Drones are fast becoming integral to modern life – enhancing logistics, surveillance, agriculture and emergency response. Among the most ambitious of these ventures is Amazon’s vision of drone-powered delivery, a programme that aims to revolutionise last-mile logistics. But as with any groundbreaking technology, innovation brings both complexity and occasional setbacks.

In December 2024, Amazon’s MK30 drones experienced a malfunction during a routine test flight. Around the same time, we undertook a unique and in-depth security testing engagement on a separate drone system for one of our clients. These two parallel stories – one from the public spotlight, the other from behind the scenes – highlight the critical importance of comprehensive safety and security testing in unmanned aerial systems.

This article explores how the lessons learned from both experiences can help shape a more resilient and secure future for drone technology.

Amazon’s drone programme: Learning through iteration

Launched more than a decade ago, Amazon’s drone initiative has always been an ambitious project. The goal was to deliver packages within 30 minutes using autonomous drones. The latest iteration, the MK30 drone, is a testament to years of engineering development and regulatory coordination.

In December 2024, two MK30 drones encountered difficulties during test flights in Oregon. According to reports, a software update had increased the sensitivity of the drones’ altitude sensors. In the presence of rainfall, this led to incorrect readings, causing the aircraft to shut off mid-flight under the mistaken belief that they had landed.

Crucially, the MK30 no longer uses physical “squat switches”, a feature present in earlier models that mechanically confirmed landings. Instead, it relies on advanced software and vision-based systems to interpret altitude and landing data.

Amazon responded swiftly, working closely with the National Transportation Safety Board (NTSB) and the FAA. Flight operations resumed in March 2025, following updates to the drone’s altitude-sensing systems and renewed regulatory approval. The company

emphasised that the MK30 includes multiple sensor inputs and is designed to meet or exceed safety standards.

While these events drew public attention, they are also part of a broader and well-understood process in aviation and aerospace: innovation through controlled testing, iteration and improvement.

Resillion’s drone testing case study: Proactive risk analysis

At the same time Amazon’s test flights were taking place, here at Resillion we were engaged in a highly focused penetration testing campaign for an undisclosed client’s drone system. This was far from a conventional pen test, as Dirk-Jan Bartels explained during a team presentation. It involved deep exploration into potential attack scenarios, software weaknesses and system-level vulnerabilities.

The drone under test – described as looking “like a spider” with multiple sensory components – was not being assessed for regulatory certification, but rather to answer key questions from the client around resilience and cyber security.

This exploratory testing model is designed to simulate real-world threat scenarios. Instead of checking against a predefined list of compliance criteria, our team looked at how the drone might behave under intentional interference or unexpected conditions, such as signal jamming, spoofed inputs or compromised connectivity.

While the project wasn’t tied to any specific legislation, it took place within a fragmented regulatory landscape. In the EU, for example, consumer drones typically fall under the Radio Equipment Directive (RED), while larger or more advanced drones may be subject to aviation regulations similar to those applied to commercial aircraft.

The real value of the project was in how it illuminated edge cases and attack surfaces that standard testing might overlook. It exemplified how security thinking must evolve alongside technological complexity.

Shared takeaways: A case for multi-layered assurance

When comparing these two drone stories, one from the tech giant Amazon and the other from a specialist testing provider, a few key insights emerge:

✔️Sensor reliability and redundancy are essential

Amazon’s move from mechanical squat switches to software-driven landing detection reflects a broader trend in engineering towards streamlining hardware in favour of lighter, smarter software. But any single method can fail, especially under variable environmental conditions. The inclusion of multiple sensors and redundancy is vital to avoid false readings and ensure safety.

✔️ Testing must go beyond ideal scenarios

In Resillion’s case, our client wanted to know how their drone would perform in the messy reality of weather, interference and potential cyber threats – not just in perfect lab conditions. This mirrors the kinds of scenarios that contributed to the MK30 test flight difficulties, highlighting how testing under adverse conditions should be standard practice, not an exception.

✔️ Compliance doesn’t guarantee immunity

The MK30 drones were FAA-compliant. Yet compliance doesn’t equal guaranteed success. Regulations provide baseline safety and interoperability requirements, but proactive risk identification, like that conducted in our drone engagement, can reveal additional layers of exposure and lead to stronger systems overall.

✔️ Failure, when well-managed, is part of progress

Both stories underline that when mistakes, failures or anomalies are detected in controlled environments, they provide opportunities for learning and improvement. Amazon’s prompt response and system updates show a commitment to iterative safety, and our testing reinforces the idea that simulated attacks and exploratory analysis are essential components of secure system development.

Building for a resilient drone future

The drone industry stands at a pivotal moment. Drones are no longer experimental toys – they’re flying data centres, logistics platforms and surveillance tools. As their functionality grows, so does their exposure to complex real-world variables – from weather to cyber attacks.

To build resilience into these systems, developers and operators should:

· Combine physical and digital safety mechanisms.

· Test in conditions that mimic real-world unpredictability.

· Incorporate multi-disciplinary expertise, including cyber security, hardware engineering and regulatory affairs.

· Consider independent testing or third-party validation to challenge internal assumptions.

Innovation that flies

Drones may take to the skies, but their safety begins on the ground with thoughtful design, rigorous testing and a commitment to learning from experience.

Amazon’s drone journey is far from over and its recent challenges are not signs of failure, but rather milestones in a complex innovation process. Similarly, our behind-the-scenes work shows how critical it is to prepare for what could go wrong, not just what should go right.

As drone technology continues to evolve, so must our approach to testing and assurance. When we design systems to be safe, not just in theory but in unpredictable real-world conditions, we set the stage for innovation that lasts, and flies.