🔐 Secure Access
Enter password
Enter password
Wise Integrated System for Drone Operations & Maintenance · Field Modules · PHOENIX IA · Multi-layer Security · Audit Ready
W.I.S.D.O.M™ (Wise Integrated System for Drone Operations & Maintenance) is a software platform developed by Baligh Ben Khalifa for TELNET (PLM), specifically designed for PHOENIX drone operations and maintenance (70kg, NCAA specific category).
Integrated modules:
| Service | Data sent out | Data NEVER transmitted |
|---|---|---|
| License (Render) | Machine fingerprint Account ID | UAV flight data ISR/EO‑IR streams |
| PHOENIX IA Assistant | User text query | Telemetry / auto‑uploaded logs Images/videos |
Compliant architecture: clear boundaries, labeled data flows, defined security domains.
Interactive pre-flight and post-flight checklists. Sensors, motors, radio links validation. Compliance report generation.
EO/IR stream management: real-time display, AES-256 encrypted recording, object marking, flight data overlay.
Leaflet offline mapping, drone position, waypoints, no-fly zones, OpenSky air traffic integration.
Real-time telemetry: altitude, speed, attitude, battery. Dynamic graphs, configurable alerts.
Post-flight ArduPilot log analysis (.bin/.log). Anomaly detection, maintenance export.
Multi-source chatbot: HuggingFace, DuckDuckGo, weather, geolocation, OpenSky. Answers technical questions.
Multi-layer security architecture for critical systems
W.I.S.D.O.M adopts a security by design approach where trust is established progressively through complementary layers. Each mechanism reinforces the previous one to create a robust barrier against unauthorized access, misuse, and data leakage. This architecture ensures that no single point of failure can compromise the entire system.
Access restricted to registered and authorized operators. Multi-factor authentication combining password, biometrics (face/fingerprint), and administrative verification for sensitive operations.
Ensure only authorized operators can access the system
Pilot ID, password, face/fingerprint, admin verification
Prevents unauthorized access and identity theft
Automatic session locking after inactivity, screen overlay blocking, and cleanup of sensitive UI data. Prevents unauthorized access on unattended workstations.
Prevent session hijacking and unattended access
Idle timeout, lock overlay, UI cleanup
Eliminates abandoned session exposure
Sensitive operations require explicit authorization. Strong password policies, secure reset flows, and controlled access to critical components (camera, biometric workers, system resources).
Ensure operations require proper authorization
Admin approval, password policy, camera lock
Prevents unauthorized configuration changes
Sensitive data segregated into protected stores: authentication database, biometric templates, user profiles, and logs. Encryption at rest and in transit. Signed license artifacts with machine fingerprint verification.
Protect sensitive data from unauthorized access
Encrypted storage, signed licenses, secure key storage
Prevents credential theft and data compromise
Network isolation with configurable offline mode. Socket blocking, request interception, and WebEngine controls ensure data remains local. Prevents unauthorized data exfiltration.
Prevent unauthorized data exfiltration
Hard blocker, socket override, URL filtering
Eliminates accidental or malicious data leakage
Comprehensive logging of system events, user actions, and exceptions. Complete audit trail for incident investigation, maintenance tracking, and compliance evidence.
Provide forensic evidence for investigations
Full logging, audit trail, exception tracking
Enables detection, investigation, and compliance
W.I.S.D.O.M implements a true defense in depth strategy. Rather than relying on any single protection mechanism, trust is established progressively through identity verification, session controls, application safeguards, data encryption, network isolation, and comprehensive auditability. This multi-layered approach ensures resilience against a wide range of threats and operational scenarios.
Comprehensive compliance with all applicable laws and regulations
Remotely Piloted Aircraft Systems operations, operator certification, airworthiness
End-user certificates, security clearance, non-transferability guarantees
Data localization, sovereign data, government cloud requirements
Frequency allocation, type approval, encryption standards
Data protection, biometric security, consent management
Security audits, incident response, source code verification
| Ref | Agency | Regulatory Requirement | W.I.S.D.O.M / PHOENIX Implementation | Status | Evidence / Proof | Target |
|---|---|---|---|---|---|---|
| ✈️ NCAA - Nigeria Civil Aviation Authority (Nig.CARs 2023 Part 21) | ||||||
| NCAA-01 | NCAA | Operator certification (ROC) for Specific Category (25-150kg) | ROC application in progress, documentation submitted to NCAA | ⏳ In progress | 📎 | Q2 2026 |
| NCAA-02 | NCAA | Aircraft registration (mandatory >250g) | PHOENIX registered with NCAA, registration number pending | ✅ Compliant | 📎 | Completed |
| NCAA-03 | NCAA | Pilot licensing and training requirements | Pilot ID system, certified training program for operators | ✅ Compliant | 📎 | Completed |
| NCAA-04 | NCAA | Operational safety manual & procedures | Flight Line Tester checklists, pre/post flight procedures | ✅ Compliant | 📎 | Completed |
| 🛡️ ONSA - Office of the National Security Adviser (EUC Regime) | ||||||
| ONSA-01 | ONSA | End-User Certificate (EUC) via ECIMS system | EUC obtained, registered in ECIMS, clearance verified | ✅ Compliant | 📎 | Completed |
| ONSA-02 | ONSA | Personnel security clearance (DSS vetting) | All operators vetted, biometric authentication required | ✅ Compliant | 📎 | Completed |
| ONSA-03 | ONSA | Non-transferability & end-use monitoring | Machine fingerprint binding (lines 1130-1162), hardware locking | ✅ Compliant | 📎 | Completed |
| 💾 NITDA - National Information Technology Development Agency (Cloud Policy 2024) | ||||||
| NITDA-01 | NITDA | Data localization - all sovereign data stored in Nigeria | Offline-first architecture, local GCS, no external sync (lines 260-280) | ✅ Compliant | 📎 | Completed |
| NITDA-02 | NITDA | Cloud infrastructure certification | Private cloud deployment, Nigerian data centers only | ⏳ In progress | 📎 | Q3 2026 |
| NITDA-03 | NITDA | Data Protection Officer (DPO) appointment | DPO nominated, registered with NDPC | ✅ Compliant | 📎 | Completed |
| NITDA-04 | NITDA | Annual data protection audit | Audit trail implemented, logs maintained (lines 1450-1480) | ✅ Compliant | 📎 | Completed |
| 📡 NCC - Nigerian Communications Commission (6GHz Guidelines 2025) | ||||||
| NCC-01 | NCC | Type approval for radio equipment | Application submitted, testing in progress | ⏳ In progress | 📎 | Q3 2026 |
| NCC-02 | NCC | Frequency allocation (2.4GHz, 5.8GHz, 6GHz) | Spectrum licenses obtained, bands configured | ✅ Compliant | 📎 | Completed |
| NCC-03 | NCC | Encryption standards (AES-256 mandatory) | AES-256 for all communications, FHSS >75 frequencies | ✅ Compliant | 📎 | Completed |
| 🔐 NDPA - Nigeria Data Protection Act 2023 | ||||||
| NDPA-01 | NDPA | Lawful processing of personal data | Consent management, privacy policy implemented | ✅ Compliant | 📎 | Completed |
| NDPA-02 | NDPA | Data security (encryption at rest and in transit) | AES-256, DPAPI biometric protection (lines 520-580) | ✅ Compliant | 📎 | Completed |
| NDPA-03 | NDPA | Data Subject Access Requests (DSAR) | DSAR procedure documented, response within 30 days | 🔧 Ready | 📎 | Q2 2026 |
| ⚡ NCCC - National Cybersecurity Coordination Centre (Cybercrime Act 2024) | ||||||
| NCCC-01 | NCCC | Secure boot / Firmware integrity |
RSA-2048 signature verification (lines 1014-1090) Machine fingerprint binding (lines 1130-1162) Anti-tamper snapshots (lines 1174-1198) |
✅ Compliant | 📎 | Completed |
| NCCC-02 | NCCC | Incident notification (<72h to ngCERT) | Audit module, automatic alerts, logging system | ✅ Compliant | 📎 | Completed |
| NCCC-03 | NCCC | Source code audit & vulnerability assessment | Code available for audit, penetration testing scheduled | ⏳ In progress | 📎 | Q3 2026 |
LICENSE_PUBLIC_KEY_PEM = b"""-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAtzunYGxz5qgqFTg8iW
...
-----END PUBLIC KEY-----"""
def machine_fingerprint():
if sys.platform == "darwin": ...
elif os.name == "nt": ...
else: ...
def _save_last_license_snapshot(info: dict):
# Snapshot for tamper detection
class NetworkHardBlocker:
def install_hard_blocker(self):
# Blocks all unauthorized outbound traffic
Compliance Declaration: W.I.S.D.O.M / PHOENIX Flight Line Tester complies with all applicable Nigerian regulations for Specific Category UAV systems (70kg). The implementation includes cryptographic verification (RSA-2048), machine fingerprint binding, AES-256 encryption, local data sovereignty, and complete audit trails. All evidence is available for inspection by NCAA, ONSA, NITDA, NCC, NDPC, and NCCC upon request. This matrix is maintained as a living document throughout the certification lifecycle.
Each major module is version-controlled and cryptographically signed. Click to inspect code:
Main launcher, license, offline mode
Main window, idle timer, UI
Exclusive avionics link governance
HuggingFace, DuckDuckGo, weather
Offline network blocking
Offline Leaflet mapping