node A6 is a radar sensor close to the region where the drone was detected, but it is not anticipated to be in the flight path based on the recent vectors of flight used to track the target and the predictive calculations made by the threat assessment engine A 24. Furthermore, historical data has shown that drones of this type that fly in the region are often launched from an overlook spot, and only rarely come over the hill separating the region covered by fourth sensor node A4 4 and sixth sensor node A6 6. As a result, sensor node A6’s controller 36 is not provided any notification, command, or control signal because of this unlikely imminent future participation.
[0081] The threat is determined to still be operating in a lawful manner at an acceptable standoff range from the tracks, so the first engagement asset Al 45 is not yet allowed to engage the threat. However, in preparation for the drone potentially flying close enough to present an imminent threat that can be lawfully engaged, the threat assessment engine A 24 sends the first engagement asset Al a notification containing the most likely type of drone it is, as well as the characteristics of its most likely ground station. When additional RF information comes in from the fifth sensor node A5 5 in the near future, these predictions can be validated or updated, and the first engagement asset Al 45 will be primed and ready to engage with a waveform (or combination of waveforms) that are likely to be effective.
[0082] In this engagement example, the second engagement asset A2 46 is in no position to aid any actions against the drone, and the ground station has not been located, so the threat assessment engine A 24 does not bother providing it a notification at this time.
[0083] Another system 200 according to the presently disclosed subject matter is described in block diagram of FIG. 2. The following discussion provides an example detection and engagement scenario wherein multiple drone threats are detected simultaneously, which is a challenging scenario for centralized systems such as the example centralized air defense system 10 of FIG. 1 to manage due to a need that each threat be assessed serially by a single threat assessment engine.
[0084] As with the example centralized air defense system 10 of FIG. 1, the distributed system 200 of FIG. 2 depends on infrastructure, that is input from a plurality of sensing assets, some being combined with sensor fusion assets, and some feeding directly into a communications network. A first sensor node Bl 101, a second sensor node B2 102, and a third sensor node B3 103 provide sensor data to a first fusion node Bl 111. The first sensor node Bl 101 provides electro-optical/infrared camera data, the second sensor node B2 2 provides RF sensor data, and the third sensor node B3 3 provides radar data. The first fusion node Bl 111 merges the data sets together to provide a combined sensor data set transmitted to the first threat assessment engine Bl 121. This transmission is performed through a closed communications network that is not separately identified.
[0085] Additional sensing assets send data directly through a sensor input communications network B 120 to the third threat assessment engine B3 124 without being first fused with other sensor data. A fourth sensor node B4 104 and a fifth sensor node B5 105 provide night vision camera data for two different regions protected by the distributed system 110. A sixth sensor node B6 106 provides long-range radar data.
[0086] As with the sensor assets connected to the first fusion node Bl 111, a third set of sensors are part of the distributed system 110 and connected to a second fusion node B2 112. A seventh sensor node B7 107 provides electro-optical/infrared camera data, an eighth sensor node B8 108 provides RF sensor data, and a ninth sensor node B9 109 provides acoustic data. The second fusion node B2 112 merges the data sets together to provide a combined sensor data set transmitted to the second threat assessment engine B2 24 where it is received.
[0087] In the example illustrated by FIG. 2, the sensor input communications network B 120 can be a Fifth-Generation (5G) cellular network that is neither owned nor operated by the user of the distributed system 110, and that is also considered an “open network”, that is an unsecured network that can be accessed by anyone within a vicinity of the sensor input communications network B 120. The sensor input communications network B 20 can likewise be either an insecure consumer cellular network such as that provided by various national carriers (e.g., Verizon, T-Mobile, AT&T) or a secure cellular network.
[0088] The distributed threat assessment engines Bl 121, B2 127, and B3 124 of the present example substantively diverges at this point from the consolidated threat assessment engine A 24 example of FIG. 1. The data stream from the first fusion node Bl 111 is sent directly to a first threat assessment engine Bl 121. The data stream from the second fusion node B2 112 is sent directly to a second threat assessment engine B2 127. Each of these two distributed threat assessment engines Bl 121 and B2 127 are connected together through a closed network, as shown, and to the third threat assessment engine B3 120 through the sensor input communications network B 120.
[0089] In other configurations of the presently disclosed subject matter, no threat assessment engines in the distributed system 110 may be connected through an open network as previously defined. In yet other configurations, all threat assessment engines in the distributed system 110 may be connected through an open network. A combination of open and closed networks with redundant mesh connectivity may be used to connect threat assessment engines. [0090] In configurations deploying the mobile threat assessment engines Bl 121, B2 127, and B3 124, these engines may be connected by open networks at times when closed networks are not available, and by one or more closed networks when they are available. An example would be a threat assessment engine operating from a convoy vehicle that moves between forward operating bases in a conflict zone. It would be attached to its own sensing assets, fusion node, engagement asset, and interact with other sensing assets, fusion nodes, and engagement assets of other convoy vehicles when on the road, and operate with the rest of a base security system when it arrives at its destination.
[0091] In an analogous fashion as the threat assessment engine A 24 of FIG. 1 interacted with its databases and control factors, the distributed threat assessment engines Bl 121, B2 127, and B3 124 of FIG. 2 each interact with their own databases and control factors. The first threat assessment engine Bl 121 accesses a first set of databases Bl 122 for libraries of different threat profiles of data representing previously encountered threats in training, in the field, and as modified by a set of command databases B 144. The first threat assessment engine Bl 121 is able to update its own first set of databases Bl 122 but does not update other databases directly. It will be able to provide its information to the command B 140 and permit the command database B 144 to be updated, but it does not directly have the authority to make changes without regulation by command B 140. In other configurations, interaction with databases will be further restricted and information flow may be unidirectional. In yet other configurations, all databases will be updated by each other through one or more networks continuously and automatically, maintaining the ability to roll back or undo updates in case of unintentional data contamination or security breach. In an analogous fashion as with the example of FIG. 1 the first set of databases Bl 122 also contains a list of historical events and previous assessment outcomes and engagement activities.
[0092] The first threat assessment engine Bl 121 also receives input from a first time & control factors resource Bl 123. This input includes a timing resource that tracks the time any event is received by a sensing asset and an electronic memory of recent events to assist in correlating data through sensor fusion techniques and can significantly improve both detection rate and reduction of false positives. As with the configuration illustrated in FIG. 1, the first time & control factors resource Bl 123 of FIG. 2 comprises timing resources that are synchronized with external timing references. The distributed system 110 further synchronizes the communications methods through one or more channels of the sensor input communications network so that data is transmitted and/or received in a synchronous manner between multiple assets, and threat assessment timing is shared between the distributed threat assessment engines Bl 121, B2 127, and B3 124.
[0093] The first threat assessment engine Bl 121 also receives command and security control factors through the first time & control factors resource Bl 123. As with the configuration of FIG. 1, these control factors include digital signature keys as well as additional control factors to validate the legitimacy of the incoming sensor notification, These control factors allow the first threat assessment engine Bl 121 to dynamically and automatically reject data that is suspect even if it is cleared by wireless network security protocols and digital signature validation and notify its command B 140 of the failure and/or intrusion.
[0094] The first threat assessment engine Bl 121 performs calculations of the likelihood that a sensed event represents a threat using input from the sensors, databases, time, and control factors. If the sensed event is assessed as likely representing a threat having a previously known or unknown profile, a notification containing information needed to defeat or mitigate the threat in an appropriate fashion is sent to the first engagement asset Bl 147. In the presently described example of FIG. 2, only a single engagement asset is shown connected to the first threat assessment engine Bl 121, but in other configurations it is envisioned that a suite of multiple engagement assets would be present. It is recognized that one or more engagement assets may be unsuitable for addressing a given threat, but that other engagement assets may be fully suitable. It is also recognized that the local engagement assets may not be suitable for engaging a particular threat, but that other assets in the distributed system 110 (engagement assets associated with a different threat assessment engine) or external to the distributed system 110 (e.g., nearby tactical bomb squad unit) may be available and/or utilized to counter a given threat. [0095] A notification of a detected threat and the nature of this threat will be provided to the second threat assessment engine B2 127, so that it may participate in further threat assessment, new and/or related threat detections, and/or using its own local second engagement asset B2 148 if appropriate. This notification is treated as a full threat identification event, but this information contained in the notification will be merged with additional input from the second fusion node B2 112. As with the initial threat identification performed by the first threat assessment engine Bl 121, all of these inputs are analyzed by the second threat assessment engine B2 127 to determine if there are other factors such as the timing of other detections or potentially related threats. This secondary analysis is performed using its own local databases B3 125 and command and security control factors through the second time & control factors resource B2 129.
[0096] In addition to notifications given to the second threat assessment engine B2 127, a notification with similar content is generated and promulgated through a sensor input communications network B 120 to the third threat assessment engine B3 124. This notification is a full threat identification event to be merged with additional inputs from the second threat assessment engine B2 127 along with the inputs from the additional sensor nodes as previously described. As with the initial threat identification performed by the first threat assessment engine Bl 121, all of these inputs are analyzed by the third threat assessment engine B3 124 to determine if there are other factors such as the timing of other detections or potentially related threats identified by itself or by the second threat assessment engine B2 127. This secondary analysis is performed using its own local databases B3 125 and command and security control factors through the third time & control factors resource B3 126.
[0097] Every detected event that is assessed as matching a threat profile by any threat assessment engine, regardless of which threat engine, and regardless of which threat vector and the vectors of any subjects will generate a notification provided to the command B 140. This notification will be saved in a threat database, one of the command databases B 144, to develop its history of tracking threats. In an analogous manner as with the centralized air defense system 10 of FIG. 1, this historical data set will be used to form an update provided to the threat profile and long-term historical information of the first databases Bl 122, the second databases B2 128, and the third databases B3 125.
[0098] In addition to notifying command B 140, threat assessment engine B3 124 will also notify both of the other assessment engines by informing assessment asset Bl controller 131 and assessment asset B2 controller 137. Each of these controllers 131 and 137 in the presently described configuration are comprised of the communications interface radios and modems directly connected to the notification output communications network B 130. These radios and modems are then connected to the artificial intelligence data inputs at the core of each of the distributed threat assessment engines Bl 121, B2 127, and B3 124 so that each notification and, especially, additional threat assessment and/or update performed by the more connected third threat assessment engine B3 124 will be provided to the distributed assets for improved local assessment.
[0099] If the detected threat was determined to potentially intersect the time and location of one or more subjects, the distributed system 110 will additionally provide a notification to each subject potentially affected. In a similar manner as the example configuration described in FIG. 1, the third threat assessment engine B3 124 is able to notify up to three subjects potentially affected by detected and assessed threats, except in this configuration the subjects can be notified by the third threat assessment engine B3 124 regardless of where in the distributed system 110 chain of assessment engines the threat was originally identified and assessed.
[0100] The first subject Bl 141, e.g., an experienced vessel captain of a cargo ship determined to be potentially in the direct line of travel with an incoming threat, is provided the notification that an industrial grade drone is traveling towards her vessel, and that it is carrying a thirty to fifty pound payload as determined by the audio pitch of its propellers relative to its airspeed in the present wind conditions. The notification does not recommend full stoppage, as there is no time to redirect the vessel within the 75-second estimated timeframe until potential engagement. The notification instead recommends slewing a remote camera towards its bearing to record the event locally, and for the crew, especially bridge crew based on the threat’s bearing, to take cover and prepare for IED or biological attack. In this example, first subject Bl 141 is the experienced vessel captain, and he alerts his crew immediately, sets all remote cameras for automated motion detect and tracking, and retreats from the bridge to the armory where most of the crew are already donning flak and breathing protection by the time 60 seconds have passed.
[0101] The second subject B2 142 is a crane supervisor station located near to where the drone was first detected. The security officer is provided the drone type and coordinates of the initial detection, along with a notification of which sensing assets were responsible for the detection. Her notification also includes the request to alert nearby operators to look for suspicious activity in the loading zones at and around their equipment, as the pilot may physically be present in their immediate area.
[0102] The third subject B3 143 is the gate access headquarters, who are responsible for manning each security station at the gates to each dock area. They are sent a similar notification as the second subject B2 142. Their notification includes a request to close the gate for the zone where the first detection occurred and detain all personnel attempting to leave the area until the threat passes or is resolved. This is in case the pilot (or a conspirator who may have placed the drone for a pilot located in a different area) is attempting to leave that controlled zone before the suspected attack may strike its target. The local security guards at the access gates of the zone in question is contacted by the third subject B3 143 within seconds, and they immediately close all gates.
[0103] The third threat assessment engine B3 124 determines that the fourth sensor node B44 is not likely to physically see the threat as it is an optoelectronic sensor suite focused on the port operations side rather than the water side. It is given a command for wide sweeping coverage to locate persons that may match the profile of a pilot or person manipulating equipment. These persons may be involved in the threat or not but locating persons who may be participating in the larger threat are now important to locate and track.
[0104] The fifth sensor node B5 105, also an optoelectronic sensor suite, is determined to be in position to potentially see the threat, so it is provided a notification with the threat location and bearing with a command to attempt to detect and track the target. This would provide additional tracking information from a different visual direction, and improve the precise location and velocity estimates for improved threat assessment and prediction of its true target and/or capabilities. [0105] The sixth sensor node B6 106 is a radar sensor located on the waterfront that should be able to detect the drone shortly as it approaches open water. It is provided a notification to track the drone once it becomes visible and pre-seeds the tracking system with the known size and bearing of the known threat and to cycle between general scans for new threats and focusing in on tracking this one known threat.
[0106] As the threat was not on a whitelist of permitted drones operated by inspectors and maintenance workers for the port area, it is already known to be operating in an unlawful manner. In this configuration for this example deployment, engagement assets are permitted to engage the threat so long as they are given a separate human-initiated “engage” signal by command B 140 in accordance with local, state, and Federal laws and regulations for an operator of this distributed system 110 for this specific deployment. In preparation for the (likely imminent) engagement signal by command B 140, the third threat assessment engine B3 124 sends the third engagement asset B3 and the fourth engagement asset B4 notifications containing the most likely type of drone it is, as well as the characteristics of its most likely ground station, so both engagement assets will be primed and ready by the time command B 140 makes the tactical decision to engage. When additional information comes in from any sensing assets in the future (such as locating the pilot through RF emissions or optical detection), these predictions can be validated or updated, including the location of one or more new targets for effective engagement with a minimum of collateral spectral or physical risk.
[0107] A flowchart 250 for processes of threat assessment is provided in FIG. 3, which walks through the process from sensor input and communications validation through gathering of additional information from control factors, time history and log files, database, and calculations that a threat is or is not likely present. The flowchart 250 begins with the detection of an event by a sensing asset, which may be the presence of an unknown object in its zone of surveillance, an atypical RF emission, sound above the noise floor, or other type of sensor data represented by the status event detected by sensor 200. Once there is an event detected by a sensor with process 200, the air defense system 10 and distributed system 1 lOprovidefor the ability for that sensing asset to notify threat assessment engine 201 by a communications network as described previously in FIGS. 1 and 2.
[0108] The next process is typically overlooked in existing closed network deployments of traditional c-UAS systems that do not incorporate the disclosed subject matter: the signature of the notification provided by the sensing asset is verified by the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124. It is possible that a sensing asset has been corrupted or compromised such that an event detection should not immediately be treated with consideration without validation from other sensing assets. It is further possible that an external agent has provided the notification posing as a sensing asset to overwhelm, misdirect, or otherwise confound the threat assessment engine. Such possibilities are more likely if the communications network between the sensing asset and the threat assessment engine are open as previously defined.
[0109] To accomplish the process verify notification digital signature 202, additional resources can be tapped. A signature key database 203 is consulted to determine whether or not the incoming notification has a valid key code. In the example configuration of FIG. 3, the signature key code database 203 is physically proximal to the threat assessment engine inside the same computer hardware housing, so there is little perceived risk of interception of the code verification interrogation process. As a result of this physical security layer, key codes are statically assigned to each sensing asset in the air defense system 10 and distributed system 110, and the signature codes themselves are encrypted as part of the supplied data content and not viewable or reverse-engineerable without the decryption key. In different configurations, these signature keys may be dynamically assigned between each regular or irregular period of sensor notifications based on time, number of interrogations, previous data sets, or any of a plurality of options for dynamic signature key allocation methods.
[0110] An additional resource used to perform the verify notification digital signature 202 task can include additional control/factor identification 204 information. This additional control/factor identification 204 information helps validate the legitimacy of the incoming sensor notification by utilizing an additional parameter besides the signature key to match predetermined expectations (e.g., two-factor/multi-factor identification). Such additional control factors may include the timing and/or time-based historical data of the incoming notification, and/or the nature of the data itself which may have an incorrect data content size, encoding, header, or other aspects contained within the data and/or in the metadata characteristics of the notification. In certain configurations, these additional control factors include the synchronization of timing resources between sensing assets and threat assessment assets. In certain of these configurations, these include the dynamically attributed timing of one or more characteristics of an incoming notification synchronized to pre-determined timing needs, such as matching a particular tenth of a second for when a notification began or when non-zero data was sent. In certain of these configurations, these pre-determined timing needs change over time according to a pre-determined pattern or random variable known only one or more notifications in advance.
[0111] The purpose of the multi -factor verification is to ensure a high probability of a high-integrity answer to the question: is message authenticated? 205. If the answer is “no”, then the notification will be flagged as not complying, leading to a report signature for retry/security review 206 task. The air defense system 10 and distributed system 110 (s) then restarts the flowchart 250 and wait(s) for a new detection by one or more sensing assets.
[0112] If the answer is “yes”, then the flowchart proceeds to the gathering of additional event time and history 211 for the task to gather & correlate time data 210. The purpose of this task is to gather all recent and prior historical data regarding the same or similar types of sensor events, which may include data from tens of milliseconds ago to data from years ago. If prior events contribute to a pattern, the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 may be able to extract that pattern to help determine whether a particular event or detection is likely to be a threat.
[0113] The next step is to continue gathering other information that can assist in the credible assessment of the event. Data, not necessarily other suspicious event notifications from sensor assets, but including all relevant data from all sensing assets in the time frame and region of coverage appropriate for assessing a potential threat, is provided from all relevant sensing assets. This data is received as additional sensor input 213 so the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 may fuse sensor data 212 together to improve the quantity and quality of available data regarding the suspicious event.
[0114] An example final set of data utilized by the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 is the profiles of threats that are the same or similar to the event profile compiled from the fuse sensor data 212 process colored by the additional sensor input 213. The profiles of similar threats from the threat database 215 are then used to compare event to previous threats 214. The comparison is made between one or more profiles from the threat database 215 to create a probability matrix of possibilities.
[0115] The process of creating this matrix is performed in the calculate event threat profile 216 process whereupon multiple potential threats are represented as probabilities and/or weighting functions used to answer the important question: is this event a likely threat? 217. As with any digital approximation to an analog problem, the answer to this question is a weighted set of yes/no answers to different threat profile matches. The setting of a threshold for answering “yes” vs. “no” for each individual threat profile, as well as a universal “yes” vs. “no” for a consolidated threat of any type is an important aspect of the programming and training of the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124.
[0116] In the calculate event threat profile 216 of flowchart 250, a weighted non-binary value is assigned to the likelihood of an event being a threat, and then a binary decision is applied as to which path to a new process is taken. It is envisioned that regardless of the path, the non-binary value is retained as part of the event record. Continued events that are correlated to this event may have different threat assessment values assigned. As an example, consider a potentially threatening UAS was once flying away from subjects, and was applied a low nonbinary value which was below the yes/no cutoff and the event/target was deemed not to be a threat.
[0117] During subsequent event detections and threat assessments, however, the potentially threatening UAS altered its course and is now racing directly towards a potential subject interaction, which increases its non-binary value and is now above the yes/no cutoff and the event/target is now deemed to be a threat. In all cases, the event record keeps track of nonbinary values for not only active threat assessment actions as a target is tracked, but also for historical record-keeping and/or additional threat training to assist in proper threat assessment of future (unrelated) event assessments.
[0118] In other configurations, a non-binary value is not recorded as part of the event history. In yet further configurations, non-binary values are not used for threshold calculations, and a set of binary values (e.g., “yes/no question”) are used to ascertain whether or not an event is classified as a threat.
[0119] The methods of programming and training an artificial intelligence engine for providing an answer to this specific question of process 216 is an element beyond the scope of the presently disclosed subject matter but that should be addressed in any implementation of the air defense system 10 and distributed system 110 that make(s) such a decision. In the present subject matter, the decision-making process is dynamic and necessarily involves near-term activity monitoring as well as historical pattern matching, time of day, range of detected event, proximity to infrastructure, known or anticipated presence of high-profile subjects needing protection, and other factors that change throughout the operational conditions of any security system.
[0120] If the threat assessment engine determines that the detected event does not likely represent a threat, then the answer is “no”, leading to the action event not relevant; restart threat sense/response flowchart 218. Essentially the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 is/are not convinced that a threat is present, and the air defense system 10 and distributed system 110 should continue monitoring, although the event itself will be recorded along with relevant control factors and potential correlation to historical data, fused sensor data from other sensing assets, or to one or more previous threats for consideration, as discussed above. It is recognized that the definition of threat in this case is that the event may be a threat at a future time, or that it may be a threat right now but either due to limited information about its profile, it cannot be classified as a threat with respect to the lawful and/or engagement technical ability to respond. [0121] If the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 instead determine(s) that the detected event does likely represent a threat, then the answer is “yes”, leading to the action continue to threat assessment/response 219. The process of assessment of subject risk, communication with command, and potential response and/or deployment of engagement assets is addressed in the discussion of the flowchart of FIG. 4.
[0122] FIG. 4 provides a flowchart 260 that can begin with the starting event represented by the final statement 219 of the previous flowchart 250 of FIG. 3, designated as threat identified by assessment engine 220. This process leads to a new question regarding the near- term or long-term historical status of this particular event, and whether or not such a threat has previously been detected: Is threat new? 221. For example, in a typical case where a drone is continuously flying within a surveilled zone and identified as a threat based on all available factors, the answer is “no, it is not new” as it was previously detected milliseconds, seconds, and minutes ago as the threat continues to be present.
[0123] If the answer is “no” to process 221, then the flowchart 260 proceeds to an action to retrieve historical engagement data 222 so that any relevant information about this threat can be correlated to previous information known about this type of threat. For example, if the threat is only loosely categorized, such as a “DJI Phantom-class drone” manufactured by Shenzhen DJI Sciences and Technologies Ltd., then the physical characteristics may be well known, but the RF characteristics become an important unknown that should be addressed. This information is then recorded as a threat of this particular class of threat in the add threat detection event to database 224 action in the flowchart 400. This takes place regardless of the level of detail and confidence the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 has in the nature of the threat assessment. In this configuration, the level of detail and confidence is also tracked in this event database 224. In other configurations, the level of detail and/or confidence level may not be tracked. In some configurations, the calculations of potential threat profile matching will be associated with this level of detail and/or confidence level.
[0124] If the new threat is somewhat different than a previously identified threat one or more detection cycles ago, the new threat may be an evolving threat or threat that is new yet exhibits the characteristics of a previous threat. For example, a DJI Phantom V2 exhibits RF characteristics that are very different than a DJI Phantom IV Pro, although their physical exteriors are nearly identical. If the initial detection was made by an electro-optical suite, it may have classified the threat as a DJI Phantom-class threat without inference to its specific model and RF behavior. While studying the threat, new information arrives from the RF sensing asset that suggests the threat is more likely to be a DJI Phantom V2 than any other type of DJI Phantom-class drone. Therefore, the answer at this point in the flowchart 400 at process 221 is “yes, the threat is new” because it is now more correctly identified.
[0125] When the answer is “yes” then the details of the new threat as identified will be recorded as a positive identification with whatever characteristics are known at the time in the add new threat to database 223 action. In situations where the new threat does not match any previously detected threat, the information recorded will create a new entry in the database 223, along with any similarities to other profiles. After the add new threat to database 223 action is performed, the air defense system 10 and distributed system 110 will then proceed to the add threat detection event to database 224 action previously described.
[0126] Once the threat detection has been recorded, multiple notifications will be sent out. The first notification is to notify command 230 of the presence of the threat and the nature of the threat to the best of an ability of the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 to define it. This notification may contain probability information about the likelihood the threat represents one or more specific types of threats given available inputs.
Additional notifications are sent out to any sensing assets in a relevant position and capability to possibly participate in providing new information for the next threat assessment cycle. The management of which sensing assets should be notified and/or adjusted through control or command functions depends on the nature of the threat and whether these resources are most efficiently deployed addressing the presently assessed threat. The decision to notify/adjust sensor node(s) 231 incorporates this decision-making task balancing the risk of reducing unknown or other event data with the reward of receiving additional data that may be used to further characterize, define, or track the presently assessed threat.
[0127] In addition to notifying command and sensing assets, the threat assessment engines A 24, Bl 121, B2 127, and/or B3 124 tum(s) its processing focus on determining the relevance and imminence of the threat to subjects under the protection of the air defense system 10 and distributed system 110 through the correlate additional input (if any) 232 process. The threat vector(s) 233 of the location and bearing of the threat presently being assessed are provided as inputs, along with the subject vector(s) 234 of the location and bearing of the subjects under protection. These vectors will then be correlated and predicted based on known historical data and/or planned vector adjustment of subjects.
[0128] An example of historical vector adjustment is knowing that a high-speed train will be slowing as it comes around a particular bend to an adjusted vector, and knowing that the existing track forces a specific coordinate path regardless of speed. These additional factors help predict the future vector of a specific subject. Another example is historical data that drone flights near a particular bluff adjacent to a port typically experiences flyovers of an oil platform, but these flights rarely get closer than 250 meters to the commercial shipping lane. Previous drone flights typically curve away starting at 400 meters, therefore a prediction can be made that most flights incoming along that curve will be likely to curve away, and therefore the risk of interaction with a commercial vessel will be low. If the drone is continuously monitored and it does not begin to curve away at 400 meters, then the threat profile changes, as does the anticipated future vector of its flight path.
[0129] All these additional inputs get correlated into a combined calculation used to predict threat-subject interaction risk 235. This calculation is made based on imperfect and/or time-variant information and prediction of future actions from past performance and present conditions, so it is not guaranteed to be correct. The nature of the predictive calculation engine and/or artificial intelligence engine that performs this calculation, the specific implementation of the software decision making algorithm, and the boundary conditions and assumptions made being an exercise for those skilled in the art of vehicle and pilot/driver behavior modeling and prediction in security applications. The result of this calculation is an answer to the process question: is speed/location time-relevant? 236.
[0130] If the threat is determined to have a vector unlikely to result in subject interaction, that is, a threat to a subject, then the answer is "no", leading the flowchart 260 to end. The event is formally designated as Threat is not imminent; restart threat sense/response flowchart 237 leading to a restart of the flowchart 250. This condition means the threat is present but poses no immediate danger to one or more subjects, and therefore does not warrant an elevated response yet. The threat will continue to be monitored so long as it is still detected by a sensing asset, and if it continues to be classified as a threat, its sensor-provided data along with time stamp and event correlation shall continue to be recorded and monitored.
[0131] If the answer to the process question: Is speed/location time-relevant? 236 is "yes" then the process flow proceeds to at least one of a series of notifications. It is important to notify command 240 of the potential interaction between a subject and a threat. Such a notification will include the nature of the calculations performed and the anticipated interaction location and time assuming continued travel of the threat and/or subject(s) proceeds in the anticipated manner. The system can further notify subject(s) 241 of the potential interaction along with a potential risk mitigation plan. It is envisioned that the command notification shall also include recommendations as provided to one or more notified subject(s) with respect to potential risk mitigation plans to either reduce the likelihood of an interaction or to reduce the potential damage to the subject, its infrastructure, and/or the environment, including crew, passengers, security forces, and/or unaffiliated persons and equipment nearby. This risk mitigation plan may include commands and/or recommendations such as slowing a vehicle, taking evasive maneuvers, initiating safety procedures, initiating counter-measures and/or engagement assets aboard the subject vehicle, and/or informing passengers with additional instructions. In other configurations of the presently disclosed subject matter, no activity recommendations would be provided.
[0132] The air defense system 10 and distributed system 110 will further notify/adjust sensor node(s) 242 of the predicted threat-subject interaction, and modify sensitivity, aim, or other characteristics accordingly to prepare for data gathering that may enhance the prediction of the interaction risk or enhance the calculation of improved potential to mitigate risks posed to one or more subject(s). Such information may include further data collection on flight characteristics or optical assessment of payload to improve threat assessment and therefore improve threat mitigation response.
[0133] The air defense system 10 and distributed system 110 will further notify local engagement asset(s) 243 to prepare for engagement. The nature of engagement initiation will be dependent on federal, state/provincial, and/or local laws on how and when threats of different types may be engaged, if at all. This notification step is to provide the engagement asset(s) with the qualitative and quantitative data needed by each type of asset to best perform their duties along with restrictions to minimize collateral damage potential of each asset. For an RF engagement asset (e.g., GNSS jammer), this may include restriction of which sectors, aim point, and GNSS frequencies and systems may be used for initial engagement. For example, if a transportation system operating in the area is known to use Galileo E6 for operation, the initial notification to a GNSS jammer engagement asset may be to use GNSS waveforms that disrupt nearly all consumer GNSS operations but leaves the one important service unaffected. For example, the notification may permit GPS LI, L2, and L5, BeiDou B1I, E5b, and E6, GLONASS Gl, G2, and G3, and Galileo El, E5a, and E5b, but avoiding Galileo E6. A single angular sector is selected for the disruption transmissions to minimize impact on nearby airfield operations having a flight path to the right-hand side of the protected region.
[0134] Each of these notifications 240-243 can occur in an effectively simultaneous fashion. It is envisioned that in other configurations, the notifications are sent out one after another in a procession. In such configurations, it is recognized that there may be intrinsic value in notifying command and/or engagement assets first before notifying subjects or sensor assets. It is further envisioned that in other configurations, it is recognized that notifying one or more subjects may take priority, or some other combination of notifications would be sent out first followed by other notifications of relatively decreased temporal relevance.
[0135] After the process to notify local engagement asset(s) 243, the threat assessment and risk process is effectively complete for one full cycle of the process flow. The threat may continue to be monitored, with additional notifications sent out as appropriate as the entire cycle begins anew with restart threat sense/response flowchart 244, which restarts flowchart 250. [0136] An illustrated example of the communication network connections used for one configuration of the embodiments described herein is provided in FIG. 5. The deployment application in this configuration protects a region of track for a high-speed railway. A first region of track 341 is connected by rail by some distance (e.g., miles) represented by the dotted line connection to a second region of track 342. Along the first region of track 341 travels a rail subject 310 (e.g., a train or High-Speed Rail (HSR)) under the protection of a deployed example configuration of a defense system 300.
[0137] The rail subject 310 has two resources of communication with the defense system 300, a subject cellular radio 334 and a subject satellite radio 343, which are connected by highspeed datalink cable to at least one cab of rail subject 310 for the engineer to operate. In other configurations, more than two types of communications as possible, including other types of communications (e.g., cellular network, satellite network, WAN, fiber optic network, or any other type of network that allows for data communications over long distances). The subject satellite radio 343 can send and receive data through a satellite 342 to a command satellite radio 341. The uplink and downlink details of this datalink are beyond the scope of the presently described subject matter, but the satellite communications network is considered to be a closed network based on the previous definition due to its high level of encryption security. The command satellite radio 341 connects through an access node 330 to a centralized threat assessment engine 324. Each of these connections are also considered closed networks with the additional benefit of physical security from being co-located in a protected facility along with a security command 340 and their access portal 339.
[0138] The access node 330 further provides for a datalink between the centralized threat assessment engine 324 and the fiber backhaul 320. The fiber backhaul 320 can be part of a cellular network 301 providing direct optical data connections between cellular towers, shown making a direct connection to a first cellular tower 321 and a second cellular tower 322. However, one skilled in the art would appreciate that the defense system 300 could include any number of cell towers. Customers of the cellular service responsible for operating the cellular network 301 are able to connect to cellular radios in range of the first cellular tower 321 and second cellular tower 322 by transmitting digital data through the fiber backhaul 320 to each cellular tower and then wirelessly to the end user’s cellular radio.
[0139] In the configuration of the defense system 300 of FIG. 5, a total of four cellular radios are shown connected to the cellular network 301. The first cellular tower 321 is in range of and responsible for making connections to the subject cellular radio 334 previously discussed, but also to a first fusion radio 331 and a second fusion radio 332. The second fusion radio is also in range of the second cellular tower 322 and may be connected to the cellular network 301 through the second cellular tower 322 determines that a higher quality connection will result given the network status and environment at the time and network usage by other customers. The second cellular tower 322 is further connected to a third fusion radio 333. All these connections are considered open based on previous definitions, as they are part of the cellular network 301 that can be a commercial cellular network and more susceptible to lawful as well as unlawful surveillance, spoofing, jamming, and other disruption and/or network security events and activities.
[0140] The three fusion radios 331, 332, 333 are cellular radios used for communication of fused sensor data to the centralized threat assessment engine 324 as well as for receiving notifications from the threat assessment engine, as discussed above, to local engagement assets physically co-located with sensing assets and sensor fusion engagement nodes in a field. The first fusion radio 331 is wired to a first fusion engagement node 311, which contains multiple sensors, sensor fusion signal processing, and RF effector capabilities incorporated in physical proximity within a single housing. Similarly, the second fusion radio 332 is wired to the second fusion engagement node 312 and the third fusion radio 333 to the third fusion engagement node 313, the second fusion engagement node 312 and the third fusion engagement node 313 being likewise at least similarly configured as the first fusion engagement node 311. Together these three fusion engagement nodes 311-313 provide both the local sensing and effecting functions utilized by the defense system 300 to detect potential threats and engage them when the threat has been assessed and the system 300 is lawfully permitted to engage.
[0141] In the threat example illustrated in FIG. 5, a perpetrator 350 has launched a threatening drone 349 which is flying just above the rails of the second region of track 342 a short distance away from the oncoming rail subject 310 traversing down the first region of track 341. The sensing assets of the second fusion engagement node 312 and third fusion engagement node 313 have already provided sufficient data through the cellular network back to the centralized threat assessment engine 324, which determines a nature of the threat as the threatening drone 349 having a vector highly likely to intercept the vector of the rail subject 310. [0142] The centralized threat assessment engine 324 further identifies and locates the perpetrator 350. Records are retrieved that details the RF channels and waveform used by the perpetrator 350 to control the threatening drone 349, and these details are provided to the second fusion engagement node 312 and third fusion engagement node 313 to assist them in ensuring maximum efficacy of response with a minimum of collateral damage including, but not limited to, spectral contamination of unused operating bands and channels that might otherwise be potentially used for drone control.
[0143] The centralized threat assessment engine 324 is able to use sensor data to effectively locate the operating regions of the perpetrator 350 and threatening drone 349. Based on location and efficacy data detailing similar threats centralized threat assessment engine 324 determines that the most effective use of resources is to have the second fusion engagement node 312 target the threatening drone 349 while the third fusion engagement node 313 target the perpetrator 350.
[0144] In this example, the security command 340 has already received authority to engage in the event of a potential drone strike, and so the security command 340 provides a follow-up notification ordering the fusion engagement nodes 311, 312, 313 to begin engaging their targets. The second fusion engagement node 312 transmits a drone neutralizing emission
345 towards the threatening drone 349 which severs the communications uplink from the perpetrator 350 as well as confounds the video data link sensor of the threatening drone 349 which degrades the communications downlink of video and telemetry data to the perpetrator 350. The third fusion engagement node 313 transmits a ground station neutralizing emission
346 towards the perpetrator 350 which fully severs the video and telemetry data link from the threatening drone 349 to the perpetrator 350. In addition, both engagement nodes 312, 313 jam GNSS services for each target, so both targets 349, 350 are not only blind and unable to communicate, but their instruments have lost their positions and can therefore no longer help each other carry out their mission.
[0145] The drone 349 in this example is programmed to land safely when it loses its command and control link, as well as all GNSS services. It descends to a spot near the tracks within a few seconds just as the rail subject 310 approaches the second region of track 342. The threatening drone 349 and remote controller of the perpetrator 350 change their emissions when they lose control, and this change is immediately detected by the fusion engagement nodes 312, 313 nearby with data sent through the cellular network 530 back to the centralized threat assessment engine 324.
[0146] The centralized threat assessment engine 324 recognizes the change in RF emissions as indicative of the engagement being successful in severing the command and control and data/telemetry links, and retrieves information from its databases that details a modified waveform and revised channel set is now being used to attempt to reconnect. A new notification is sent out to the fusion engagement nodes 312, 313 with an update to adjust their RF waveforms to maintain the severed data link and prevent reconnection. Another new notification is sent out to an engineer of the rail subject 310 to let him know the threatening drone 349 is now under control due to successful engagement and is likely to land. The engineer watches the drone 349 veer off course and descend nearby, as he speeds past safely.
[0147] With the immediate danger passed, the air defense system 520 turns to gathering more information about the perpetrator 350 and their threatening drone 349. The entire event is, of course, captured and archived in the databases of events, but additional data can still be gathered. The second fusion engagement node 312 focuses its camera on the grounded threatening drone 349 to get as high of a resolution image as it can to see if there are any identifying markings such as custom bandings, decals, or tape over lights, potential payload modifications or characteristics, as well as markings such as an FAA number, which by law is supposed to be visibly marked on all drones flying in the United States. Any of these items can help correlate the threatening drone 349 to an identity of the perpetrator 350.
[0148] In addition, the second fusion engagement node 312 concentrates its RF detection sensor(s) to sense any land mobile radio or cellular emissions from the threatening drone 349. Usually the defense system 300 would ignore cellular transmissions in the area as being irrelevant and not of interest, but now with a known threat, any cellular transmission could be a trigger for a bomb, beacon, or a replacement command and control signal to help the perpetrator 350 regain control of his downed aircraft! All RF transmissions in the region are recorded along with available meta-data as being of potential value in future correlation and threat assessment activities, including threat mitigation of the existing and yet unknown payload. A local police station can be contacted by security command 340 and informed of the downed drone 349 and any other status known about its appearance and payload.
[0149] Meanwhile, the third fusion engagement node 313 focuses its attention on the perpetrator 350. The camera is slewed and zoomed on the region where the perpetrator’s RF emissions were detected. Despite having no direct line of sight to any person, a sedan is seen pulled off to the side of a nearby road, and the camera switches views between the sedan and the woods located as the center of the RF emissions, with data provided back to security command 340, who again updates the local police of the suspicious lead. An RF emission sensor from the third fusion engagement node 313 is similarly active listening for continued command and control emissions and attempting to locate the perpetrator 350 through these emissions as he moves, as well as checking for any cellular band activity also emanating from a similar location in case the perpetrator 350 makes a phone call to conspirators to update them on his failed action. As a suspicious phone call appears, the third fusion engagement node 313 records the activity to the best of its ability and time stamps it for later analysis. In follow-up, these details will be shared with detectives to contact the cellular network provider with a warrant to help track down that suspicious phone caller and put numbers and names to faces that never appeared on camera.
[0150] An example of a UAS defense system 400 having a distributed threat assessment engine and supporting wireless mesh network is illustrated in FIG. 6. A high-speed subject 410 (e.g., HSR) is traveling on a first track region 441 under the protection of a deployed example configuration of UAS defense system 400 and is heading towards a second track region 442 connected by rail by some distance (e.g., miles) represented by a dotted line connection. The high-speed subject 410 has two resources of communication by way of a subject multiband radio 434. A first resource is provided through an open cellular network 401 with infrastructure owned and operated by a partnership of cellular service providers and the second resource is a closed wireless mesh network owned and managed by an operator of the UAS defense system 400.
[0151] The cellular network 401 jointly owned and operated by the cellular service providers is comprised of a joint fiber backhaul 420 connected to a plurality of cellular towers and data modems. The example of FIG. 6 illustrates two towers taking part in an engagement, a first cell tower 421 and a second cell tower 422 with fiber connections to the joint fiber backhaul 420. However, one skilled in the art would appreciate that the cellular network 401 could include any number of cell towers. Also illustrated is a single data modem 430 configured to present the cellular network 401 with data to and from a command assessment engine 424. A command portal 439 is connected to the command assessment engine 424 and provides access to databases and operational information to the commander 440 as well as translating commands and notifications for dissemination to proper recipients.
[0152] A mesh network, by contrast, has no dedicated centralized infrastructure. A peer- to-peer data link is created between mesh radios within range and availability. In the example of FIG. 6, the mesh network provides direct connection between the subject multiband radio 434 and a first fusion node radio 431, which is itself also connected to the field engine radio 432. The field engine radio 432 completes the mesh network through its additional connection which is to the second fusion node radio 433. Each node in the mesh network can send data, receive data, or act as a relay for data to pass through from a sender to a receiver. In this configuration and operating condition shown, the high-speed subject 410 is able to share data, commands, and notifications with the field assessment engine 427 using its subject multiband radio 434 through the first fusion node radio 431 arriving at the field engine radio 432. Any node in the mesh network can similarly provide data along to any other node, although data throughput and buffering may be an issue if multiple senders are attempting to pass data through one node at one time. In this example, the mesh network is used as a closed network system that is a low- bandwidth backup in case there is an outage, slow-down, or security breach with the open cellular network 401.
[0153] One important aspect of the networked UAS defense system 400 with distributed threat assessment example of FIG. 6 is that it incorporates a field assessment engine 427 located in the deployed region of protection. The field assessment engine 427 of this configuration is physically co-located with sensing, sensor fusion, and engagement assets inside a field engagement node 412. The field assessment engine 427 is able to communicate with a first sensor fusion node 411 and second sensor fusion node 413 in the field using the mesh network and cellular network 401 through their associated fusion node radios.
[0154] The first sensor fusion node 411 has data connections as well as command and control connections (connections not explicitly illustrated in FIG. 6) to sensor nodes including a first acoustic sensor 401 and a first imaging camera 402. The first sensor fusion node 411 provides data to the field assessment engine 427 and the command assessment engine 424 but, in at least one configuration, not to the second sensor fusion node 413 or high-speed subject 410 despite the fact that they are connected on the same cellular and wireless mesh networks.
[0155] In a similar manner, the second sensor fusion node 413 is connected to a second acoustic sensor 404 and a second imaging camera 405. The second sensor fusion node 413 similarly provides data to the field assessment engine 427 and the command assessment engine 424 but, in at least one embodiment, not to the first sensor fusion node 411 or high-speed subject 410 despite being redundantly connected. The purpose of the sensor fusion nodes 411, 413 is to gather data, fuse data to reduce network traffic and overhead, and respond to the monitoring requests and demands of the field assessment engine 427 and command assets.
[0156] The detection, assessment, notification, and engagement process for the configuration illustrated in FIG. 6 proceeds as follows. A rogue pilot 450 sends a command to fly a rogue drone 449 over a second track region 442 in the path of an incoming high-speed subject 410. The radio frequency waveforms of the command signals from the rogue pilot 450 are detected by sensing and sensor fusion assets within the field engagement node 412.
Similarly, the telemetry and data signals back from the rogue drone 449 are detected by sensing and sensor fusion assets associated with the second sensor fusion node 413. These detection events are sent to the field assessment engine 427 with a full data stream and to the command assessment engine 424 with a partial data stream.
[0157] In other distributed assessment configurations having communication networks with high bandwidth available in an operationally appropriate and cost-effective pricing schedule, a full data stream can be provided to one or more field assessment engines and to at least one command assessment engine. In these same or in other distributed assessment configurations having communication networks with low bandwidth available (e.g., the same configuration but at a peak traffic time and higher network bandwidth pricing available from the cellular service operator) may instead provide a limited data set to one or more field assessment engines and to at least one command assessment engine.
[0158] The field assessment engine 427 determines that the RF signatures do, in fact, represent an immediate threat based on their characteristics and location. The field assessment engine 427 notifies its own attached field engagement node 412 of the rogue drone 449 and the rogue pilot 450, including their locations and RF disruption details appropriate for neutralizing both targets. It further notifies the command assessment engine 424 of its findings through the cellular network by way of the second cell tower 422 and the joint fiber backhaul 420. It further notifies the second sensor fusion node 413 to turn its camera towards the rogue pilot 450 location, the first sensor fusion node 411 to turn its camera towards the rogue drone 449 location, and the subject engagement node 447 with RF effector details appropriate for engaging the rogue drone 449 and disrupting its GNSS, command and control uplink, and telemetry and video data downlink channel availability sensing capabilities. The field assessment engine 427 further sends a backup notification to the high-speed subject 410 to alert the engineer and provide targeting information for the subject engagement asset 447 just in case the mesh network is unsuccessful in securing a data link and notification event.
[0159] In the example deployment configuration illustrated in FIG. 6, the high-speed rail air defense system 400 has been pre-authorized to engage potentially lethal threats, so the field engagement node 412 and the subject engagement asset 447 automatically engage the rogue drone 449 and rogue pilot 450. The rogue drone 449 is engaged by a field UAS disruption signal 445 emitted by the field engagement node 412 and engaged by a subject UAS disruption signal 448 emitted by the subject engagement asset 447. The rogue pilot 450 is engaged by a field GCS disruption signal 446 emitted in a separate directional sector simultaneously by the field engagement node 412.
[0160] A key benefit of a distributed threat assessment architecture, such as that shown in FIG. 6, is that the system incorporates redundancy providing fault tolerance. Each local threat assessment engine has the ability to assess a threat based on local resources, and a second opportunity to assess a threat is provided by one or more other threat assessment engines given sufficient time and processing resources. This necessarily includes the ability to have threat assessment engine resources readily available in cases where multiple events have been coordinated by accident or intent.
[0161] A key benefit of a distributed threat assessment architecture is that the decisionmaking surrounding the proper identification and characterization of a threat is performed in a more local manner than with the consolidated threat assessment architecture. This improves the speed of communications and response, especially valuable for engagement scenarios where seconds matter and a slow network or restricted portal could prevent a centralized threat assessment engine from accessing data or providing timely notifications for re-positioning or reprioritizing sensing assets that may be able to assist in gathering data for improved assessment. [0162] A key disadvantage of the distributed threat assessment engine of the UAS defense system 400 is the increased cost and potentially increased maintenance due to the higher complexity of having multiple artificial intelligence engines throughout the deployed UAS defense system 400. There is a further uncharacterized disadvantage in that a hierarchy is established for one threat assessment engine over another, as any engine in the system may or may not have the right to provide commands to sensing and engagement assets. In the presently described configuration of FIG. 6, the field assessment engine 427 has authority over its own colocated assets as well as the nearby field sensor fusion nodes 411, 413. It may also have an override function for asserting command if directed by a human operator of sufficient authority. A separate consideration is for determination of maintenance or malfunction, and how the UAS defense system 400 is tested and/or self-tested and reported so that the command assessment engine 424 can exert authority if the local field engines, such as the field assessment engine 427, needing reboot or repair.
[0163] An element of certain configurations of a UAS defense system is an RF engagement asset used to disrupt the command and control signals uplinked from a ground control station, the GNSS navigation signals used by a ground station or UAS to locate themselves, and/or the telemetry and data links downlinked from the UAS to the ground control station. In at least one configuration of a networked air defense system with integrated threat assessment capability, at least one RF engagement asset will be comprised of directional antennas having a limited field of effect. In the example profile illustration of FIG. 7, such a directional RF engagement asset is shown having at least two antennas with limited elevation directivity.
[0164] A benefit of having directionality in an RF engagement asset is that it substantially reduces the potential for disruptive electromagnetic emissions to emit in directions where there is no perceived threat, but where there may be legitimate users including, but not limited to, important users such as aircraft, security equipment, first responder radios, and other RF applications needed for safety or emergency response. Negatively impacting any lawful users of RF services may be considered “spectral collateral damage” and has varying levels of tolerance in different deployment applications, regions, and even times of day based on lawful traffic and likely presence of important RF services. [0165] The directional RF engagement asset has two regions arranged in line with a vertical axis 503 in line with the Earth’s gravitational pull and a horizontal axis 502 perpendicular to the vertical axis 503. Elevation is defined as being zero degrees (0°) in line with the horizontal axis 502 and as ninety degrees (+90°) in line with the vertical axis 503. An RF asset lower region 500 is positioned below and substantially in line with an RF asset upper region 501, each region containing within at least one directional antenna that is part of an RF generation and transmission circuit.
[0166] In the example of FIG. 7, at least one directional antenna contained in the RF asset lower region 500 is aimed out of the side of its cylindrical radome housing 504, with the highest power aiming vector of its effect designated by a lower antenna centerline 511 seen in FIG. 7 to be oriented at +20° elevation. The relative antenna gain of this aiming vector is defined as 0 dBr, and the gain of the antenna in other directions is lower than this zero-reference level. It is worth noting that this 0 dBr represents a high gain antenna having high directionality, with the example configuration illustrated in FIG. 7 being +11 dBi at one frequency of relevance for RF engagement, but the overall ratings are not used in describing in describing the shape of the antenna gain at different angles relative to their peak aiming performance along their primary aiming vector.
[0167] The lower gain pattern 510 is seen to reduce effective radiated power as the direction angles away from the lower antenna centerline 511 in both positive and negative relative elevation. The elevation beam width in this example is bounded by the lower antenna high angle 512 and the lower antenna low angle 513 representing the points along the lower gain pattern 510 where the relative antenna gain drops to -3 dBr (half of the original power level). In this example, the lower antenna high angle 512 is at +50° and the lower antenna low angle 513 is at -10° (i.e., aimed below the horizon line in a slightly downward direction). Emissions from the lower antenna that are higher in elevation than +50° and lower in elevation than -10° will be less than -3 dBr in signal strength, reducing the potential for collateral spectral damage at particularly high or particularly low elevations.
[0168] The lower elevation aim direction was selected specifically to permit the engagement asset to be mounted in a tower with high visibility to airborne threats, and permit RF engagement of these threats whether they are incoming at a relatively high elevation or flying close to the ground so long as they are sufficiently far in ground-based distance from the tower. Because the elevation of the lower antenna low angle 513 is only -10°, it means that airborne threats down low but very close to the tower itself are less likely to be significantly affected by the RF engagement asset. This also means that there is a reduced impact on friendly spectral use below the tower itself in the immediate vicinity, which may be a security station or other important service asset.
[0169] In the example of FIG. 7, at least one directional antenna contained in the RF asset upper region 501 is similarly aimed out of the side of its spherical radome housing, with the highest power aiming vector of its effect designated by an upper antenna centerline 521. Its vector is oriented at +15° elevation with its relative gain defined as 0 dBr and its absolute gain being +7 dBi at one frequency of relevance for RF engagement.
[0170] The upper gain pattern 520 is seen to reduce effective radiated power as the direction angles away from the lower antenna centerline 511, bounded by the upper antenna high angle 522 and the upper antenna low angle 523 aligned with the points along the upper gain pattern 520 where the relative antenna gain drops to -3 dBr. In this example, the upper antenna high angle 522 is at +35° and the upper antenna low angle 523 is at -20°. Emissions from the lower antenna that are higher in elevation than +35° and lower in elevation than -20° will be less than -3 dBr in signal strength, similarly reducing the potential for collateral spectral damage at particularly high or particularly low elevations.
[0171] One aspect of the upper antenna gain characteristics is that a relatively high gain is preserved throughout the higher elevations, which is why this antenna was selected to be mounted in the RF asset upper region 501. Along the vertical axis 503, the gain of the upper antenna is -7 dBr, which is much higher than would be seen with typical antennas 55° off of their centerline. This selection permits the upper antenna to effectively engage targets that are exactly above the RF engagement asset, with the recognition that the effective radiated power will be about 20% that of its primary centerline and therefore its effective range (upwards at high-elevation threats) will be reduced. Range is generally an inverse square root relationship with transmission power, so the nominal effective range would be about 45% of its effective range at primary centerline. This is likely to be further reduced based on the antenna characteristics of the threat, which are likely to have a moderate omnidirectional gain along the axial azimuthal direction but a very low gain directly below (and above, less relevantly) a drone, as known to those skilled in the art of RF communication system development.
[0172] FIG. 8A is a plan view illustration of a directional switched antenna subsystem 590 including a cross-sectional schematic of a sectorized RF engagement asset 530 comprised of switched high-gain antennas. Other elements utilized for the proper configuration of a complete RF engagement asset are not pictured, so that the figure can focus on explaining an example for enabling an RF engagement asset to engage one or more threats from different directions with a reduced RF emission profile. Further benefits include reduced output power relative to that used by conventional omnidirectional RF engagement asset antennas. [0173] No system has been successfully deployed using the configuration shown in FIG. 8A due to an increased complexity and cost and generally lack of need for reducing spectral collateral damage. In an air defense system deployed among publicly accessible areas (or functionally accessible for a drone regardless of legality) to protect large and long infrastructure like roads and bridges, however, a major benefit of directional systems is the reduced spectral collateral damage to lawful radio frequency signal users.
[0174] The example of FIG. 8 A illustrates a stationary example of the directional switched antenna subsystem 590, which has a particular benefit over a typical rotating pan-tilt system of increased mean time before failure due to the lack of moving parts. This advantage is particularly important for systems deployed to protect remote regions such as oil pipelines and high-speed rails, which are often in areas challenging for regular maintenance crews to access complex equipment and perform regular service. In a switched system, sufficient antennas are positioned around shared resources for RF generation and possibly including power amplification. The antenna beam patterns are overlapped radially such that when one antenna begins to degrade, an adjacent antenna begins to perform better to take over an RF engagement response.
[0175] The arrangement of antennas shown in FIG. 8 A has a north antenna 531 that can be aimed with its primary aim direction along its north centerline 541 as +90° azimuth (due North) with relative gain defined as 0 dBr. The antenna has a north gain pattern 540 describing its drop in gain with azimuthal direction in both clockwise (cw) and counterclockwise (ccw) directions. The point where the gain drops to -3 dBr in the counterclockwise direction is the north ccw line 542 located at azimuth of +120°. The point where the gain drops to -3 dBr in the clockwise direction is the north cw line 543 located at azimuth of +60°. Any threat that engages from an incoming vector in the region of azimuth +60° to +120° can be effectively engaged by the north antenna 531. Below +60° or above +120°, the radiated output power level drops precipitously as intimated by the sharp curvature of north gain pattern 540 and a different antenna should be selected for engagement.
[0176] The arrangement of antennas in the sectorized RF engagement asset 530 has a northwest antenna 532 that can be aimed with its primary aim direction along its northwest centerline 551 at +135° azimuth (due Northwest) with its relative gain defined as 0 dBr. As with the north gain pattern 540, this antenna has a northwest gain pattern 550 dropping in each azimuthal direction away from its centerline, down to -3 dBr at the northwest ccw line 552 at +165° and at the northwest cw line 553 at +105°. Any threat that engages from an incoming vector in the region of azimuth +105° to +165° can be effectively engaged by the northwest antenna 532. [0177] There exists an overlap in the effective engagement angles of the north antenna 531 and the northeast antenna 532 between +105° and 120°, where both antennas 531, 532 may be able to effectively engage a threat. This overlap is used for transitioning between the north sector antenna and the northeast sector antenna for a moving target or enables multiple sectors to simultaneously engage a target in or near the overlapping zone.
[0178] In a similar manner as the northwest antenna 532 is configured, a northeast antenna 533 can be positioned with a northeast centerline 556 at +45° azimuth (due Northeast) with relative gain 0 dBr. The northeast gain pattern 555 drops down to -3 dBr at the northeast ccw line 557 at +75° and at the northeast cw line 558 at +15°. Any threat that engages from an incoming vector in the region of azimuth +15° to +75° can be effectively engaged by the northeast antenna 533, noting an overlap with the effective engagement area of the north antenna 531 between +60° and +75°.
[0179] Other antennas can be similarly arranged in an azimuthal pattern to face each of the ordinal directions for the effective engagement of any threats from any azimuthal direction. These antennas include a west antenna 534 at 180°, an east antenna 535 at 0°, a southwest antenna 536 at -135°, a southeast antenna 537 at -45°, and a south antenna 538 at -90°.
[0180] In the example configuration illustrated in FIG. 8A, any four antennas can be powered by the RF generation circuitry not pictured, providing for sectorized coverage capable of any four sectors simultaneously while still allowing for high power efficiency and a minimum of spectral collateral damage in the four sectors that are not engaged.
[0181] A different phased antenna subsystem 591 for reducing collateral spectral damage is illustrated in the cross-sectional schematic of the quadratic antenna arrays of a phased array engagement asset 560, shown in FIG. 8B. In the phased antenna subsystem 591, multiple phased array antennas are positioned in an azimuthal arrangement to cover different sectors. Each phased array antenna has the capability to form one or more antenna gain patterns that provide a high gain and directivity in the azimuthal direction and can move the azimuthal aim direction of this beam through the reconfiguration of its beamforming circuitry.
[0182] Reconfiguration occurs through the use of changing the amplitude and phase of the signals sent to the array elements such that they have constructive interference in one "aimed" direction desired, but generally destructive or disassociated interference in other directions. The example phased antenna subsystem 591 illustrated in FIG. 8B uses a digital beamforming capability wherein the signals as generated contain the phase and amplitude variance, using significant processing power but generally having a simplified front end architecture as compared to analog beamforming circuitry. [0183] The entire antenna array, front end, and beamforming circuitry are beyond the scope of discussion in the present subject matter but are well known to those skilled in the art of phased array antenna design. Each phased array, rather, is shown in schematic form as a 90° solid arc-segment with the curvature aimed in the four ordinal directions associated with the arranged sectors of coverage. A northern array 561 physically can aim down a northern centerline 571, a western array 562 physically can aim down a western centerline 581, an eastern array 563 can physically aim down an eastern centerline 586, and a southern array 564 can aim in a southern direction down a centerline not shown in the interest of clarity over completeness. [0184] While the northern array 561 is physically aimed with its broadside facing along the northern centerline 571, the aim direction of its northern radiation pattern 574 can be reconfigured anywhere in the northern sector 570. It can be aiming anywhere from the northern west bound 572 at +145° over to the northern east bound 573 at +35° or anywhere in between as shown by digitally adjusting its beamforming characteristics. The greatest advantage of this arrangement over the switched antenna arrangement is that is permits a higher resolution of targeting an aim direction of RF engagement and minimizing the spectral contamination. One particular advantage of phased array antennas is that a beam can be formed with special attention to the formation of nulls in particular direction as well as high-gain beams, so that known friendly or neutral RF users can be minimally affected through the use of steering nulls in their direction. Their spectral use will therefore not be adversely affected even though an RF engagement action can be performed in their sector physically nearby.
[0185] In a similar manner, the western array 562 can be physically aimed with its broadside facing along the western centerline 581, but its radiation pattern can be reconfigured anywhere in the western sector 580 between the western south bound 582 at -125° and the western north bound 583 at +125°. In an analogous fashion as the switched array of FIG. 8A, an overlap is seen in the coverage available between the western sector and the norther sector between +125° and +145°. As with the switched array, this overlap is used for handing off RF engagement between two sectors for moving targets to best address multiple targets occupying both sectors and can permit the simultaneous engagement across multiple sectors as well.
[0186] An equivalent overlap region between the northern and eastern regions also exists. The eastern sector 585 spans from the eastern north bound 587 at +55° to the eastern south bound 588 at -55°, permitting reconfiguration of an RF effector beam anywhere in between. The overlap between +35° and +55° is readily seen, permitting engagement handoff or multiple effect as needed throughout an engagement event.
[0187] Another example physical deployment of a distributed threat assessment air security system 600 is shown in the plan- view schematic illustration of FIG. 9, which shows a layout of a hypothetical harbor complex 601 for a region, such as a metropolitan region, protected by a breakwall shown as a thick black line and with distributed assets protecting the harbor complex 60 las well as a nearby oil platform 602. A scale in the lower left-hand area shows the tremendous realistic size of the metropolitan harbor complex 601, as the kilometer scale 690 and mile scale 691 showing two units each can attest.
[0188] The harbor complex 601 itself is shown with regions having a diagonal hatching representing pier areas where ships would be loaded and unloaded along with vertical and horizontal hatching representing predominantly freight areas where containers are stored and reconfigured for trucking in and out of the complex. These differentiated regions are important to note as the type of threats for each region are different, as is the level of security access. A drone operator, for example, could easily enter a freight area using a faked ID, whereas the pier areas have separately managed entrances and exits reserved for dedicated port employees and ship crew with escorts typically utilized for visitors.
[0189] The RF and visual environments between these regions are also dissimilar, as there are towers and cranes available throughout each, but the ubiquitous cargo containers create visual and RF blockages throughout the freight area, creating regions where sensing and engaging assets may struggle to protect their own regions and may utilize overlap with neighboring assets to provide coverage. Such an environment substantially increases the value and effectiveness of a distributed threat assessment system, such as distributed system 110, as local sensing assets from any neighboring cell can be commanded to provide support to a suspicious event assessment need or emerging threat.
[0190] A typical centralized threat assessment system, by contrast, may struggle with the enormity of available assets and may be more easily overwhelmed by a coordinated threat with multiple events that is assessed and correlated simultaneously, providing a single bottlenecked source of failure. Similar weaknesses in networking between assets can be readily imagined in a port environment, where network availability will change from day to day based on the presence of large docked ships and mountainous stacks of containers higher than observation towers used to provide security (and mount sensing assets and communication networking equipment).
[0191] The primary shipping lanes used for the port complex are shown as dashed lines that pass through dredged channels in the waters approaching a breakwall. The western shipping lane 606 passes through a gap between the western breakwall 603 and the central breakwall 604 to access the first major pier 611, second major pier 612, third major pier 613, and minor piers beyond including a first minor pier 617, second minor pier 618, and third minor pier 619 deep within the complex. An eastern shipping lane 607 passes through a gap between the central breakwall 604 and an eastern breakwall 607 to access the fourth major pier 614, fifth major pier 615, and sixth major pier 616 beyond.
[0192] Small pleasure craft would generally pass through access regions outside the major shipping lanes to keep commercial and consumer traffic separated and safe from each other, with a marina region 610 seen off to the right-hand side. Larger pleasure craft such as cruise ships would be integrated with the navigational system of the port complex and would access the sixth major pier 616 through the eastern shipping lane 607.
[0193] Despite the fact that the minor piers 617-619 can be four to five miles within the port complex, they need a similar level of air defense, so pervasive assets are deployed to cover the region with overlapping areas of effect to cover both directions of anticipated blockages by large vessels and cargo storage regions. The innermost freight regions continue into other facilities that have generally different air defense needs and are not illustrated for the purposes of this deployment, although they would still be networked for coordinated defense.
[0194] The terminal freight area 620 is a major access point and needs coverage from both north and south approach avenues, plus coverage from its southwestern piers where line of sight will be restricted throughout different periods of each day. The forward freight area 621, though small, plays a similar role for the eastern major piers, serving more for organization and transport access and therefore would have more open access for sensing assets as well as coordinated engagement. The western freight area 622 provides a mix of ephemeral storage with high movement of contents to the first minor pier 617 but generally has good visual and RF access as the loads are smaller and distribution even, therefore does not need dedicated internal assets for protection. The general freight area 624 focuses on longer-term storage and customs holds, with a low movement rates of cargo and a low security profile not needing dedicated assets and limited coverage. The access freight area 623, by contrast, features the weakest physical security with many gates and high truck traffic, and the highest movement of small loads in and out. It also has the easiest escape paths for agents provocateur seeking to leave the scene of an attack, and therefore needs a high level of air security and overlapping asset coverage.
[0195] Protection assets near the water are deployed as follows: an oilrig threat node 630 comprises sensing and sensor fusion assets, engagement assets, and a threat assessment engine, providing an oilrig radius 631 of protection. The oilrig threat node 630 has both open network and closed wireless mesh network connections to buoy-based sensor fusion nodes providing seamless event detection capabilities of the eastern shipping lane 607 and marina traffic up to and beyond the breakwater. A first buoy fusion node 632 provides a first buoy radius 633 of detection, and a second buoy fusion node 634 provides a second buoy radius 635 of detection. A buoy engagement node 636 provides a buoy engagement radius 637 of protection with a combined sensor fusion suite and engagement assets covering several square miles of open water within the breakwall that might otherwise be hidden from line of sight of other engagement capabilities.
[0196] Another primarily water asset is a marina threat node 638 having both open network and closed wireless mesh network connections to its neighboring assets as well as its own sensing, fusion, and engagement assets protecting a marina radius 639. One of these neighbors is the eastern engagement node 640 protecting the entrance for the eastern shipping lane 607 with an eastern shipping radius 641. A second neighbor is the eastern interior node 642, also with sensing, fusion, and engagement assets protecting an eastern interior radius 643. This node is further connected with open and closed wireless networks to further neighbors for maximum speed and redundancy of data sharing. The third neighbor is the access engagement node 656 providing sensing, fusion, and engagement assets protecting an access radius 657. [0197] The western shipping lane 606 and major ports served are protected initially by a western engagement node 646 providing sensing, fusion, and engagement assets protecting western shipping radius 647. This node is connected through open and closed wireless networks to the western threat node 650, the threat assessment engine and supporting assets for this region. An additional west pier engagement node 648 provides additional open water coverage with its sensing, fusion, and engagement assets across west pier radius 649. The last asset protecting water access to the terminal freight area 620 is the terminal engagement node 644 providing sensing, fusion, and engagement protection across terminal radius 645.
[0198] The central waterways and inland freight area region have their own threat monitoring provided by command threat node 654, providing the full suite of protection assets across the command radius 655 and also serving as the master command center for the air security system 600. This command threat node 654 protects the north side and waterway access by small craft to the terminal freight area 620, an important zone for a backside of the highest volume of cargo traffic. The western central waterways and piers are covered by the central engagement node 652, providing sensing, fusion, and engagement protection across the central radius 653.
[0199] Across these nodes, adjacent nodes are installed in such a manner as to have a closed mesh network between them using fixed wireless point-to-point data terminals. Communication between the three distributed threat assessment engines and the command node are also provided by fixed point-to-point wireless networking equipment as well as open cellular traffic for redundancy, network resilience, and overall bandwidth to support multiple notification recipients. [0200] It is readily imagined that in the depths of the port compounds and infrastructure that individual agents could readily infiltrate and launch an attack, but the pervasive and overlapping coverage of sensing assets and engagement assets mean that any significant travel distance (>2 km) generally preferred for the personal safety of the pilot would be detected and, importantly, attempted to be countered before it can be perpetrated to completion.
[0201] Another example physical deployment of a centralized threat assessment air defense system is UAS protection system 701 shown in the stylized schematic illustration of FIG. 10, which shows a bridge defense application. A large bridge 700 has an attached incoming highway 66 and an attached incoming railway 55, as well as an attached outgoing highway 766 and an attached outgoing railway 755. An incoming rail class 710 is traveling towards the large bridge 700 and similarly, an incoming prime truck 775 is optimally traversing the incoming highway 66 towards the large bridge 700. Meanwhile, a dangerous drone 749 is flying low along the riverbed and enters the bridge region.
[0202] It is obviously recognized that in a different engagement scenario, the definition of an incoming side of the bridge and an outgoing side of the bridge could be reversed for highway and rail traffic traveling in the opposite direction, and that a blend of sides of incoming vs. outgoing of either or both traversing techniques is possible simultaneously. For the discussion of the operation in the presently described event, however, there are vehicles incoming from only a single direction, so the sides are defined thusly for convenience sake and no other.
[0203] The large bridge 700 has been outfitted with sensing, effecting, fusion, and threat detection assets for protection, and both an open cellular network and a closed wireless mesh network are used for communications between the various assets, as discussed above. Unfortunately for the example engagement, certain wireless data links have been compromised for a variety of reasons as described, and the open cellular network becomes an important pathway for several data links between nodes.
[0204] Along a region of the incoming highway 66 is deployed an incoming fusion node 711 outfitted with acoustic, RF, and camera sensing assets. Incoming fusion node 711 is connected to the system through the open wireless network by way of an incoming cellular tower 722. The incoming fusion node 711 is sufficiently far away that its onboard wireless network radio does not reach any other assets with a reliable data connection at the time of year of the example engagement, as non-native foliage grows in an aggressive manner to partially block the line of sight established between antennas during initial winter-time installation. Fortunately, the incoming fusion node 711 was installed close to the incoming cellular tower 722 and has a year-round reliable connection. [0205] The threat assessment node 712 contains sensing, sensor fusion, engagement, and threat assessment assets, as discussed above, and is deployed on the incoming side of the bridge. It is also connected by an open cellular network by way of incoming cellular tower 722. It has a radio configured for wireless mesh networking to the incoming fusion node 711, but this data link is presently blocked by foliage as previously described. It also has a radio configured for wireless mesh networking to the outgoing engagement node 714 on the far side of the bridge, but the radio on the outgoing engagement node 714 is presently non-functional due to a corroded RF cable unprotected against the elements by an inappropriately trained installer. The outgoing engagement node 714 contains sensing, fusion, and engagement assets, and, like the threat assessment node 712, is reliant exclusively on the open cellular network for communications links at this time, although its link is by way of outgoing cellular tower 723.
[0206] Two additional assets protect the bridge with sensing capabilities, the central fusion node 713 outfitted with acoustic, RF detection, and camera sensing assets as well as sensor fusion capabilities. It is positioned on the underside of the large bridge 700 specifically to detect intrusions, monitor corrosion, and other safety concerns. Due to its disadvantageous RF conditions for being on the underside of the bridge, its only communications link is through a wireless mesh network connection to an outgoing fusion node 715 on the far side of the valley. Fortunately, this outgoing fusion node 715 is well positioned with its own open cellular network connection through outgoing cellular tower 723. In at least one configuration based on a lack of alternative available communication paths, all data and notifications from both the central fusion node 713 and its own sensing and fusion assets are sent through this open cellular network to the threat assessment node 712.
[0207] The command assets are not physically located in a geologically similar region to the large bridge 700 deployment. It is entirely reliant on communications through the open cellular network for notifications from the incoming threat engine 712 to keep apprised of local events and identified threats. Note that the backhaul connection between the cellular towers is omitted in FIG. 10 for the purpose of illustration clarity.
[0208] The example of detection, threat assessment, notification, and engagement begins as the dangerous drone 749 is detected by the remote acoustic and RF sensors of central fusion node 713 along the riverbed flying towards the large bridge 700. The central fusion node combines the acoustic and RF emission data but has no optical confirmation of a drone operating in the area. It has no idea that the foliage has overgrown the riverbanks and blocks much of its view of the riverbed below three meters in elevation. A blended combination of regionalized acoustic data is sent with coarsely triangulated RF emissions in a data package by mesh network to the outgoing fusion node 715 which relays this data package using the open cellular network to the threat assessment node 712.
[0209] Meanwhile, the threat assessment node 712 has also picked up RF emission activity, but, like the central fusion node 713, it has no successful optical confirmation due to obstructed line of sight. No other sensor picks up any activity of the dangerous drone 749 and no assets of any kind detect any presence of a ground control station or pilot. As it happens, the pilot is actually located miles away and is using the cellular network itself to control the dangerous drone 749 by way of outgoing cellular tower 723, the same tower relaying sensor data for the air defense system(!).
[0210] The assessment engine in the threat assessment node 712 quickly determines that the event has an acoustic signature matching a heavily laden DJI Inspire-class drone and an RF signature matching the Inspire II model as updated for a neighboring nation with different channels available for command and control datalinks. The event is immediately classified as an active threat, but unfortunately, the location is not yet well known because of the crude data and restricted data flow provided by the central fusion node 713.
[0211] The assessment engine has an internal clock that is synchronized between all of the various supporting assets and updated regularly through both the cellular network and its GNSS satellite positioning data. It is able to time correlate the incoming data, e.g., within twenty nanoseconds of its true time correlation, and calculates an incoming emission front that permits much finer resolution in transmitter triangulation. Of seven calculated eigensolutions for possible wavefront vectors of an emitting drone, only two are physically possible due to topography, and notifications are sent out to all camera assets in the region to inspect both sites and their surrounds in case the triangulation calculations are incorrect based on the variance from perfectly synchronized clocks. This is a limitation as every nanosecond of variance is equivalent to 3 meters of electromagnetic wave travel time and triangulation will be accordingly inaccurate unless analyzed over many sample times where clock variance can be largely eliminated.
[0212] The assessment engine of the threat assessment node 412 has now identified a threat, sent notifications to sensor assets to attempt to gather more data, and has now calculated an approximate bearing for a nearby threat. It estimates that the outgoing engagement asset 414 is best positioned for a "blind" attack through the foliage at the waterline, and it further calculates that despite the RF protection afforded by said foliage, its proximity to outgoing engagement asset 414 is likely to permit effective engagement. A notification is sent with the correct foreign channels presently being used and detected for long range telemetry and video data. A further notification is sent to a command regarding the lack of a command and control data link, and presence of a cellular call made a few seconds before the dangerous drone 749 was detected.
[0213] A further set of notifications are sent to the intrepid subjects hurtling towards their unrealized fate. A first subject notification of the presence of a drone with moderate payload at the riverbed is sent to the prime truck 775 through the cellular network by way of mountain cellular tower 721. A similar notification is attempted to be sent to the incoming rail class 710 through mountain cellular tower 721 as its last ping designated it as the most appropriate tower for the notification. However, the incoming rail class 710 is presently being handed off to incoming cellular tower 722 as there is an intervening jumbo mountain 767 and cellular service through mountain cellular tower 721 fails quickly for the high-speed rail subject. The pilots of both subject vehicles immediately slow their vehicles in response and a separate phone call direct to command is initiated for each pilot so that they may be apprised of additional developments over the coming minutes as they approach.
[0214] In this deployment, a specific notification is sent by command before GNSS or cellular disruption can be deployed by an engagement asset. When command reviews the threat profile and presence of the cellular data link, she approves the use of GNSS and cellular disruption, and outgoing engagement node 414 sends a disruption signal 745 to wipe out the uplink connection to the drone (defined as cellular tower downlink connection from the tower) as well as the GNSS connection of all bands in all satellite services. The dangerous drone 749, now lacking command, control, and position data stays hovering a few meters above the river surface for a few seconds before it drifts and slowly veers sideways towards a watery doom. Based on the heightened threat of its laden weight detected by the acoustic sensors, the bomb squad of the local police force is summoned to retrieve the wreckage at their expedient convenience.
[0215] With reference to FIG. 11, an exemplary general -purpose computing device is illustrated in the form of the exemplary general-purpose computing device 1100. The general- purpose computing device 1100 may be of the type utilized for the sensor nodes 1-9, 101-109, the fusion nodes Al 11, A2 12, Bl 111, B2, 112, the threat assessment engines A 24, Bl 121, B2, 127, B3 1224 (FIGS. 1 and 2) as well as the other computing devices within the air defense system 10 and/or distributed system 110, as the other computing devices with which these devices may communicate through the networks A 20, A 30, B 120, and/or B 130 (FIGS. 1 and 2). As such, it will be described with the understanding that variations can be made thereto. The exemplary general -purpose computing device 1100 can include, but is not limited to, one or more central processing units (CPUs) 1120, a system memory 1110, such as including a Read Only Memory (ROM) 1131 to store a Basic Input/Output System (BIOS) 1133 and a Random Access Memory (RAM) 1132, and a system bus 1121 that couples various system components including the system memory to the processing unit 1120. The system bus 1121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. Depending on the specific physical implementation, one or more of the CPUs 1120, the system memory 1130 and other components of the general-purpose computing device 1100 can be physically co-located, such as on a single chip. In such a case, some or all of the system bus 1121 can be nothing more than communicational pathways within a single chip structure and its illustration in FIG. 11 can be nothing more than notational convenience for the purpose of illustration.
[0216] The general-purpose computing device 1100 also typically includes computer readable media, which can include any available media that can be accessed by computing device 1100. By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. Computer storage media includes media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD- ROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the general-purpose computing device 1100. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of the any of the above should also be included within the scope of computer readable media.
[0217] When using communication media, the general-purpose computing device 1100 may operate in a networked environment via logical connections to one or more remote computers. The logical connection depicted in FIG. 11 is a general network connection 1171 to the network 1190, which can be a local area network (LAN), a wide area network (WAN) such as the Internet, or other networks. The computing device 1100 is connected to the general network connection 1171 through a network interface or adapter 1170 that is, in turn, connected to the system bus 1121. In a networked environment, program modules depicted relative to the general -purpose computing device 1100, or portions or peripherals thereof, may be stored in the memory of one or more other computing devices that are communicatively coupled to the general -purpose computing device 1100 through the general network connection 1171. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between computing devices may be used.
[0218] The general-purpose computing device 1100 may also include other removable/non-removable, volatile/nonvolatile computer storage media. By way of example only, FIG. 11 illustrates a hard disk drive 1141 that reads from or writes to non-removable, nonvolatile media. Other removable/non-removable, volatile/nonvolatile computer storage media that can be used with the exemplary computing device include, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like. The hard disk drive 1141 is typically connected to the system bus 1121 through anon-removable memory interface such as interface 1140.
[0219] The drives and their associated computer storage media discussed above and illustrated in FIG. 11, provide storage of computer readable instructions, data structures, program modules and other data for the general-purpose computing device 1100. In FIG. 11, for example, hard disk drive 1141 is illustrated as storing operating system 1144, other program modules 1145, and program data 1146. Note that these components can either be the same as or different from operating system 1134, other program modules 1135 and program data 1136, stored in RAM 1132. Operating system 1144, other program modules 1145 and program data 1146 are given different numbers here to illustrate that, at a minimum, they are different copies. [0220] The network interface 1170 facilitates outside communication in the form of voice and/or data. For example, the communication module may include a connection to a Plain Old Telephone Service (POTS) line, or a Voice-over-Intemet Protocol (VOIP) line for voice communication. In addition, the network interface 1170 may be configured to couple into an existing network, through wireless protocols (Bluetooth, 802.1 la, ac, b, g, n, or the like) or through wired (Ethernet, or the like) connections, or through other more generic network connections. In still other configurations, a cellular link can be provided for both voice and data (i.e., GSM, CDMA or other, utilizing 2G, 3G, and/or 4G data structures and the like). The network interface 1170 is not limited to any particular protocol or type of communication. It is, however, preferred that the network interface 1170 be configured to transmit data bidirectionally, through at least one mode of communication. The more robust the structure of communication, the more manners in which to avoid a failure or a sabotage with respect to communication, such as to collect sensor data in a timely manner.
[0221] The program module 1135 comprises a user interface which can configure the disclosed components of the air defense system 10 and/or distributed system 110. In many instances, the program module 1135 comprises a keypad with a display that is connected through a wired connection with the CPU 1120. Of course, with the different communication protocols associated with the network interface 1170, the program module 1135 may comprise a wireless device that communicates with the network interface 1170 through a wireless communication protocol (i.e. , Bluetooth, Wi-Fi, etc.). In other embodiments, the program module 1135 may comprise a virtual programming module in the form of software that is on, for example, a smartphone, in communication with the network interface 1170. In still other embodiments, such a virtual programming module may be located in the cloud (or web based), with access thereto through any number of different computing devices. Advantageously, with such a configuration, a user may be able to communicate with the disclosed components of the air defense system 10 and/or distributed system 110 remotely, with the ability to change functionality.
[0222] The foregoing description merely explains and illustrates the disclosure and the disclosure is not limited thereto except insofar as the appended claims are so limited, as those skilled in the art who have the disclosure before them will be able to make modifications without departing from the scope of the disclosure.

Claims

WHAT IS CLAIMED IS:
1. A system comprised: a first plurality of sensor nodes to provide first sensor data; a second plurality of sensor nodes to provide second sensor data; a fusion node, in communication with the first plurality of sensor nodes, to merge the first sensor data into a combined sensor data set and to provide the combined sensor data set; a threat assessment engine, in communication with the fusion node and the second plurality of sensor nodes, to receive the second sensor data and the combined sensor data set, determine, based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set, and notify the subject of the potential intersect of the threat with the subject.
2. The system according to claim 1, wherein the first and second sensor data includes at least one of electro-optical/infrared camera data, RF sensor data, and acoustic data.
3. The system according to claim 1, wherein the fusion node is a first fusion node and the combined sensor data set is a first combined sensor data set, the system further comprises: a third plurality of sensor nodes to provide third sensor data; and a second fusion node, in communication with the third plurality of sensor nodes, to merge the third sensor data into a second combined sensor data set and provide the second combined sensor data set; wherein the threat assessment engine further to receive the second combined sensor data set and make the threat assessment based on at least one of the second sensor data, the first combined sensor data set, and the second combined sensor data set.
4. The system according to claim 1, wherein the threat is a drone and the subject is at least one of a truck, a train, a ship, and a harbor facility.
5. The system according to claim 1, further comprising a time & control factors resource, the threat assessment engine receiving command and security control factors from the time & control factors resource, the security control factors from the time & control factors including at least one of digital signature keys to validate a legitimacy of the first and second sensor data, an allowable communications waveform, and a data packet size of the second sensor data and the combined sensor data set.
52
6. The system according to claim 1, further comprising a cellular network, the first plurality of sensor nodes providing the first sensor data via the cellular network and the fusion node providing the combined sensor data set via the cellular network.
7. The system according to claim 1, further comprising a database to provide the threat assessment engine with a library of different threat profiles of data representing previously encountered threats in at least one of training and in the field.
8. The system according to claim 1, wherein the threat assessment engine is a first threat assessment engine, the system further comprising: a third plurality of sensor nodes to provide third sensor data; and a second threat assessment engine, in communication with the third plurality of sensor nodes and a third threat assessment engine, to receive the third sensor data, determine, based on the received third sensor data, another time and another location of another potential intersect of another threat with another subject based on the third sensor data, and notify the another subject of the potential intersect of the another threat with the another subject, the third threat assessment engine receiving the determined another potential interest of another threat with another subject from the second threat assessment engine.
9. The system according to claim 1, wherein the threat assessment engine further notifies an engagement asset of the potential intersect of the threat with the subject.
10. The system according to claim 9, wherein the engagement asset is a jammer.
11. The system according to claim 1 , further comprising a fusion node controller associated with the fusion node, the fusion node controller to relay control commands for the fusion node to begin searching for the threat.
12. The system according to claim 1, wherein the threat assessment engine provides notification that the system has been compromised.
13. The system according to claim 1, further comprising a first plurality of sensor controllers, associated with the second plurality of sensor nodes, to receive notification from the threat assessment engine to track the threat.
53
14. A method comprised: providing, by a first plurality of sensor nodes, first sensor data; providing, by a second plurality of sensor nodes, second sensor data; merging, by a fusion node in communication with the first plurality of sensor nodes, the first sensor data into a combined sensor data set; providing, by the fusion node, the combined sensor data set; receiving, by a threat assessment engine in communication with the fusion node and the second plurality of sensor nodes, the second sensor data and the combined sensor data set; determining, by the threat assessment engine and based on the received second sensor data and combined sensor data set, a time and location of a potential intersect of a threat with a subject based on at least one of the second sensor data and the combined sensor data set; and notifying, by the threat assessment engine, the subject of the potential intersect of the threat with the subject.
15. The method according to claim 14, wherein the first and second sensor data includes at least one of electro-optical/infrared camera data, RF sensor data, and acoustic data.
16. The method according to claim 14, wherein the fusion node is a first fusion node and the combined sensor data set is a first combined sensor data set, the method further comprises: providing, by a third plurality of sensor nodes, third sensor data; and merging, by a second fusion node in communication with the third plurality of sensor nodes, the third sensor data into a second combined sensor data set and provide the second combined sensor data set; receiving, by the threat assessment engine, the second combined sensor data set; making, by the threat assessment engine, the threat assessment based on at least one of the second sensor data, the first combined sensor data set, and the second combined sensor data set.
17. The method according to claim 14, wherein the threat is a drone and the subject is at least one of a truck, a train, a ship, and a harbor facility.
18. The method according to claim 14, further comprising receiving, by the threat assessment engine, command and security control factors from a time & control factors resource, the security control factors from the time & control factors including at least one of
54 digital signature keys to validate a legitimacy of the first and second sensor data, an allowable communications waveform, and a data packet size of the second sensor data and the combined sensor data set.
19. The method according to claim 14, wherein the first plurality of sensor nodes provide the first sensor data via a cellular network and the fusion node provides the combined sensor data set via the cellular network.
20. The method according to claim 14, further comprising providing, by a database, the threat assessment engine with a library of different threat profiles of data representing previously encountered threats in at least one of training and in the field.
21. The method according to claim 14, wherein the threat assessment engine is a first threat assessment engine, the method further comprising: providing, by a third plurality of sensor nodes, third sensor data; and receiving, by a second threat assessment engine in communication with the third plurality of sensor nodes and a third threat assessment engine, the third sensor data; determining, by the second threat assessment engine, based on the received third sensor data, another time and another location of another potential intersect of another threat with another subject based on the third sensor data; notifying, by the second threat assessment engine, the another subject of the potential intersect of the another threat with the another subject; and receiving, by the third threat assessment engine, the determined another potential interest of another threat with another subject from the second threat assessment engine.
22. The method according to claim 14, further comprising notifying, by the threat assessment engine, an engagement asset of the potential intersect of the threat with the subject.
23. The method according to claim 22, wherein the engagement asset is a jammer.
24. The method according to claim 14, further comprising relaying, by a fusion node controller associated with the fusion node, relay control commands for the fusion node to begin searching for the threat.
55
25. The method according to claim 14, further comprising providing, by the threat assessment engine, notification that the system has been compromised.
26. The method according to claim 14, further comprising receiving, by a first plurality of sensor controllers associated with the second plurality of sensor nodes, notification from the threat assessment engine to track the threat.
PCT/US2021/048719 2020-09-01 2021-09-01 Networked air defense infrastructure with integrated threat assessment WO2022093397A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US202063073164P 2020-09-01 2020-09-01
US63/073,164 2020-09-01

Publications (2)

Publication Number Publication Date
WO2022093397A2 true WO2022093397A2 (en) 2022-05-05
WO2022093397A3 WO2022093397A3 (en) 2022-07-21

Family

ID=81384460

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2021/048719 WO2022093397A2 (en) 2020-09-01 2021-09-01 Networked air defense infrastructure with integrated threat assessment

Country Status (1)

Country Link
WO (1) WO2022093397A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023112017A1 (en) * 2021-12-19 2023-06-22 Elta Systems Ltd. System and method for radar system defense
EP4322035A1 (en) * 2022-08-09 2024-02-14 BAE SYSTEMS plc Determining utilisation of resources in a system having autonomous capability
WO2024033609A1 (en) * 2022-08-09 2024-02-15 Bae Systems Plc Determining utilisation of resources in a system having autonomous capability

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9715009B1 (en) * 2014-12-19 2017-07-25 Xidrone Systems, Inc. Deterent for unmanned aerial systems
KR101844507B1 (en) * 2017-11-13 2018-04-03 주식회사 마이크로넷 Monitoring Service System with apparatus for Monitoring Combined with Thermal Infrared Temperature Array Sensor and Image Camera
US20190221092A1 (en) * 2018-01-16 2019-07-18 Honeywell International Inc. Systems and methods for detecting an unknown drone device
RU2695015C1 (en) * 2018-11-08 2019-07-18 Акционерное общество "Научно-производственное предприятие "Дельта" Method of detecting and hitting unobtrusive combat mini- and micro-drones
CN111681383A (en) * 2020-06-24 2020-09-18 成都劳杰斯信息技术有限公司 Railway locomotive running ground environment sensing technology

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023112017A1 (en) * 2021-12-19 2023-06-22 Elta Systems Ltd. System and method for radar system defense
EP4322035A1 (en) * 2022-08-09 2024-02-14 BAE SYSTEMS plc Determining utilisation of resources in a system having autonomous capability
WO2024033609A1 (en) * 2022-08-09 2024-02-15 Bae Systems Plc Determining utilisation of resources in a system having autonomous capability

Also Published As

Publication number Publication date
WO2022093397A3 (en) 2022-07-21

Similar Documents

Publication Publication Date Title
US11145212B2 (en) Unmanned aerial vehicle systems
Park et al. Survey on anti-drone systems: Components, designs, and challenges
US20210358311A1 (en) Automated system of air traffic control (atc) for at least one unmanned aerial vehicle (uav)
WO2022093397A2 (en) Networked air defense infrastructure with integrated threat assessment
ES2264006T3 (en) AIRCRAFT SYSTEM AND GROUND STATION FOR OFF-ROAD MANAGEMENT OF AN AIRCRAFT AND FOR ALARM COMMUNICATIONS.
Purton et al. Identification of ADS-B system vulnerabilities and threats
US9310477B1 (en) Systems and methods for monitoring airborne objects
US20190020404A1 (en) Utilization of National Cellular Infrastructure for UAV Command and Control
Ray et al. DeAIS project: Detection of AIS spoofing and resulting risks
Sturdivant et al. Systems engineering baseline concept of a multispectral drone detection solution for airports
EP3422038A1 (en) Unmanned aerial vehicle control system
Sampigethaya et al. Visualization & assessment of ADS-B security for green ATM
Hunter et al. Service-oriented separation assurance for small UAS traffic management
Al Fayez et al. Assessing the effectiveness of flying ad hoc networks for international border surveillance
Siewert et al. Fail-Safe, Fail-Secure Experiments for Small UAS and UAM Traffic in Urban Airspace
Cairns AIS and long range identification & tracking
RU125723U1 (en) SHORE SPATIALLY DISTRIBUTED MULTIPOSITION RADAR STATION WITH AUTONOMOUS RADAR RADAR TERMINALS FOR MONITORING AQUATORIES
JP7146834B2 (en) Method and system for determining level of authorization for unmanned aerial vehicle (UAV) operation
Averyanova et al. A study on unmanned aerial system vulnerabilities for durability enhancement
Tchouchenkov et al. Detection, recognition and counter measures against unwanted UAVS
Harison et al. Survey of cyber threats in air traffic control and aircraft communications systems
US11345473B1 (en) System and method for preventing inadvertent loss of surveillance coverage for an unmanned aerial system (UAS)
Jordan et al. Systematic evaluation of cybersecurity risks in the urban air mobility operational environment
Mlezivova Unmanned aircraft as a subject of safety and security
Stamm et al. Unmanned aircraft sense and avoid: Leveraging ATC infrastructure

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21887119

Country of ref document: EP

Kind code of ref document: A2