Security Degree Metric in UAV Networks

• Security Degree Metric is a quantitative measure that evaluates UAV trustworthiness by combining historical authentication data and adjacent node reliability.
• It integrates authentication histories and neighbor reliability to facilitate secure routing, dynamic rerouting, and trust management in adversarial conditions.
• Incorporated within the BSPPO framework, the metric underpins beam search path selection and real-time updates to mitigate network attacks and optimize routing.

The security degree metric is a quantitative measure designed to evaluate the trustworthiness of unmanned aerial vehicles (UAVs) within SDN-blockchain network architectures for secure routing, particularly under dynamic and adversarial conditions. This metric systematically integrates both individual authentication histories and the reliability of adjacent nodes, serving as a core feature for robust route selection, dynamic rerouting, and trust management in beam search-proximal policy optimization (BSPPO) algorithms (Han et al., 19 Jan 2026).

1. Formal Definition and Construction

The security degree $SD_i$ for UAV $i$ encapsulates two fundamental components: historical credibility and adjacent reliability. Historical credibility $A_i^{h+1}$ is defined as the normalized ratio of cumulative successful authentications $S_i^{h+1}$ to the total authentication attempts, including failures $F_i^{h+1}$, at communication hop $h+1$:

$$A_i^{\,h+1} = \frac{S_i^{\,h+1}}{S_i^{\,h+1} + F_i^{\,h+1}}, \quad A_i^{\,h+1} \in [0,1]$$

Adjacent reliability $RE_i^h$ is computed as the mean reliability value of all neighbors $j\in\Gamma(i)$, where each reliability $RE_j^h$ decays by $\beta$ upon attack ($\delta_{\rm data}=1$):

$$RE_j^{\,h+1} = RE_j^h - \beta\,\delta_{\rm data}, \quad \beta > 0$$

$$RE_i^h = \frac{1}{|\Gamma(i)|}\sum_{j\in\Gamma(i)} RE_j^h$$

The final security degree is a convex combination of these components:

$$SD_i = \alpha\,RE_i + (1-\alpha)\,A_i, \quad \alpha \in [0,1]$$

This formulation allows adjustable weighting between individual historical trust and local network reliability.

2. Operational Workflow within SDN-Blockchain Architectures

The security degree metric operates as an integral trust quantifier in UAV networks with SDN-blockchain coordination. After each hop’s authentication event, the relevant counters are updated, with blockchain serving as a tamper-proof ledger for $\{A_i, RE_i\}$. The SDN controller fetches these parameters to compute $SD_i$ in real time, informing routing and rerouting decisions under adversarial conditions. This integration ensures that trust evaluations cannot be manipulated by local adversaries and reflect both direct and neighborhood-level history.

3. Integration with Beam Search Path Selection

Within the BSPPO framework, beam search utilizes the security degree to identify candidate paths with high trustworthiness. For any route $p$, the average security score is calculated:

$$\mathrm{Score}_{\rm avg}(p) = \frac{1}{|p|}\sum_{v \in p} SD_v$$

At each iteration, only UAVs satisfying multiple constraints—including $SD_v\geq\theta_{SD}$—are considered as next hops. The beam search retains the top-$B$ paths in terms of average security degree, constructing a reduced subgraph $\mathcal{G}'$ that is subsequently used by the PPO agent. This mechanism ensures that only routes through highly trustworthy UAVs are prioritized, reducing the risk of successful attacks and mitigating network vulnerability.

4. Dynamic Update and Attack-Triggered Rerouting

The security degree metric incorporates immediate update logic upon attack detection. When $\delta_{\rm data}=1$ (attack detected at a UAV), $SD_j$ for the affected node drops, leading to its exclusion from the routing graph. Beam search is re-executed on the updated network to generate new candidate paths, while PPO reroutes from the last safe node. This approach enables rapid adaptation to evolving threat conditions and maintains overall network robustness, especially critical in emergency and time-sensitive communications.

5. Computational and System Implications

Utilization of the security degree metric is computationally tractable within the BSPPO scheme. Per-hop update complexity for the metric is minimal, bounded by neighbor set size. Overall per-iteration complexity (beam search, PPO rollout, and policy update) is:

$$\mathcal{O}\bigl(H_{\max}B\bar{b}\log(B\bar{b}) + H_{\max}d^2 + Md^2\bigr)$$

where $B$ is beam width, $H_{\max}$ max hops, $\bar{b}$ average branching factor, $d$ hidden layer dimension, and $M$ batch size. The efficient computation and update properties enable real-time application in networks with large numbers of UAVs and frequent rerouting demands.

6. Significance and Implications for Secure Routing

A plausible implication is that the security degree metric provides a principled method for balancing individual UAV track records against the reliability of network topology, informed by blockchain-backed histories. This hybrid measure is essential in networks where adversaries may compromise individual nodes while the broader network remains reliable, or vice versa. Integration with SDN control and blockchain not only enhances auditability but also builds resilience into reinforcement learning-based routing. Extending the concept to other dynamic networks may yield similarly robust results, especially for multi-agent and decentralized contexts.

7. Comparative Role and Limitations

Simulations demonstrate that BSPPO incorporating the security degree outperforms PPO, BS-Q learning, and BS-actor critic in delay, energy consumption, and transmission success rate under varying attack densities (Han et al., 19 Jan 2026). However, the metric’s effectiveness relies on the accurate, timely update of authentication and reliability scores, and its sensitivity may depend on hyperparameter $\alpha$ tuning. While blockchain-assisted consensus mitigates manipulation, latency and scalability in very large UAV networks remain areas for further investigation. There are no reported controversies regarding the metric’s definition, though its practical deployment may require additional field validation regarding real-time blockchain integration and operational overhead.