The underlying discussion shifts the focus very clearly: away from the sensationalist debate about ‘drone defence’ as a standalone function, towards the sober security question of whether operators actually have a reliable understanding of what is moving above their premises and within their electromagnetic environment. This is precisely where Luftraumüberwachung.com comes in. The website describes a civilian airspace surveillance system operating in real time, which is “completely passive”, “licence-free to operate”, “Made in the EU” and explicitly geared towards critical infrastructure. The system is developed by the Karlsruhe-based company hensec. The site also makes it clear that it is not just about drones, but about the detection, classification and identification of drones, helicopters, aeroplanes, birds and interference signals within a shared situational picture.

This leads to the central thesis of this technical article: in security-critical environments, detection is not merely a precursor to defence, but its essential prerequisite. Anyone who lacks a reliable view of the lower airspace cannot properly prioritise risks, distinguish authorised from uncooperative flight movements, or document events with conclusive evidence. This is the central theme of the discussion – and at the same time the website’s strongest message.

The threat situation extends far beyond airports

Airports are the most visible use case, but precisely for that reason they provide a misleadingly narrow frame of reference. The DLR has analysed 118 reported drone incidents at German airports for 2024, including nine assessable instances of complete operational shutdowns; for these nine cases, economic damage of around half a million euros was calculated on the part of the airlines. DFS Deutsche Flugsicherung has already recorded 225 instances of air traffic disruption caused by drones for 2025. These figures show that the threat is real. At the same time, however, they only illustrate a particularly high-profile aspect of the problem.

The Luftraumüberwachung.-com website therefore defines the fields of application much more broadly. These include airports, industrial estates, fuel depots, test sites, offshore wind farms, major events, large-scale disaster situations and city centres. In doing so, it follows a logic also set out by the Commission for Plant Safety in KAS-51: unauthorised interference must be considered a source of danger; this explicitly includes drones. The guidelines also emphasise that they are applicable mutatis mutandis outside traditional major-accident control areas where a corresponding hazard potential exists.

This is precisely why the scepticism expressed in the discussion regarding “a product from the trade fair” is technically justified. A fuel depot has different assets, different vulnerabilities and different escalation consequences than a chemical plant, a stadium or a police facility. Consequently, KAS-51 does not require a standardised response, but rather a security analysis in which threats, hazards and IT risks are assessed on a site-specific basis, from which security objectives and protective measures are derived.

Detection is not a preliminary step to defence, but its prerequisite

The key technical point of the discussion is: anyone who cannot verify what is happening on their own premises or in their own airspace can neither deter effectively nor respond appropriately. KAS-51 explicitly supports this view. The guideline requires that potential intrusions by unauthorised persons and the resulting hazards be systematically identified and assessed; security objectives and necessary measures should be derived from this security analysis. Furthermore, a security management system should also outline the feasible measures for protection against drone attacks. At the same time, KAS-51 emphasises close cooperation between operators and security or hazard prevention authorities.

Luftraumüberwachung.com translates this regulatory obligation into an operational function. The website promises “visual clarity in a previously blind area”, highlights the importance of evidence and post-incident analysis, and describes an organisational benefit: authorised drones, such as those operated by media partners or emergency services, could be automatically recognised and attributed to the responsible parties. This is a key point, because in an emergency it is not only relevant that something is flying, but who is flying it, why it is being flown and whether the flight is legitimate.

Remote identification is helpful in this regard, but it is not sufficient on its own. Since 1 January 2024, EASA has required an active and up-to-date Remote ID system for all drones in the “specific category” and for class-marked drones in the “open category”; these signals can even be received by members of the public using smartphone apps. This is precisely why the approach taken by Luftraumüberwachung.com is technically sound: the website and the accompanying hensec technical article combine telemetry and Remote ID with RF decoding and passive radar to detect even non-transmitting or uncooperative targets. This is not a contradiction to Remote ID, but rather a necessary complement to it.

———————————————————————

Company founder Kevin Heneka sees himself as a pioneer of modern security concepts and was one of the first experts to be certified by VdS Schadenverhütung as a recognised specialist in Smart Building Safety & Security

Integrated airspace surveillance for KRITIS

Technical approach and operational classification using the example of HENSEC

Against the backdrop of growing requirements for the protection of critical infrastructure, structured airspace surveillance is becoming increasingly important. Whilst regulatory requirements and threat scenarios underscore the need for a reliable air situation picture, operators are faced with the question of finding practical, technically sound and integrable solutions. One approach that addresses these requirements is the system architecture for civil airspace surveillance developed by HENSEC.

Sensor fusion creates the decisive situational picture

The website describes an architecture comprising three mobile sensor units, which are strategically positioned around the area to be monitored. These sensors do not transmit signals themselves, but capture radio, radar and telemetry data in real time and consolidate it within a shared management interface. The air situation picture is browser-based and accessible via mobile devices. One aspect is particularly relevant to the technical paper: the system is not intended to provide individual sensor readings, but rather an integrated situational picture on the basis of which decisions can be made.

The ENSEC technical paper specifies this sensor fusion across three sources: telemetry for cooperative unmanned aerial vehicles, RF decoding for radio communication between the drone and the remote control, and passive radar for non-transmitting objects. The whole system is supplemented by GNSS monitoring and 3D visualisation, which can be integrated into existing systems via open APIs. What is crucial here is not the individual technology, but the cross-validation of the data against one another. Only when data sources are consolidated can contradictory signals be identified and reliable conclusions drawn from them.

The Fraunhofer Institute for High-Frequency Physics and Radar Technology FHR provides the technical basis for the passive radar. There, the PARASOL system is described as a passive radar-based method that utilises existing radio and TV signals, emits no additional electromagnetic radiation and therefore requires no expensive frequency allocation or site licence. Fraunhofer also explains that three sensors are used for position determination and explicitly sees potential for developing mobile surveillance systems for asset protection and drone detection with a short commissioning time on this basis. This provides the website’s description – passive, licence-free, discreet – with a clear technical and scientific foundation.

It is also noteworthy that Luftraumüberwachung.com does not only address uncooperative flying objects. The website explicitly describes the shared management interface as a tool for incident response and the coordination of authorised in-house drones. The Hensec text goes one step further and speaks of an open integration concept that allows existing sensor technology to be integrated and the operator’s own UAVs to be managed on the same platform. For operators, this is a key point: a modern air situation picture serves not only to counter incidents but also to ensure the safe coordination of legitimate flights.

GNSS jamming and spoofing extend the topic from airspace to overall resilience

The discussion consistently extends the drone issue to GNSS-dependent systems beyond flight: to autonomous ground vehicles, plant security robots, agricultural machinery or other automated platforms.

This extension is technically logical. Since February 2022, EASA has described a significant increase in GNSS jamming and spoofing in several regions; Jamming blocks the reception of satellite signals, whilst spoofing feeds in fake signals, thereby generating incorrect position, navigation and time information. In its updated safety information, the authority expressly emphasises that spoofing is harder to detect and poses a greater operational risk than jamming.

The joint action plan issued by EASA and EUROCONTROL in March 2026 demonstrates that this issue is no longer a marginal concern. It refers to a “growing challenge” and to interference that has become a regular phenomenon. The plan focuses on joint monitoring, validated situational awareness, data exchange, harmonised procedures and more resilient infrastructure. In other words: Europe no longer treats GNSS interference as an exotic technical problem, but as a serious security and continuity issue.

The hensec article on GNSS risks draws an operational conclusion from this. It describes mobile networks, power transmission grids, data centres, vehicle technologies and UAVs as systems that rely on precise positioning, navigation and timing data.

The Luftraumüberwachung.-com website therefore places particular emphasis on integrated GNSS monitoring alongside drone detection.

That this is a unique selling point is a vendor’s position and not an independently verified market comparison; in terms of content, however, this focus aligns very well with the official European assessment that GNSS resilience is becoming a fundamental requirement for secure critical infrastructure.

Open control centres and digital sovereignty are procurement criteria

Another key point of the discussion is the move away from product silos. The need for open platforms is described, which bring together different sensor technologies, various operators and, in the event of an incident, multiple organisations to provide a shared situational picture. This is precisely what the hensec technical paper states very clearly: via open API interfaces, the solution can pass data on to plant security, authorities or drone situation centres; at the same time, existing sensors from other systems can be integrated into the platform.

In complex rescue operations, different units should thus be able to view and coordinate their own drones on a shared interface.

This openness is not merely a convenience, but reflects a broader trend. In its Digital Programme, the Federal Ministry of the Interior and Homeland explicitly sets out the goal of consolidating ‘digital sovereignty’ and creating ‘interoperable infrastructure’.

At the same time, the Federal Office for Information Security warns against high levels of dependence on individual US technology providers in public administration, as this could jeopardise control over one’s own IT.

Against this backdrop, the website claims “Made in EU”, “data protection compliant, secure & sovereign”, as well as the reference to servers in Germany and the absence of hyperscaler dependencies, are not mere marketing slogans but genuine procurement arguments.

This is particularly crucial for critical infrastructure. Those who generate a situational overview of sensitive assets, movement patterns and security incidents are not merely procuring sensor technology, but also data sovereignty, interface control and integration capability. The discussion therefore hits upon a key point: future-proof systems must be technology-neutral, scalable and capable of integration into existing control centre landscapes – otherwise they create new dependencies rather than increasing resilience.

What operators should prioritise now

• Firstly, operators should start with analysis rather than knee-jerk reactions. KAS-51 requires that unauthorised access be considered as a source of risk, that security analyses be carried out, and that site-specific security objectives be derived from these. Where regulatory support is required, contact with the relevant authorities should be actively sought. A viable aviation security concept therefore does not start with a catalogue, but with assets, threats, operational processes and escalation procedures.
• Secondly, modular detection capability is the most sensible first investment step. Luftraumüberwachung.-com describes the system as modular and scalable, suitable for both temporary and permanent security, and open to the integration of existing sensor technology. This allows a situational picture to be built up without discarding existing technology or relying on a single type of sensor. It is precisely this hybrid approach – integrating existing systems, supplementing them with new sources, and consolidating everything on a single monitor – that constitutes the concept’s true future-proofing.
• Thirdly, civil operators should make a very clear distinction between legally compliant detection and risky active jamming. The Federal Network Agency explicitly lists jammers as a problematic product group in its market surveillance; in the case of dangerous or non-compliant radio equipment, it can order sales bans, recalls or other market-restricting measures. At the same time, EASA warns that jamming and spoofing can have significant impacts on navigation and operational safety. For civil KRITIS environments, the scepticism expressed in the discussion regarding supposedly simple jammer solutions is therefore well-founded. The sound investment lies not in the promise of spectacular neutralisation, but in a resilient, documented and interoperable situational picture.

The essence of the discussion and the website can thus be summarised in a single sentence: modern airspace surveillance is no longer a specialised tool for exceptional cases, but a foundational layer of modern security architectures – where drones, manned aircraft, GNSS interference and proprietary autonomous systems must be integrated into a shared operational picture.

At the heart of this is a consistent focus on a coherent, multidimensional situational picture that brings together different data sources and makes them usable for operational decisions. The approach thus follows the fundamental logic of modern security architectures: it is not the individual technology that is decisive, but the ability to correlate heterogeneous sensor data, validate its plausibility and translate it into a context relevant for action.

Sensor fusion as the basis for airspace surveillance

The technical implementation is based on the combination of several complementary detection methods. These include, in particular, the evaluation of Remote ID and telemetry data from cooperative aircraft, the analysis of radio communications within the relevant frequency spectrum, and radar-based methods for detecting non-cooperative objects. This form of sensor fusion enables a differentiated view of the airspace. Cooperative systems can be clearly identified and classified, whilst at the same time objects that transmit no signals or manipulated signals are also detected. The parallel use of multiple data sources also creates the conditions for validating information – a crucial factor in avoiding misinterpretations and improving the quality of the situational picture.

Passive detection in operational environments

A key component of the approach is the use of passive sensor technologies. Passive radar-based methods, in particular, utilise existing electromagnetic signals from the environment and do not require the system to transmit its own signals. This offers several advantages for use in critical infrastructure. Firstly, there is no need for additional frequency licences, which speeds up and simplifies implementation. Secondly, the existing electromagnetic environment is not affected, which is particularly important in sensitive technical facilities. At the same time, the ability to detect non-cooperative flying objects is maintained, ensuring continuous monitoring even in heterogeneous threat scenarios.

Radio-based analysis and identification capability

In addition to passive radar detection, the analysis of radio links between drones and control units is taken into account. This enables conclusions to be drawn about movement patterns, communication structures and potential control locations. In combination with Remote ID data, this creates an expanded picture that goes beyond mere position determination.

Particularly relevant here is the ability to detect inconsistencies between different data sources. For example, discrepancies between transmitted identification data and actual signal sources can provide indications of tampering. This form of data correlation supports a nuanced assessment of flight movements and contributes to enhancing operational safety.

Integration of GNSS monitoring

Another key component is the integration of GNSS monitoring into the overall system. The detection of jamming and spoofing events adds an additional dimension to the air situation picture, which is becoming increasingly relevant for operators of critical infrastructure. As numerous technical systems rely on precise position, navigation and time information, disruptions in this area can have an immediate impact on operations. The integration of appropriate detection mechanisms makes it possible to detect such events at an early stage and incorporate them into the situation assessment. This makes airspace surveillance an integral part of comprehensive resilience strategies.

Integration and control centre compatibility

At the architectural level, integration into existing security and control centre systems is a key aspect. HENSEC’s approach provides for open interfaces through which sensor data can be integrated into higher-level platforms. This enables the consolidation of air situation information with other security-relevant data sources, such as video surveillance, access control or IT security monitoring.

This provides KRITIS operators with a consolidated situational picture that can be used across organisations and supports the coordination of different stakeholders. Particularly in complex operational scenarios – such as major incidents – the joint visualisation of air movements and the organisation’s own operational resources can make a decisive contribution to efficiency and security.

Scalability and operational adaptability

A further technical advantage lies in the scalability of the system architecture. Detection performance is fundamentally linked to the physical presence of sensors in the respective surveillance area. Accordingly, fixed installations can be supplemented by mobile units to cover different scenarios.

For operators, this means a high degree of flexibility in adapting to site-specific requirements. Both permanent monitoring structures and temporary security measures – for example, during special events or heightened threat levels – can be implemented on this basis.

In addition to real-time processing, the structured storage and analysis of data play a central role. Airspace surveillance systems must be capable of documenting events in a traceable manner and making them available for analysis. This is particularly relevant in the KRITIS environment, where documentation requirements, audit requirements and the forensic analysis of incidents play an important role. Consistent data management helps to standardise and continuously improve security processes.

Context within the KRITIS framework

The approach described demonstrates how airspace surveillance can be implemented as an integral part of modern security architectures. The combination of sensor fusion, passive detection, GNSS monitoring and open system integration creates a technical foundation that meets the specific requirements of critical infrastructure.

For those responsible in the KRITIS sector, this results in clear added value: a robust, continuously available situational picture that supports both preventive and reactive measures. At the same time, the foundation is laid for meeting regulatory requirements and increasing one’s own resilience against complex threat scenarios.

This makes it clear that modern airspace surveillance goes far beyond the mere detection of drones. It is evolving into a networked system component that takes physical and electromagnetic aspects into account in equal measure and translates them into a shared operational picture. It is precisely this integrated approach that constitutes its contribution to the security of critical infrastructure.

[DCM]