There is no magic bullet for robot security. They are simply devices executing code, which are just as likely to be compromised as any other device in an organisation.
Securing The Robots
Kevin Curran | Ulster University
How secure are today’s robots? Are some types considered more secure than others and if so, why?
Just recently, cybersecurity consultancy IOActive analyzed the mobile applications, operating systems, firmware images and other software used in home, business and industrial robots from multiple vendors including NAO and Pepper, Alpha 1S, Alpha 2, ROBOTIS OP2, THORMANG3, S, UR3, UR5, UR10, Baxter, Sawyer and several robots using the V-Sido robot control technology. They found that most robots had insecure communications, authentication issues, missing authorization schemes, weak cryptography, weak default configurations and were built using vulnerable open source frameworks and libraries.
A robot is only as secure as the operating system on which it resides. One of the most popular robotic middleware systems for robotics research is the Robot Operating System (ROS), which has, unfortunately, been shown to be vulnerable to injection and eavesdropping attacks. This, of course, can result in data loss, monetary damage or even physical injuries in the worst cases. Another example: real world industrial robots, for the most part, run firmware written in C and are specific to the processor types used inside the robot. They rarely use a real-time OS such as Linux. Here then is the difficulty in comparing the security of robots as the differ so much. In fact, one could argue that a robot that performs very limited tasks should be more secure than a more general-purpose robot due to the smaller footprint of code.
What are some of the hazards/risks associated with insecure (in terms of cybersecurity) robot applications?
One of the more famous studies on robot hacking was on a telesurgery robot called Raven II, which was developed at the University of Washington. Raven II has two surgical arms that are manipulated by a surgeon using a state-of-the-art control console that includes video and haptic feedback. The robot communicates with the control console using a standard communications protocol for remote surgery known as the Interoperable Telesurgery Protocol over public networks that are potentially accessible to anyone. Researchers showed how they could change the commands sent by the operator to the robot by deleting, delaying or re-ordering them, causing the robot’s movement to become jerky and difficult to control. They also were able to perform a denial of service attack on the robot. This is just an example highlighting how remote hackers could commandeer robots and get them to perform tasks of a destructive nature.
It is actually their kinetic abilities that make robots frightening. For instance, hacked robots could be used to damage objects and/or hurt people through sudden movements, start fires, unlock doors or deactivate burglar alarms – while it may seem far-fetched now, these threats are all realistic. People have already died when industrial robots have malfunctioned. That means the same is possible through hacking.
How can robots be better secured to defend against cybersecurity attacks?
There is always the risk of robots being hacked, which means additional measures need to be taken to secure them, such as implementing extra security authentication – perhaps facial recognition of the owner when opening panels. Costs can be higher than traditional systems, and many solutions also have monthly fees. Additionally, there is a real risk of privacy invasion, especially in the case of a robot that has complete freedom to roam inside the house, so surveillance footage needs to be securely stored. The main issue, however, is preventing remote hacks – owners need to ensure they keep the firmware & robot OS up-to-date and ensure long and complex passwords and other multi factor authentication methods are in place. Ultimately, a robot is just another networked device within an organization that needs to be included in risk assessment and patched as needed.
Are there any emerging technologies that are best to use to better secure robots? If so, which ones and why?
Considering their limited functionality, home robots to date do not pose a security threat other than through their “interface to the outside world.” That is to say that robots are a part of the Internet of Things (IoT) when they are connected to a home network. The danger is that owners never change the default passwords or use simple passwords that can be broken, allowing hackers to leverage their way onto a home network and use the robot as a pivot point for further exfiltration of sensitive data or to plant malware.
Building security into the life cycle of robot design as early as possible is seen as the best way to secure robots.
Is it the responsibility of the robot manufacturer, the integrator or the end user to ensure the installation is secure?
The issue of whether a manufacturer, integrator or end-user is responsible for security varies from robot to robot, country to country and use-case to use-case. Therefore, it is safer for a CISO and his or her IT team to just assume responsibility for all connected devices, including robots. No distinction should be made between a web enabled robot and a router in a back office.
The role of CISOs and CSOs in robotics security should be the same as security as it relates to Bring Your Own Device (BYOD) policies. Organizations that fail to address the broader security issues inherent in connecting robots may find themselves with significant financial and legal difficulties, as well as reputation damage. Appropriate preventive and corrective controls in the form of policies, standards, procedures or technology functions and monitoring mechanisms are therefore required to minimize the risks associated with deploying any connected device within an organization.
Why is it valuable to bolster cybersecurity in robots at every stage of the design process? Can you explain how that might work?
The motivation to build rigorous and secure robots should be there because it is quite possible that all involved in its design could be held liable if a weakness was found that led to personal distress or financial losses. Security should also not be an afterthought. Ultimately, every robot connected to the web should be password protected, and should never be connected with the default out of the 'robot box' password; a long, complex password needs to be set; all robots should be updated as soon as updates are released; all robots that do not need to be connected to over the Internet should have those remote ports disabled.
The aforementioned might seem obvious, but many enable remote connectivity "out of the box" when they have no intention of connecting to that device. Robot manufacturers should also release security updates once vulnerabilities are found, but the incentive is simply not there for them to do it much of the time.
Is there a magic bullet when it comes to cybersecurity for robots or is every case different?
There is no magic bullet for robot security. They are simply devices executing code, which are just as likely to be compromised as any other device in an organization. Their security is only as strong as the weakest link, which may simply be the remote login password.
All robots are at risk if they are connected to a network. These may be the weak links in the network. The weakness may be dependent on the OS that the robot is running. Few robots run a consumer level OS, but rather usually run a robot operating system (ROS) or dedicated firmware for the processor – known attacks exist on these. In the main, a simple denial of service attack could be carried out on a robot to prevent it from completing tasks or worse: bringing the corporate network to a standstill.
Do you see any disruptive security solutions in the works at this time or are we still several years from that utopian scenario?
With most devices on the Internet, when a user connects the device will respond with a couple lines of greeting, saying this is where you have connected to, and often the make, model, version of the server software that the user is using. Robots are often no different. Potentially aiding would-be attackers are specialized search engines specifically designed to locate online devices that may be overlooked or ignored by regular search engines. To complicate matters further, tools for automating the exploitation of the backdoor are often available through Metasploit, a popular penetration testing tool used by hackers and security professionals alike.
There is an increased exposure to remote hacks on remote appliances. A robot with a webcam is part of the IoT. The sheer scale of deployment of these limited-function embedded devices in businesses can lead to unique attacks. There is also the worry of the domino effect, where if one device becomes “owned” it can easily spread to the remainder of the cluster. Nearly all devices utilize Linux, which means that they contain an embedded file system containing a little web server, making it remotely accessible over the web. A user can log into a device via browser, bringing up a little configuration page, much like a standard Internet router does. And a user gives it a username and password because, of course, they don't want everyone able to log into their webcam. A risk associated with rolling out robots with webcams, as opposed to say a Webcam in an IT department, is that users are not aware of the importance of changing default passwords and updating systems to apply the latest security fixes. A misconfigured service in a consumer device can lead to horrific invasions of privacy.
Kevin Curran is an IEEE Senior Member, Professor of Cybersecurity at Ulster University, Executive Co-Director of the Legal Innovation Centre, and Group Leader for the Ambient Intelligence & Virtual Worlds Research Group. Kevin has won and managed UK & European Framework projects and technology transfer schemes, and has also made significant contributions to advancing the knowledge and understanding of computer networking and system, evidenced by over 800 conferences, book chapters, and journal publications. Kevin is one of the most frequently interviewed computer scientists in the UK/Ireland, and regularly speaks to global media outlets
The content & opinions in this article are the authorâ€™s and do not necessarily represent the views of RoboticsTomorrow
This post does not have any comments. Be the first to leave a comment below.
Post A Comment
You must be logged in before you can post a comment. Login now.