Imagine a swarm of UAS’s launching on a mission to surveil and test adversary air and EW defenses and strike targets of opportunity. The force constitutes a range of VTOL and tiltrotor platforms from different vendors, with varying software and modular payloads.
The swarm’s advanced C2 system incorporates elements of centralized control for efficient ISR data transmission, hierarchical or orchestrated control, and then decentralized action by consensus. ZeroTier’s mesh network and rapid failover give the system the flexibility to adapt and adjust to both the threat environment and normal flight operations. Millisecond multi-pathing speeds are crucial, not only to prevent flight trajectory problems local to the swarm, including intra-swarm considerations, but also to allow for seamless communication with GCS for updates and rerouting.
The drones themselves are linked to a range of classified and unclassified systems and networks, forward-deployed tactical units and edge sensors, all in a peer-to-peer mesh. Back at GCS, RPA pilots, sensor operators and others monitor ZeroTier’s Central dashboard.
The drones are linked up on a ZeroTier SDN on a secure Wi-Fi network. An enterprise system pushes software updates, giving the drones new algorithms, datasets and software for the mission at hand — maps for navigation over GNSS-denied terrain, fresh computer vision algorithms for target identification. ZeroTier creates virtual network segments based on software versions and trust levels: One set of drones, say performing an ISR mission, runs older, battle-tested software, while another sent to provide overwatch and close combat support for a mounted infantry unit has freshly updated targeting software, with limited permissions until it passes real-world validation tests and authenticates with a JTAC, also operating edge comms devices running ZeroTier.
Seamless LOS to SATCOM Handoff
The ISR drones go first and begin identifying air defenses and gathering signals intelligence, propagating the findings through the UAS mesh network’s low-latency peer-to-peer connections.
The ZeroTier node on the recipient edge device verifies new data is cryptographically signed by the right authority, assesses whether the UAS has the right software installation and sufficient bandwidth and power to accept the new data without affecting the mission.
The drones fly over the water, linked to GCS operators by a line-of-sight datalink. When that begins to degrade, the ZeroTier controllers hand off to LEO SATCOM providers like Starlink operating in Ku and Ka-band.
Traffic on the network doesn’t rely on a single gateway, so disruptions among one part of the drone mesh don’t collapse the entire network. ZeroTier’s network overlay dynamically reprioritizes traffic and maximizes the efficiency of scarce comms resources like satellite and aerial networks. The ZeroTier client handles secure identity, link negotiation, and direct communication between devices. Each drone communicates peer-to-peer with every other node — other UAVs in the air via LOS comms, infantry or armored units on the ground and GCS with Ku-band, Ka-band and X-band SATCOM. The network weighs latency, link quality, NAT behavior and other factors, and its rapid multi-pathing finds a route through ZeroTier Points of Presence when adversary EW takes down parts of the communications spectrum or compromises some of the drones in the swarm. If one drone remains within LOS of ground control, it relays peer-to-peer network traffic from dozens of others that have flown beyond it, linking the entire mesh network to GCS.
A few minutes in, ZeroTier detects spoofing attempts on one of the drone platforms, suggesting the adversary is testing a specific technique against UAS command protocols. The ZeroTier controller isolates it from the software supply chain network but keeps it operational for its assigned mission: The drone can no longer receive updates, but neither can it propagate malicious code backward through the fleet and into enterprise systems. ZeroTier does it in real-time — no need to reconfigure hardware.
Longer Visual on Target
A few minutes into the mission, the leading edge of the swarm is beyond line-of-sight from GCS, and SATCOM is down. One drone, tasked along with its squad with maintaining control over enemy ground lines of communication, identifies a fixed adversary command and control station and brings in the RPA pilot in the loop for verification and an order to fire.
Without ZeroTier’s failover capabilities, RPA pilots can lose sight of the target as much as one kilometer out when they enter the SATCOM-denied bubble surrounding it. With ZeroTier, they’re not flying blind: The one-way attack drone transmits via LOS channels backward into the swarm, each device relaying the transmission until it gets back to GCS. The human operator gives authority for weapons release, and maintains visual on target until impact, as much as 30 seconds longer than with other networking systems.
Want to learn how ZeroTier’s resilient, identity-first networking limits access by design? Request a demo today.
Want a deeper breakdown of the terminology? Our networking and cybersecurity glossary has you covered.