Drone delivery is one of the more mechanically complex LLD problems: you have a physical object moving through three-dimensional space, interacting with weather, airspace regulation, and a customer who needs to receive a package safely. Let’s walk through a complete low-level design.
Drone Schema
Each drone is a row in the drones table:
drone_id UUID PRIMARY KEY
model VARCHAR(64)
max_payload_kg DECIMAL(5,2)
battery_pct SMALLINT -- 0-100
status ENUM('idle','loading','in_flight','returning','maintenance')
location_lat DECIMAL(9,6)
location_lng DECIMAL(9,6)
altitude_m SMALLINT
last_heartbeat TIMESTAMP
battery_pct is updated every few seconds over the telemetry channel. status drives the state machine described below.
Delivery Order Assignment
When an order is placed, the dispatcher service selects the nearest available drone that has sufficient battery for the round trip. The formula for minimum required battery is estimated from distance (haversine from drone to pickup plus pickup to delivery plus delivery back to base) divided by the drone’s rated range per charge, multiplied by a 1.3 safety margin for headwind. Any drone below this threshold is skipped. The selected drone is locked with an optimistic update on status = 'idle' to prevent double-assignment.
Flight Path Planning
The airspace is modeled as a 3D grid. Each cell has a cost derived from: base distance, whether the cell is inside a no-fly zone (regulatory or temporary), proximity to buildings (loaded from a GIS layer), and active weather warnings. Path planning runs A* on this grid. The heuristic is straight-line distance to destination. No-fly cells are given infinite cost rather than removed from the graph, which simplifies dynamic updates when a zone boundary changes mid-flight.
Airspace Management
To prevent collisions between drones in the same fleet, the airspace controller assigns altitude corridors per delivery zone. Drones traveling north-to-south fly at 80m; east-to-west fly at 100m. Each drone broadcasts its position every 500ms. A central conflict-detection service checks all pairs within 200m of each other and issues a hold or reroute command if separation falls below 50m laterally and 10m vertically.
Drone State Machine
The lifecycle of a single delivery:
- idle — drone is at base, charged, waiting for assignment
- loading — package is being attached; weight sensor confirms payload
- in_flight_to_pickup — used when drone is dispatched from a hub rather than from a warehouse
- at_pickup — drone is hovering over pickup point, awaiting package confirmation
- in_flight_to_delivery — en route to customer
- hovering — over delivery location, initiating descent or winch sequence
- delivery_complete — package released, OTP verified
- returning — flying back to base
State transitions are persisted to the drone_events table for audit and replay.
Weather Integration
A weather service polls NOAA and third-party APIs every 5 minutes and writes go/no-go flags per grid sector. Before dispatch and at each waypoint, the flight computer checks: wind speed below 10 m/s, precipitation intensity below light rain (2mm/hr), and visibility above 800m. If any threshold is breached mid-flight, the drone is commanded to the nearest safe landing zone.
Package Handoff
The drone descends to 2m above the landing target using GPS-guided control. For residential delivery, a winch lowers the package. The customer receives a one-time PIN via SMS; the drone’s onboard computer accepts the PIN over Bluetooth LE before releasing the package lock. If no confirmation is received within 90 seconds, the drone ascends and the order is flagged for reattempt or redirect to a pickup locker.
Failsafe Protocols
Three conditions trigger an automatic return-to-base: battery drops below the calculated minimum for safe return, telemetry link is lost for more than 10 seconds, or the drone exits its authorized geofence. On geofence breach, the drone also logs the incident and notifies the operations center. A hardware watchdog on the flight controller will force a controlled landing if the main onboard computer crashes.
Regulatory Compliance
Operations under FAA Part 107 require visual line-of-sight by default. Beyond Visual Line of Sight (BVLOS) operations require a waiver and mandate: remote ID broadcasting (drone_id + position + altitude at 1Hz over 900MHz), operational contingency planning documented per flight corridor, and coordination with local air traffic control for flights near controlled airspace. The system stores the active waiver ID on each flight record for audit.
Frequently Asked Questions
Q: How does A* path planning with obstacle avoidance work in a drone delivery system?
A: A* is a best-first search algorithm that evaluates nodes using f(n) = g(n) + h(n), where g(n) is the cost from the start and h(n) is a heuristic estimate to the goal. For drone delivery, the graph is a 3-D grid of waypoints. Obstacles — buildings, no-fly zones, weather cells — are represented as blocked nodes. At each expansion step the algorithm skips blocked nodes and recalculates the open set. An admissible heuristic such as Euclidean distance in 3-D space guarantees an optimal path. Dynamic re-planning (D* Lite) is layered on top so the drone can reroute mid-flight when a new obstacle appears in sensor range.
Q: What are the eight states in a drone delivery state machine?
A: A canonical drone delivery state machine contains: (1) IDLE — drone is docked and awaiting assignment; (2) LOADING — package is being attached and pre-flight checks run; (3) TAKEOFF — drone ascends to cruise altitude; (4) EN_ROUTE — navigating to delivery waypoint; (5) DESCENDING — final approach to drop zone; (6) DELIVERING — package release and confirmation; (7) RETURNING — flying back to depot; and (8) EMERGENCY_LAND — triggered by low battery, sensor failure, or airspace violation. Transitions between states are event-driven and persisted so a dispatcher can reconstruct drone state after a crash-restart.
Q: How does FAA LAANC airspace authorization integrate into a drone delivery design?
A: LAANC (Low Altitude Authorization and Notification Capability) provides near-real-time airspace authorization for drones flying below 400 ft in controlled airspace. In a system design the flight-planning service calls the FAA UAS Data Exchange API before every mission. The request includes the planned polygon, altitude ceiling, and time window. LAANC returns an approval or a modified ceiling. The mission planner clips the route to the approved altitude and stores the authorization token with the flight record for audit. If LAANC is unavailable the system falls back to a pre-approved waiver database or queues the mission until authorization is obtained.
Q: How do you manage battery and range constraints in a drone fleet?
A: Battery state-of-charge (SoC) is modeled as a first-class attribute of each drone entity. The dispatcher solves a variant of the Vehicle Routing Problem with Energy Constraints (VRPEC): it only assigns missions where the round-trip distance plus a safety buffer (typically 20%) is within the drone’s current range. Range is computed from SoC, wind speed/direction from weather APIs, and payload weight. When SoC drops below a configurable threshold mid-flight the drone is commanded to the nearest charging depot rather than completing delivery. Charging slots at depots are reserved atomically to avoid conflicts across the fleet.
Q: How does a drone fleet dispatcher algorithm work at scale?
A: The dispatcher runs as a centralized service backed by a priority queue of pending deliveries and a real-time index of available drones (keyed by geohash). On each scheduling tick it solves an assignment problem — typically Hungarian algorithm or auction-based matching — minimizing total flight time while respecting battery, payload, and airspace constraints. At large scale (thousands of drones) the problem is decomposed geographically: a region partitioner splits the service area into cells, each handled by a local dispatcher, with a global coordinator managing cross-cell handoffs. Assignments are published to drones via a message broker (e.g., Kafka) and acknowledged to ensure at-least-once delivery of dispatch commands.
See also: Scale AI Interview Guide 2026: Data Infrastructure, RLHF Pipelines, and ML Engineering
See also: Uber Interview Guide 2026: Dispatch Systems, Geospatial Algorithms, and Marketplace Engineering