A SURVEY OF SECURITY IN ROBOTIC SYSTEMS: VULNERABILITIES, ATTACKS, AND SOLUTIONS

Christopher Archibald, Luke Schwalm, and John E. Ball

References

  1. [1] T. Denning, C. Matuszek, K. Koscher, J.R. Smith, andT. Kohno, A spotlight on security and privacy risks with futurehousehold robots: Attacks and lessons, Proc. 11th Intl. Conf.on Ubiquitous Computing, ACM, Orlando, Florida, USA, 2009,105–114.
  2. [2] C. Armbrust, S.A. Mehdi, M. Reichardt, J. Koch, and K. Berns,Using an autonomous robot to maintain privacy in assistiveenvironments, Security and Communication Networks, 4(11),2011, 1275–1293.
  3. [3] iRobot roomba vacuum cleaning robot, http://www.irobot.com/For-the-Home/Vacuum-Cleaning/Roomba.aspx (accessedJun. 30, 2015).
  4. [4] General atomics aeronautical – Predator B UAS, http://www.ga-asi.com/predator-b (accessed Jun. 30, 2015).
  5. [5] Draganfly guardian, http://www.draganfly.com/uav-helicopter/draganflyer-guardian/ (accessed Jun. 30, 2015).
  6. [6] F. Higgins, A. Tomlinson, and K.M. Martin, Survey on securitychallenges for swarm robotics, Autonomic and AutonomousSystems, 2009. ICAS’09, Fifth Intl. Conf. on, IEEE, Valencia,Spain, 2009, 307–312.
  7. [7] A.M. Wyglinski, X. Huang, T. Padir, L. Lai, T.R. Eisenbarth,and K. Venkatasubramanian, Security of autonomous systemsemploying embedded computing and sensors, Micro, IEEE,33(1), 2013, 80–86.
  8. [8] K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno,S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham,et al., Experimental security analysis of a modern automobile,Security and Privacy (SP), 2010 IEEE Symposium on, IEEE,Oakland, California, USA, 2010, 447–462.
  9. [9] A. Wyglinski, X. Huang, T. Padir, L. Lai, T. Eisenbarth,and K. Venkatasubramanian, “Security of autonomous systemsemploying embedded computing and sensors, Micro, IEEE,33, 2013, 80–86.
  10. [10] F. Higgins, A. Tomlinson, and K.M. Martin, Threats to theswarm: security considerations for swarm robotics, Interna-tional Journal on Advances in Security, 2(2–3), 2009, 288–297.
  11. [11] S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham,S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno,et al., Comprehensive experimental analyses of automotiveattack surfaces, USENIX Security Symposium, San Francisco,2011.
  12. [12] E. Ya˘gdereli, C. Gemci, and A.Z. Akta¸s, A study on cyber-security of autonomous and unmanned vehicles, The Journal ofDefense Modeling and Simulation: Applications, Methodology,Technology, 12(4), 2015, 369–381.
  13. [13] A. Francillon, B. Danev, and S. Capkun, Relay attacks onpassive keyless entry and start systems in modern cars, Net-work and Distributed System Symposium (NDSS), San Diego,California, USA, 2011.
  14. [14] T. Denning, T. Kohno, and H.M. Levy, Computer securityand the modern home, Communications of the ACM, 56(1),2013, 94–103.
  15. [15] N. Bezzo, J. Weimer, M. Pajic, O. Sokolsky, G. J. Pappas,and I. Lee, Attack resilient state estimation for autonomousrobotic systems, Intelligent Robots and Systems (IROS 2014),2014 IEEE/RSJ Intl. Conf. on, IEEE, Chicago, Illinois, USA,2014, 3692–3698.
  16. [16] Todd humphreys’ research team demonstrates first successfulGPS spoofing of uav, http://www.ae.utexas.edu/news/features/todd-humphreys-research-team-demonstrates-first-successful-gps-spoofing-of-uav (accessed Jul. 01, 2015).
  17. [17] S. Peterson and P. Faramarzi, Exclusive: Iran hijacked us drone,says iranian engineer, http://www.csmonitor.com/World/Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-says-Iranian-engineer-Video (accessed Jul. 08, 2015).
  18. [18] Humphreys research group successfully spoofs an $80 mil-lion yacht at sea, http://www.ae.utexas.edu/news/features/humphreys-research-group (accessed Jul. 01, 2015).
  19. [19] Y. Shoukry, P. Martin, P. Tabuada, and M. Srivastava, Non-invasive spoofing attacks for anti-lock braking systems, Cryp-tographic Hardware and Embedded Systems-CHES 2013, SantaBarbara, California, USA, Springer, 2013, 55–72.
  20. [20] K.D. Akdemir, D. Karakoyunlu, T. Padir, and B. Sunar,Trusted Systems: Second Intl. Conf., INTRUST 2010, Beijing,China, December 13–15, 2010, Revised Selected Papers, ch. AnEmerging Threat: Eve Meets a Robot, 271–289. (Berlin,Heidelberg: Springer Berlin Heidelberg, 2011).
  21. [21] R. Ishtiaq, R. Miller, H. Mustafa, T. Taylor, S. Oh, W. Xu,M. Gruteser, W. Trappe, and I. Seskar, Security and privacy155vulnerabilities of in-car wireless networks: A tire pressure mon-itoring system case study, 19th USENIX Security Symposium,Washington DC, Washington DC, USA, 2010, 11–13.
  22. [22] S. Yong, D. Lindskog, R. Ruhl, and P. Zavarsky, Risk miti-gation strategies for mobile wi-fi robot toys from online pe-dophiles, Privacy, Security, Risk and Trust (PASSAT) and2011 IEEE 3rd Intl. Conf. on Social Computing (SocialCom),2011 IEEE Third International Conference on, IEEE, Boston,Massachusetts, USA, 2011, 1220–1223.
  23. [23] P. Kleberger, T. Olovsson, and E. Jonsson, Security aspects ofthe in-vehicle network in the connected car, Intelligent VehiclesSymposium (IV), 2011 IEEE, IEEE, Baden-Baden, Germany,2011, 528–533.
  24. [24] J. Billig, Y. Danilchenko, and C.E. Frank, Evaluation of googlehacking, Proc. 5th Annual Conf. on Information SecurityCurriculum Development, InfoSecCD ’08, New York, NY, USA,ACM, 2008, 27–32.
  25. [25] T. Bonaci and H.J. Chizeck, On potential security threatsagainst rescue robotic systems, Safety, Security, and RescueRobotics (SSRR), 2012 IEEE International Symposium on,IEEE, College Station, Texas, USA, 2012, 1–2.
  26. [26] J. McClean, C. Stull, C. Farrar, and D. Mascare˜nas, Apreliminary cyber-physical security assessment of the robotoperating system (ros), SPIE Defense, Security, and Sensing,Baltimore, Maryland, USA, 2013, 874110–874110.
  27. [27] T. Bonaci, J. Yan, J. Herron, T. Kohno, and H.J. Chizeck,Experimental analysis of denial-of-service attacks on teleop-erated robotic systems, Proc. ACM/IEEE Sixth Intl. Conf.on Cyber-Physical Systems, ACM, Seattle, Washington, USA,2015, 11–20.
  28. [28] T. Vuong, A. Filippoupolitis, G. Loukas, and D. Gan, Physi-cal indicators of cyber attacks against a rescue robot, Perva-sive Computing and Communications Workshops (PERCOMWorkshops), 2014 IEEE Intl. Conf. on, IEEE, Budapest,Hungary, 2014, 338–343.
  29. [29] J. Borenstein and K. Miller, Robots and the internet: Causesfor concern, Technology and Society Magazine, IEEE, 32(1),2013, 60–65.
  30. [30] K. Caine, S. Sabanovic, and M. Carter, The effect of monitoringby cameras and robots on the privacy enhancing behaviorsof older adults, Human-Robot Interaction (HRI), 2012 7thACM/IEEE Intl. Conf. on, Boston, Massachusetts, USA, 2012,343–350.
  31. [31] M.K. Lee, K. Tang, J. Forlizzi, and S. Kiesler, Understand-ing users! perception of privacy in human-robot interaction,Human-Robot Interaction (HRI), 2011 6th ACM/IEEE Intl.Conf. on, Lausanne, Switzerland, 2011, 181–182.
  32. [32] Iran–u.s. rq-170 incident. https://en.wikipedia.org/wiki/Iran(accessed Jul. 08, 2015).
  33. [33] A. Wright, Hacking cars, Communications of the ACM, 54(11),2011, 18–19.
  34. [34] S. Gorman, Y.J. Dreazen, and A. Cole, Insurgents hack USdrones, http://online.wsj.com/articles/SB126102247889095011(accessed Jun. 30, 2015).
  35. [35] Z. Guo, D. Zeckzer, P. Liggesmeyer, and O. Maeckel, Identi-fication of security-safety requirements for the outdoor robotravon using safety analysis techniques, Software EngineeringAdvances (ICSEA), 2010 Fifth Intl. Conf. on, Nice, France,2010, 508–513.
  36. [36] T. Okubo, N. Yoshioka, and H. Kaiya, Security driven re-quirements refinement and exploration of architecture withmultiple NFR points of view, High-Assurance Systems Engi-neering (HASE), 2014 IEEE 15th International Symposiumon, Miami, Florida, USA, 2014, 201–205.
  37. [37] M. Finnicum and S.T. King, Building secure robot applications,Proceedings of the 6th USENIX Conference on Hot Topics inSecurity (HotSec), San Francisco, California, USA, 2011, 1–1.
  38. [38] B. Berg, Data protection on the move: Current developmentsin ICT and privacy/data protection, Mind the air gap, 1–24.(Dordrecht: Springer Netherlands, 2016).
  39. [39] T. Kohno and B.D. Johnson, Science fiction prototyping andsecurity education: Cultivating contextual and societal think-ing in computer security education and beyond, Proc. 42ndACM Technical Symposium on Computer Science Education,SIGCSE ’11, New York, NY, USA, ACM, 2011, 9–14.
  40. [40] M.R. Calo, Peeping hals, Artificial Intelligence, 175 (5–6),2011, 940–941, 2011. Special Review Issue.
  41. [41] D.K. Nilsson and U.E. Larson, Secure firmware updates overthe air in intelligent vehicles, Communications Workshops,2008. ICC Workshops’ 08. IEEE Intl. Conf. on, IEEE, Beijing,China, 2008, 380–384.
  42. [42] M. Roesch, et al., Snort: Lightweight intrusion detection fornetworks, LISA, 99, 1999, 229–238.
  43. [43] M. L. Psiaki, B.W. O’Hanlon, J. Bhatti, D.P. Shepard, T.E.Humphreys, et al., GPS spoofing detection via dual-receivercorrelation of military signals, Aerospace and Electronic Sys-tems, IEEE Transactions on, 49(4), 2013, 2250–2267.
  44. [44] F. Dovis, X. Chen, A. Cavaleri, K. Ali, and M. Pini, Detectionof spoofing threats by means of signal parameters estimation,Proc. 24th Intl. Technical Meeting of the Satellite Division ofthe Institute of Navigation (ION GNSS 2011), 2001, 416–421.
  45. [45] M. Pini, M. Fantino, A. Cavaleri, S. Ugazio, and L.L. Presti,Signal quality monitoring applied to spoofing detection, Proc.24th Intl. Technical Meeting of the Satellite Division of theInstitute of Navigation (ION GNSS 2011), Salt Lake City,Utah, USA, 2001, 1888–1896.
  46. [46] D.K. Nilsson and U.E. Larson, Conducting forensic investi-gations of cyber attacks on automobile in-vehicle networks,Proc. 1st Intl. Conf. on Forensic Applications and Tech-niques in Telecommunications, Information, and Multimediaand Workshop, ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), Adelaide,Australia, 2008, 8.
  47. [47] S. Jana, A. Narayanan, and V. Shmatikov, A scanner darkly:Protecting user privacy from perceptual applications, Securityand Privacy (SP), 2013 IEEE Symposium on, IEEE, SanFrancisco, California, USA, 2013, 349–363.
  48. [48] N. Raval, L. Cox, A. Srivastava, A. Machanavajjhala, andK. Lebeck, Markit: Privacy markers for protecting visualsecrets, Proc. 2014 ACM Intl. Joint Conf. on Pervasive andUbiquitous Computing: Adjunct Publication, ACM, Seattle,Washington, USA, 2014, 448–455.
  49. [49] A. Kannammal and S.S. Rani, Authentication and encryptionfor medical image security system, International Journal ofRobotics and Automation, 29(4), 2014, 448–455.
  50. [50] G.S. Lee and B. Thuraisingham, Cyberphysical systems secu-rity applied to telesurgical robotics, Computer Standards &Interfaces, 34(1), 2012, 225–229.
  51. [51] A.P. Otero, R. Su´arez, J.M.R. Varas, M. Su´arez, M.P.A.G.Fuente, R. Fern´andez, M.R. Fern´andez, and I.G. Alonso,Integration of digital home, smart appliances and service robotsusing dhcompliant 2.0, International Journal of Robotics andAutomation, 30(4), 2015.
  52. [52] W.K. Edwards and R.E. Grinter, At home with ubiquitouscomputing: Seven challenges, Ubicomp 2001: Ubiquitous Com-puting, (Atlanta, Georgia, USA: Springer, 2001), 256–272.

Important Links:

Go Back