Cyber Security Assessment of the Robot Operating System 2 for Aerial Networks

Best Student Paper, 2nd PlaceThe article of record as published may be found at https://doi.org/10.1109/SYSCON.2019.88368242019 IEEE International Systems Communications Conference (SYSCON)The Robot Operating System (ROS) is a widely adopted standard robotic middleware. However, its preliminary design is devoid of any network security features. Military grade unmanned systems must be guarded against network threats. ROS 2 is built upon the Data Distribution Service (DDS) standard and is designed to provide solutions to identified ROS 1 security vulnerabilities by incorporating authentication, encryption, and process profile features, which rely on public key infrastructure. The Department of Defense is looking to use ROS 2 for its military-centric robotics platform. This paper seeks to demonstrate that ROS 2 and its DDS security architecture can serve as a functional platform for use in military grade unmanned systems, particularly in unmanned Naval aerial swarms. In this paper, we focus on the viability of ROS 2 to safeguard communications between swarms and a ground control station (GCS). We test ROS 2’s ability to mitigate and withstand certain cyber threats, specifically that of rogue nodes injecting unauthorized data and accessing services that will disable parts of the UAV swarm. We use the Gazebo robotics simulator to target individual UAVs to ascertain the effectiveness of our attack vectors under specific conditions. We demonstrate the effectiveness of ROS 2 in mitigating the chosen attack vectors but observed a measurable operational delay within our simulations.This work was funded and sponsored by the Office of Naval Research via the Consortium for Robotics and Unmanned Systems Education and Research (CRUSER) at NPS

Computer Modeling of Personal Autonomy and Legal Equilibrium

Empirical studies of personal autonomy as state and status of individual freedom, security, and capacity to control own life, particularly by independent legal reasoning, are need dependable models and methods of precise computation. Three simple models of personal autonomy are proposed. The linear model of personal autonomy displays a relation between freedom as an amount of agent's action and responsibility as an amount of legal reaction and shows legal equilibrium, the balance of rights and duties needed for sustainable development of any community. The model algorithm of judge personal autonomy shows that judicial decision making can be partly automated, like other human jobs. Model machine learning of autonomous lawyer robot under operating system constitution illustrates the idea of robot rights. Robots, i.e. material and virtual mechanisms serving the people, deserve some legal guarantees of their rights such as robot rights to exist, proper function and be protected by the law. Robots, actually, are protected as any human property by the wide scope of laws, starting with Article 17 of Universal Declaration of Human Rights, but the current level of human trust in autonomous devices and their role in contemporary society needs stronger legislation to guarantee the robot rights.Comment: 8 pages, 6 figures, presented at Computer Science On-line Conference 201

Security Assessment for Zenbo Robot Using Drozer and mobSF Frameworks

These days, almost everyone has been entirely relying on mobile devices and mobile related applications running on Android Operating Systems, the most used Mobile Operating System in the world with the largest market share. These Mobile devices and applications can become an information goldmine for hackers and are considered one of the significant concerns mobile users face who stand a chance of being victimized during data breach from hackers due to lapse in information security and controls. Such challenge can be put to bare through systematic digital forensic analysis through penetration testing for a humanoid robot like Zenbo, which run Android OS and related application, to help identify associated security vulnerabilities and develop controls required to improve security using popular penetration testing tools such as Drozer, Mobile Application Security framework (mobSF), and AndroBugs with the help of Santoku Linux distribution

Real-time attack detection on robot cameras: A self-driving car application

International audienceThe Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car

FogROS2-SGC: A ROS2 Cloud Robotics Platform for Secure Global Connectivity

The Robot Operating System (ROS2) is the most widely used software platform for building robotics applications. FogROS2 extends ROS2 to allow robots to access cloud computing on demand. However, ROS2 and FogROS2 assume that all robots are locally connected and that each robot has full access and control of the other robots. With applications like distributed multi-robot systems, remote robot control, and mobile robots, robotics increasingly involves the global Internet and complex trust management. Existing approaches for connecting disjoint ROS2 networks lack key features such as security, compatibility, efficiency, and ease of use. We introduce FogROS2-SGC, an extension of FogROS2 that can effectively connect robot systems across different physical locations, networks, and Data Distribution Services (DDS). With globally unique and location-independent identifiers, FogROS2-SGC securely and efficiently routes data between robotics components around the globe. FogROS2-SGC is agnostic to the ROS2 distribution and configuration, is compatible with non-ROS2 software, and seamlessly extends existing ROS2 applications without any code modification. Experiments suggest FogROS2-SGC is 19x faster than rosbridge (a ROS2 package with comparable features, but lacking security). We also apply FogROS2-SGC to 4 robots and compute nodes that are 3600km apart. Videos and code are available on the project website https://sites.google.com/view/fogros2-sgc.Comment: 9 pages, 8 figure