Unifly Completes ESA NAVISP SecureUTM 2 Phase I, Advancing Cyber-Resilient U-space Operations
Antwerp, Belgium – April 7, 2026 – Unifly, in cooperation with Nexova, announces the successful completion of SecureUTM 2 Phase I under the European Space Agency’s (ESA) NAVISP programme. The project establishes a certification-aligned, risk-driven cybersecurity foundation for secure, resilient and scalable Unmanned Traffic Management (UTM) and U-space services across Europe.
As drone operations grow in complexity and cross-border interoperability, cybersecurity is becoming essential for operational continuity and public trust. SecureUTM 2 embeds cybersecurity engineering into the core architecture of UTM systems, aligning with European U-space regulations, Common Criteria methodology and ENISA risk frameworks. Security is treated as a foundational design principle rather than a late-stage compliance requirement.
Strengthened UTM Security Baseline
Building on SecureUTM 1, SecureUTM 2 Phase I significantly expanded the cybersecurity baseline for UTM systems. Key outcomes include:
- Refinement of a harmonised Protection Profile (PP) for UTM
- Development of an updated Security Target (ST) for the Unifly platform
- Structured risk assessment and certification-aligned gap analysis
- Definition of a secure architectural baseline addressing real-world U-space complexity
- Setup of a PoC Testbed
Risk-Based Engineering Roadmap
A control-by-control gap assessment translated cybersecurity requirements into a prioritised implementation roadmap. Focus areas include:
- PNT source authentication and plausibility checks
- Enhanced session integrity and transport protection
- Denial-of-Service resilience
- Device-level authentication and auditing
- Secure storage and encryption
This structured approach supports operational deployment and future EU cybersecurity certification readiness.
Validated Mitigations for GNSS and PNT Threats
SecureUTM 2 phase I placed strong emphasis on GNSS jamming and spoofing risks increasingly observed in drone operations. Practical, layered mitigations were validated through a dedicated U-space proof-of-concept testbed with Hardware-in-the-Loop UAV simulations.
Validated measures include:
- On-board GNSS jamming detection
- Fleet-level interference inference
- Trajectory plausibility and conformance monitoring
- OSNMA-based message verification
- Structured anomaly logging and alerting
The testbed enables repeatable attack simulation, KPI-based evaluation and regulator-ready evidence generation.
Foundation for Phase II and European Deployment
Phase I also delivered a structured U-space testbed blueprint, verification methodologies and digital twin foundations to support continued validation, operator training and continuous cybersecurity testing.
SecureUTM 2 directly supports Belgium’s U-space deployment strategy and strengthens its position in secure drone integration.
Phase II will focus on implementing prioritised controls, expanding validation capabilities and further aligning with EU certification frameworks.
About Unifly
Unifly is a technology company rooted in aviation, dedicated to enabling autonomous aviation by advancing the safety and efficiency of UAS Traffic Management. The Unifly platform connects authorities, drone operators and stakeholders to digitise and automate airspace management, supporting the safe integration of next-generation aircraft. Through Unifly Consulting, the company combines UAS Traffic Management with thorough regulatory and safety expertise, offering SORA assessments, regulatory guidance and operational strategy, creating a comprehensive end-to-end solution that powers the future of autonomous aviation worldwide.
About Nexova
Nexova is a Belgian technology company specialising in advanced cybersecurity solutions, including certification support, penetration testing, cyber-range services, and secure system engineering for critical infrastructures.
For more information, please contact us at press@unifly.aero.
Recent Posts
