SYS://OPERATIONAL

BUILD 0.4.2-αCLASS // OPEN-RESEARCH38.8977° N · 77.0365° W

/ 00 — Mission

VERTEX.C2

// Hardened Command Architecture · Open Security Research

Zero-trust command and control for autonomous systems operating in contested RF environments.

A reproducible reference implementation: a simulated drone, an on-camera attack against its MAVLink link, and a hardened ground control stack that defeats it — mapped to NIST SP 800-171 and CMMC L2 controls DoD contractors actually have to satisfy.

View on GitHub Watch the Attack

Sim

ARDUPILOT SITL

Tunnel

WIREGUARD

Posture

CMMC L2

Ops

K3S · FLUXCD

/ Captured Evidence

T-01 · BeforePlaintext MAVLink

tcpdump showing plaintext MAVLink traffic on UDP 14550

UDP/14550 · commands readable · no auth

T-01 · AfterWireGuard Encrypted

tcpdump showing encrypted WireGuard traffic on UDP 51820

UDP/51820 · cipher bytes only · ChaCha20-Poly1305

T-02 · PoCCommand Injection

inject.py demonstrating unauthenticated MAVLink command injection

No credentials · full command access · T-02 closed by WG auth

/ 01 — Threat Model

Drone C2 links assume a benign network. The network isn't.

Three failure modes recur across COTS autonomy stacks. VERTEX C2 reproduces each one in a controlled simulation, then closes it. The threat model below is the load-bearing constraint for everything that follows.

T-01

Plaintext MAVLink

MAVLink v2 ships with no encryption by default. On the LAN segment between SITL and a typical GCS, every command — ARM, SET_MODE, MISSION_ITEM_INT — is readable in Wireshark in seconds.

Vector: SNIFF // INTERCEPT

T-02

No Peer Authentication

Common COTS autonomy stacks accept commands from any host that can reach the MAVLink endpoint. A second mavproxy instance on the link can re-task or disarm the airframe without a key, a cert, or a challenge.

Vector: INJECT // RE-TASK

T-03

Implicit Network Trust

GCS hosts routinely expose inbound ports to the LAN, the operator subnet, or the open internet. The link is trusted by topology rather than by signature, leaving the attack surface coextensive with the network surface.

Vector: TRUST-ON-FIRST-USE

/ 02 — Architecture

A hardened ground control stack — declarative, observable, end-to-end encrypted.

Treat the link as adversarial. Treat every payload as untrusted. Verify by signature, not by source.

POSTURE 0DEFAULT

Default COTS Path

ArduPilot SITL

Simulated airframe

MAVLink udp/14550

Plaintext · no auth

Any host on LAN

Trusted by topology

No encryption
No peer auth
No audit log

POSTURE 1HARDENED

VERTEX C2 Hardened Path

ArduPilot SITL

Simulated airframe

WireGuard tunnel

ChaCha20-Poly1305 · psk

GCS · Traefik mTLS

Authenticated ingress

Cloudflare Tunnel

Zero inbound ports

Prometheus + Loki

Telemetry · audit logs

Encrypted end-to-end
Mutually authenticated
Fully observable

gcs-host · before / after

LIVE

01# default posture — MAVLink in the clear
02$ tcpdump -i lo -A 'udp port 14550' | head
03[!] MAVLink v2 → SET_MODE: STABILIZE
04[!] MAVLink v2 → COMMAND_LONG: MAV_CMD_COMPONENT_ARM_DISARM 1.0
05[!] MAVLink v2 → MISSION_ITEM_INT: 37.7749, -122.4194
06# no auth · no encryption · trivially injectable
07 
08# vertex-c2 hardened posture
09$ sudo wg-quick up vertex-c2
10[OK] tunnel up · psk verified · peer=ALPHA-07 (1.5 KB rx)
11 
12$ tcpdump -i wg0 -nn
13192.168.42.1.51820 > 192.168.42.2.51820: UDP 102 [encrypted]
14[OK] commands now signed + encrypted + rate-limited at GCS

/ Capabilities

What changes when the link is hardened.

Encrypted Transport
WireGuard ChaCha20-Poly1305 tunnel between SITL and the GCS replaces the default plaintext MAVLink path.
Mutual Authentication
Pre-shared peer keys at the link layer; mTLS at the GCS ingress via Traefik. No anonymous control path.
Zero Inbound Exposure
Operator access lands through a Cloudflare Tunnel. The GCS opens no inbound ports to the public internet.
Observable by Default
Prometheus + Loki capture every command, link state change, and ingress event. Nothing is unobserved.

Declarative Operations

FluxCD reconciles the entire GCS stack from a Git repo. Every change is reviewable, signed, and reversible.

Headless & Reproducible

k3s on Pi-class compute or a hardened VM. The full topology can be rebuilt from the repo in minutes.

/ Stack

ArduPilot SITLMAVLink v2WireGuardTraefikCloudflare TunnelPrometheusLokik3sFluxCD

/ 03 — Live Demo

Watch a MAVLink link get intercepted in plaintext — then watch it disappear.

The fastest way to internalize the threat model is to see the commands stream past in clear text. The capture below shows a SITL-to-GCS session in Wireshark, then re-runs the same session over the VERTEX C2 tunnel.

REC · 02:14

vertex-c2 · attack-demo.mp4

Wireshark capture · MAVLink intercept → WireGuard hardened

SITL → GCS · before / after · single host · reproducible

MrGuato / vertex-c2

PUBLIC

Manifests, code, and threat model in one repo. The README is written as a technical brief. Reproduce the attack and the fix on a single Linux host in under ten minutes.

$ git clone https://github.com/MrGuato/vertex-c2

$ cd vertex-c2 && make demo

[OK] SITL up · GCS up · tunnel verified

Open Repository Read the Write-Up

/ 04 — CMMC Mapping

Mapped to the controls DoD contractors actually live inside.

Ten NIST SP 800-171 controls — the load-bearing subset for a hardened C2 stack — with the specific implementation that satisfies each one. The mapping is partial by design: this is research, not an attestation.

Control	Requirement	Implementation	Status
AC.L1-3.1.1	Limit access to authorized users	WireGuard peer keys · GCS mTLS	Satisfied
AC.L1-3.1.2	Limit transactions and functions	Traefik route-level RBAC · scoped GCS commands	Satisfied
IA.L1-3.5.2	Authenticate users and devices	Mutual TLS at ingress · WG pre-shared keys	Satisfied
SC.L1-3.13.1	Monitor and protect communications	WireGuard tunnel · Prometheus link telemetry	Satisfied
SC.L1-3.13.5	Subnetwork separation for public-facing components	Cloudflare Tunnel · zero inbound ports on GCS	Satisfied
AU.L2-3.3.1	Create and retain audit logs	Loki + Promtail capture of all GCS commands	Satisfied
AU.L2-3.3.2	Ensure individual operator accountability	Per-operator certs · signed FluxCD commit history	Satisfied
SC.L2-3.13.8	Cryptographic protection in transit	ChaCha20-Poly1305 (data) · TLS 1.3 (control)	Satisfied
CM.L2-3.4.1	Establish baseline configurations	FluxCD-managed declarative manifests in Git	Satisfied
SI.L1-3.14.1	Identify, report, and correct system flaws	Prometheus alerting · ingress anomaly metrics	Satisfied

// Note: VERTEX C2 is a research artifact, not a certification package. Cryptographic primitives are chosen for transparency and reproducibility; FIPS-validated module substitution is documented in the repository for environments that require it.

/ 05 — Researcher

About this project.

VERTEX C2 is open security research by a cleared infrastructure and security engineer working at the intersection of autonomous systems and defense-grade compliance.

The project exists to answer a single technical question concretely: what does a hardened, zero-trust command and control architecture look like for autonomous systems operating in environments where the link is actively contested? The repository treats that question as engineering work — reproducible, audited, and mapped to the compliance frameworks DoD contractors already operate within.

Get in Touch LinkedIn

/ Project Card

Status: Active research · v0.4.2-α
License: Apache 2.0
Domain: Autonomous Systems · C2
Posture: CMMC L2 — partial map
Reproducible: Single Linux host · k3s
Scope: SITL only · no live RF