A SURVEY OF SECURITY IN ROBOTIC SYSTEMS: VULNERABILITIES, ATTACKS, AND SOLUTIONS

Christopher Archibald, Luke Schwalm, and John E. Ball

References

  1. [1] T. Denning, C. Matuszek, K. Koscher, J.R. Smith, and T. Kohno, A spotlight on security and privacy risks with future household robots: Attacks and lessons, Proc. 11th Intl. Conf. on Ubiquitous Computing, ACM, Orlando, Florida, USA, 2009, 105–114.
  2. [2] C. Armbrust, S.A. Mehdi, M. Reichardt, J. Koch, and K. Berns, Using an autonomous robot to maintain privacy in assistive environments, Security and Communication Networks, 4(11), 2011, 1275–1293.
  3. [3] iRobot roomba vacuum cleaning robot, http://www.irobot. com/For-the-Home/Vacuum-Cleaning/Roomba.aspx (accessed Jun. 30, 2015).
  4. [4] General atomics aeronautical – Predator B UAS, http://www. ga-asi.com/predator-b (accessed Jun. 30, 2015).
  5. [5] Draganfly guardian, http://www.draganfly.com/uav-helicopter/ draganflyer-guardian/ (accessed Jun. 30, 2015).
  6. [6] F. Higgins, A. Tomlinson, and K.M. Martin, Survey on security challenges for swarm robotics, Autonomic and Autonomous Systems, 2009. ICAS’09, Fifth Intl. Conf. on, IEEE, Valencia, Spain, 2009, 307–312.
  7. [7] A.M. Wyglinski, X. Huang, T. Padir, L. Lai, T.R. Eisenbarth, and K. Venkatasubramanian, Security of autonomous systems employing embedded computing and sensors, Micro, IEEE, 33(1), 2013, 80–86.
  8. [8] K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al., Experimental security analysis of a modern automobile, Security and Privacy (SP), 2010 IEEE Symposium on, IEEE, Oakland, California, USA, 2010, 447–462.
  9. [9] A. Wyglinski, X. Huang, T. Padir, L. Lai, T. Eisenbarth, and K. Venkatasubramanian, “Security of autonomous systems employing embedded computing and sensors, Micro, IEEE, 33, 2013, 80–86.
  10. [10] F. Higgins, A. Tomlinson, and K.M. Martin, Threats to the swarm: security considerations for swarm robotics, International Journal on Advances in Security, 2(2–3), 2009, 288–297.
  11. [11] S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, et al., Comprehensive experimental analyses of automotive attack surfaces, USENIX Security Symposium, San Francisco, 2011.
  12. [12] E. Ya˘gdereli, C. Gemci, and A.Z. Akta¸s, A study on cybersecurity of autonomous and unmanned vehicles, The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology, 12(4), 2015, 369–381.
  13. [13] A. Francillon, B. Danev, and S. Capkun, Relay attacks on passive keyless entry and start systems in modern cars, Network and Distributed System Symposium (NDSS), San Diego, California, USA, 2011.
  14. [14] T. Denning, T. Kohno, and H.M. Levy, Computer security and the modern home, Communications of the ACM, 56(1), 2013, 94–103.
  15. [15] N. Bezzo, J. Weimer, M. Pajic, O. Sokolsky, G. J. Pappas, and I. Lee, Attack resilient state estimation for autonomous robotic systems, Intelligent Robots and Systems (IROS 2014), 2014 IEEE/RSJ Intl. Conf. on, IEEE, Chicago, Illinois, USA, 2014, 3692–3698.
  16. [16] Todd humphreys’ research team demonstrates first successful GPS spoofing of uav, http://www.ae.utexas.edu/news/features/ todd-humphreys-research-team-demonstrates-first-successfulgps-spoofing-of-uav (accessed Jul. 01, 2015).
  17. [17] S. Peterson and P. Faramarzi, Exclusive: Iran hijacked us drone, says iranian engineer, http://www.csmonitor.com/World/ Middle-East/2011/1215/Exclusive-Iran-hijacked-US-drone-saysIranian-engineer-Video (accessed Jul. 08, 2015).
  18. [18] Humphreys research group successfully spoofs an $80 million yacht at sea, http://www.ae.utexas.edu/news/features/ humphreys-research-group (accessed Jul. 01, 2015).
  19. [19] Y. Shoukry, P. Martin, P. Tabuada, and M. Srivastava, Noninvasive spoofing attacks for anti-lock braking systems, Cryptographic Hardware and Embedded Systems-CHES 2013, Santa Barbara, California, USA, Springer, 2013, 55–72.
  20. [20] K.D. Akdemir, D. Karakoyunlu, T. Padir, and B. Sunar, Trusted Systems: Second Intl. Conf., INTRUST 2010, Beijing, China, December 13–15, 2010, Revised Selected Papers, ch. An Emerging Threat: Eve Meets a Robot, 271–289. (Berlin, Heidelberg: Springer Berlin Heidelberg, 2011).
  21. [21] R. Ishtiaq, R. Miller, H. Mustafa, T. Taylor, S. Oh, W. Xu, M. Gruteser, W. Trappe, and I. Seskar, Security and privacy 155 vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study, 19th USENIX Security Symposium, Washington DC, Washington DC, USA, 2010, 11–13.
  22. [22] S. Yong, D. Lindskog, R. Ruhl, and P. Zavarsky, Risk mitigation strategies for mobile wi-fi robot toys from online pedophiles, Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE 3rd Intl. Conf. on Social Computing (SocialCom), 2011 IEEE Third International Conference on, IEEE, Boston, Massachusetts, USA, 2011, 1220–1223.
  23. [23] P. Kleberger, T. Olovsson, and E. Jonsson, Security aspects of the in-vehicle network in the connected car, Intelligent Vehicles Symposium (IV), 2011 IEEE, IEEE, Baden-Baden, Germany, 2011, 528–533.
  24. [24] J. Billig, Y. Danilchenko, and C.E. Frank, Evaluation of google hacking, Proc. 5th Annual Conf. on Information Security Curriculum Development, InfoSecCD ’08, New York, NY, USA, ACM, 2008, 27–32.
  25. [25] T. Bonaci and H.J. Chizeck, On potential security threats against rescue robotic systems, Safety, Security, and Rescue Robotics (SSRR), 2012 IEEE International Symposium on, IEEE, College Station, Texas, USA, 2012, 1–2.
  26. [26] J. McClean, C. Stull, C. Farrar, and D. Mascareñas, A preliminary cyber-physical security assessment of the robot operating system (ros), SPIE Defense, Security, and Sensing, Baltimore, Maryland, USA, 2013, 874110–874110.
  27. [27] T. Bonaci, J. Yan, J. Herron, T. Kohno, and H.J. Chizeck, Experimental analysis of denial-of-service attacks on teleoperated robotic systems, Proc. ACM/IEEE Sixth Intl. Conf. on Cyber-Physical Systems, ACM, Seattle, Washington, USA, 2015, 11–20.
  28. [28] T. Vuong, A. Filippoupolitis, G. Loukas, and D. Gan, Physical indicators of cyber attacks against a rescue robot, Pervasive Computing and Communications Workshops (PERCOM Workshops), 2014 IEEE Intl. Conf. on, IEEE, Budapest, Hungary, 2014, 338–343.
  29. [29] J. Borenstein and K. Miller, Robots and the internet: Causes for concern, Technology and Society Magazine, IEEE, 32(1), 2013, 60–65.
  30. [30] K. Caine, S. Sabanovic, and M. Carter, The effect of monitoring by cameras and robots on the privacy enhancing behaviors of older adults, Human-Robot Interaction (HRI), 2012 7th ACM/IEEE Intl. Conf. on, Boston, Massachusetts, USA, 2012, 343–350.
  31. [31] M.K. Lee, K. Tang, J. Forlizzi, and S. Kiesler, Understanding users! perception of privacy in human-robot interaction, Human-Robot Interaction (HRI), 2011 6th ACM/IEEE Intl. Conf. on, Lausanne, Switzerland, 2011, 181–182.
  32. [32] Iran–u.s. rq-170 incident. https://en.wikipedia.org/wiki/Iran (accessed Jul. 08, 2015).
  33. [33] A. Wright, Hacking cars, Communications of the ACM, 54(11), 2011, 18–19.
  34. [34] S. Gorman, Y.J. Dreazen, and A. Cole, Insurgents hack US drones, http://online.wsj.com/articles/SB126102247889095011 (accessed Jun. 30, 2015).
  35. [35] Z. Guo, D. Zeckzer, P. Liggesmeyer, and O. Maeckel, Identification of security-safety requirements for the outdoor robot ravon using safety analysis techniques, Software Engineering Advances (ICSEA), 2010 Fifth Intl. Conf. on, Nice, France, 2010, 508–513.
  36. [36] T. Okubo, N. Yoshioka, and H. Kaiya, Security driven requirements refinement and exploration of architecture with multiple NFR points of view, High-Assurance Systems Engineering (HASE), 2014 IEEE 15th International Symposium on, Miami, Florida, USA, 2014, 201–205.
  37. [37] M. Finnicum and S.T. King, Building secure robot applications, Proceedings of the 6th USENIX Conference on Hot Topics in Security (HotSec), San Francisco, California, USA, 2011, 1–1.
  38. [38] B. Berg, Data protection on the move: Current developments in ICT and privacy/data protection, Mind the air gap, 1–24. (Dordrecht: Springer Netherlands, 2016).
  39. [39] T. Kohno and B.D. Johnson, Science fiction prototyping and security education: Cultivating contextual and societal thinking in computer security education and beyond, Proc. 42nd ACM Technical Symposium on Computer Science Education, SIGCSE ’11, New York, NY, USA, ACM, 2011, 9–14.
  40. [40] M.R. Calo, Peeping hals, Artificial Intelligence, 175 (5–6), 2011, 940–941, 2011. Special Review Issue.
  41. [41] D.K. Nilsson and U.E. Larson, Secure firmware updates over the air in intelligent vehicles, Communications Workshops, 2008. ICC Workshops’ 08. IEEE Intl. Conf. on, IEEE, Beijing, China, 2008, 380–384.
  42. [42] M. Roesch, et al., Snort: Lightweight intrusion detection for networks, LISA, 99, 1999, 229–238.
  43. [43] M. L. Psiaki, B.W. O’Hanlon, J. Bhatti, D.P. Shepard, T.E. Humphreys, et al., GPS spoofing detection via dual-receiver correlation of military signals, Aerospace and Electronic Systems, IEEE Transactions on, 49(4), 2013, 2250–2267.
  44. [44] F. Dovis, X. Chen, A. Cavaleri, K. Ali, and M. Pini, Detection of spoofing threats by means of signal parameters estimation, Proc. 24th Intl. Technical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2011), 2001, 416–421.
  45. [45] M. Pini, M. Fantino, A. Cavaleri, S. Ugazio, and L.L. Presti, Signal quality monitoring applied to spoofing detection, Proc. 24th Intl. Technical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS 2011), Salt Lake City, Utah, USA, 2001, 1888–1896.
  46. [46] D.K. Nilsson and U.E. Larson, Conducting forensic investigations of cyber attacks on automobile in-vehicle networks, Proc. 1st Intl. Conf. on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop, ICST (Institute for Computer Sciences, SocialInformatics and Telecommunications Engineering), Adelaide, Australia, 2008, 8.
  47. [47] S. Jana, A. Narayanan, and V. Shmatikov, A scanner darkly: Protecting user privacy from perceptual applications, Security and Privacy (SP), 2013 IEEE Symposium on, IEEE, San Francisco, California, USA, 2013, 349–363.
  48. [48] N. Raval, L. Cox, A. Srivastava, A. Machanavajjhala, and K. Lebeck, Markit: Privacy markers for protecting visual secrets, Proc. 2014 ACM Intl. Joint Conf. on Pervasive and Ubiquitous Computing: Adjunct Publication, ACM, Seattle, Washington, USA, 2014, 448–455.
  49. [49] A. Kannammal and S.S. Rani, Authentication and encryption for medical image security system, International Journal of Robotics and Automation, 29(4), 2014, 448–455.
  50. [50] G.S. Lee and B. Thuraisingham, Cyberphysical systems security applied to telesurgical robotics, Computer Standards & Interfaces, 34(1), 2012, 225–229.
  51. [51] A.P. Otero, R. Suárez, J.M.R. Varas, M. Suárez, M.P.A.G. Fuente, R. Fernández, M.R. Fernández, and I.G. Alonso, Integration of digital home, smart appliances and service robots using dhcompliant 2.0, International Journal of Robotics and Automation, 30(4), 2015.
  52. [52] W.K. Edwards and R.E. Grinter, At home with ubiquitous computing: Seven challenges, Ubicomp 2001: Ubiquitous Computing, (Atlanta, Georgia, USA: Springer, 2001), 256–272.

Important Links:

Go Back