Firefighting UAV swarm study outlines AI inspection and cyber defence approach

UAV swarm design for firefighting missions

A peer reviewed paper describes a six-drone UAV swarm framework for firefighting operations that aims to maintain mission continuity while reducing exposure to cyberattacks on inter-drone communications.

The study is titled “A Cyber-Resilient UAV Swarm Framework for Fire-Fighting with AI-Based In-Flight Defect Inspection”, authored by Ahad Alotaibi and Abdullah Alrasheedi of the Department of Advanced Technology, Canadian College of Kuwait, Al Jahra, Kuwait, and published in the Journal of Computer and Communications, Vol.14 No.1 (January 2026).

The proposed architecture uses five operational drones assigned mission roles such as thermal observation, environmental sensing, close-range visual assessment, payload support and communications extension.

It also adds one Inspector/Commander drone positioned to supervise, capture inspection imagery and act as a coordination node linking the swarm to the Ground Control Station (GCS).

The paper frames the approach around two risk areas in swarm missions, physical degradation in fire-ground environments and cyber threats exploiting wireless coordination traffic.

AI inspection and cyber-resilient communications approach

The framework includes a mobile application called Drone Inspector that manages pre-processing, cloud submission and alerting for in-flight defect inspection imagery.

The workflow described has the Inspector/Commander UAV capturing high-resolution images of neighbouring operational drones at defined intervals and sending them through the swarm communications layer to the Drone Inspector application.

The application then submits images to Amazon Rekognition Custom Labels via API and receives defect labels with confidence scores.

The paper describes defect categories including exposed wiring, landing gear damage, landing gear misalignment and deformation of landing components.

Inspection frequency is described as adaptive, with inspections every two minutes under nominal conditions and every 30 seconds in higher risk areas linked to gas sensor readings indicating proximity to an active fire zone.

In the implementation described, the application triggers a critical alert to the Ground Control Station when confidence exceeds a defined threshold, with the paper describing a threshold of 80%.

For communications security, the paper proposes subnet segmentation and Route Optimization for Autonomous Systems (ROAS) to reduce the feasibility of Man-in-the-Middle (MITM) and traffic manipulation attacks.

Subnet segmentation is described as dividing the swarm network into role-based subnetworks with routing policies controlling inter-subnet communication.

ROAS is described as a dynamic routing approach intended to adjust paths based on network conditions and topology changes to reduce persistent interception points.

Evaluation approach and reported results

The paper describes evaluation across physical deployment feasibility, AI inspection workflow performance and cybersecurity simulation.

It describes a six-UAV deployment consistent with the proposed architecture, with the Inspector/Commander UAV maintaining a supervisory position to capture imagery and support communication.

Example UAV platforms named include DJI Matrice series platforms and an Autel EVO Max model, with additional roles described for payload delivery and communications relay.

Live fire was not used for safety reasons.

The paper describes using manoeuvres, formation flight and environmental stressors such as wind variability to emulate operational challenges relevant to emergency response.

For AI defect detection, it describes Amazon Rekognition Custom Labels trained on a labelled dataset including normal conditions and representative defect scenarios, with reported classification metrics including precision, recall and F1-score.

For cybersecurity simulation, it describes a network emulation environment built in GNS3, using a Kali Linux attacker node and Ettercap for adversarial traffic injection, with a comparison between a baseline flat network and a secured configuration applying segmentation and ROAS.

The paper references EtherApe traffic visualisation and describes figures intended to show traffic concentration through the attacker node under baseline conditions, followed by more balanced traffic patterns after defences are applied.

Across these experiments, the authors report reduced attack success rates, early detection of defects and improved operational reliability within the combined inspection and network defence framework.

The paper presents the system as a hierarchical swarm design that links physical integrity monitoring and cybersecurity measures within a single operational framework.