Securing the low-altitude economy: a survey

Abstract The rapid growth of the low-altitude economy, including unmanned aerial vehicles (UAVs) and urban air mobility (UAM), is reshaping industries from transportation to emergency response. Powered by advances in fifth-generation (5G) and 5G-advanced (5.5G) connectivity, artificial intelligence (AI), and new energy systems, these platforms are becoming increasingly autonomous and capable. However, their growing software complexity introduces critical cybersecurity risks. Vulnerabilities in communication protocols, onboard firmware, and AI systems can be exploited to hijack UAVs, disrupt operations, or leak sensitive data. While research has addressed isolated aspects, a unified security perspective is still lacking. This work presents a systematic review of software-level security challenges and defenses in low-altitude UAV/UAM systems. We first categorize major attack surfaces across communication, firmware, and AI layers. Furthermore, we survey defense mechanisms suited to real-time, resource-constrained aerial platforms. Finally, we propose future directions, including quantum-resistant communication protocols, hardware-software cosecurity, and edge-AI-driven architectures. Our work aims to inform researchers, practitioners, and regulators in developing integrated, resilient security strategies for the evolving low-altitude ecosystem.