This study addresses the significant barriers to security research on low-cost consumer drones, whose firmware is hindered by a lack of public documentation and difficulty in acquisition. Focusing on three Holy Stone drone models, the work proposes a non-invasive fixture-based contact method that avoids chip desoldering and leverages low-cost interfaces—including SPI flash reading, SWD/JTAG debugging, and UART log capture—to establish a three-tier verification framework. This framework integrates sliding-window Shannon entropy analysis, Binwalk structural signatures, and EMBA static analysis to ensure firmware integrity and authenticity. The approach successfully extracted and validated multiple genuine firmware images, revealing outdated library components containing known CVE vulnerabilities and a notable absence of binary hardening. These findings provide a reproducible baseline methodology and reliable data foundation for future firmware re-hosting and systematic security assessments.

Consumer unmanned aerial vehicles (UAVs) have evolved into capable computing platforms, yet their embedded firmware remains largely inaccessible to the security community. Entry-level models, in particular those marketed to first-time and younger operators, commonly ship with limited protection mechanisms and no public documentation of their software internals. This paper presents a systematic study of firmware extraction and validation applied to three Holy Stone consumer drone models: the HS175D, HS720, and HS360S. Rather than pursuing reverse-engineering outcomes, the work focuses on obtaining reliable, ground-truth firmware images across heterogeneous hardware designs using only commercially available, low-cost tooling. Four acquisition methods are evaluated SPI flash in-circuit reading, SWD/JTAG debug-port access, UART boot-message capture, and a clip-based contact approach that avoids chip desoldering and each is assessed for success rate, image completeness, and operational practicality. Post-acquisition quality is evaluated through sliding-window Shannon entropy profiling and structural-signature analysis using binwalk, together forming a three-tier validation framework that distinguishes validated images from those that appear successful at the tool level but contain no meaningful firmware content. Static analysis via the EMBA framework confirms that validated images contain identifiable OS components, aging library stacks with known CVE exposure, and no binary-hardening mechanisms. The resulting corpus and methodology provide a reproducible baseline for firmware rehosting, vulnerability analysis, secure-boot assessment, and embedded-systems education within the consumer UAV domain. Index Terms: consumer UAV, drone firmware, embedded systems security, entropy analysis, firmware extraction, IoT security, SPI flash, SWD/JTAG, UART.