The framework seeks to address vulnerabilities caused by the illegal or unmonitored use of Chinese-origin components in India’s UAVs
A comprehensive framework to secure India’s indigenous military drone ecosystem is in its final stages before becoming a binding document for the industry to comply with for checking illegal or unattended use of Chinese components in indigenous manufacturing of unmanned systems.
The framework, drafted by the Indian Army’ s Army Design Bureau (ADB) following businessline’s series of investigative stories exposing use of Chinese software elements by domestic manufacturers and passing them of as Make in India, was cleared by the Director General (Acquisition) on Tuesday, and the file has now gone to Defence Secretary RK Singh for clearance, said sources aware of the developments.
Final nod
Once Defence Secretary, who was given a presentation on the issue early last year, clears the framework file it will be sent to Defence Minister Rajnath Singh for final nod, said sources. After that, it will be made public to the stakeholders so that the drone industry conforms to the proposed new policy for secured military drones.
The framework seeks to address vulnerabilities caused by the illegal or unmonitored use of Chinese-origin components in India’s unmanned aerial vehicles (UAVs), even when marketed as “indigenous”, the newspaper had reported in September, 2025.
The framework, which seeks more than 30 tests from accredited labs to ensure only genuine indigenous drones gets manufactured in India due to security implications, has been delayed for long.
However, the framework is a modified version of OSWASP 4.0, the international security application standards for testing evidence of vulnerabilities in hardware devises.
Acquisition process
The upcoming policy will apply from the very first stages of the acquisition process — Request for Information (RFI) followed by Request for Proposal (RFP) — and will remain in force through post-contract management, sources said.
As per the proposed ADB’s cyber security framework for drones, which will be applicable for the entire tri-services, the testing will be carried out by STQC IT Services, ETDC Bangalore, Ministry of Electronics and Information Technology).
Broadly, software and code elements will be tested to ensure that the military drones are not compromised and start relaying information to entities other than the authorised users, or gets hacked. During Galwan face off with China, scores of drones from India were hacked by the PLA and later too such incidents were reported in western and norther borders.
The need to fortify drone architecture was also visible during Operation Sindoor, said sources in the industry.
Autopilot module
The assessment of drones would be done to carefully examine the autopilot module, simulator, field programmer, power interfaces, Windows workstation, and smartphone used for Ground Control Station (GCS) operations.
Manufacturers will also have to meet other features like secure update mechanisms, unique cryptographic identities, secure storage of keys, secure communications, and resistance to downgrade attacks, sources explained.
Besides that, bill of material of hardware too will be scrutinised to crosscheck sourcing to weed out procurement from inimical countries, and weakness towards electronic tampering will .
Published on January 14, 2026
