SROS2: Usable Cyber Security Tools for ROS 2

Mayoral-Vilches, Víctor; White, Ruffin; Caiazza, Gianluca; Arguedas, Mikael

doi:10.1109/iros47612.2022.9982129

Cited by 20 publications

(8 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Compared to ROS, the ROS2 middleware framework is based on the DDS protocol, which provides better performance and security, and therefore the latest robot manufacturers prefer ROS2-based applications. Although ROS2 uses DDS Security and SROS2 [31] To enhance its security and usability, but it is not absolutely secure. On the one hand, the security problems existing in ROS may not be fully solved by ROS2, and on the other hand, ROS2 itself may also have new security problems.…”

Section: Of 21mentioning

confidence: 99%

ROS2 Communication Security Vulnerability Detection Based on Formal Method

Yang,

Guo,

Rui

2024

Preprint

View full text Add to dashboard Cite

Robotic systems have been widely used in various industries, so the security of communication between robots and their components has become an issue that needs to be focused on. As a framework for developing robotic systems, the security of ROS2 can directly affect the security of the upper-level robotic systems. Therefore, it is a worthwhile research topic to detect and analyze the security of ROS2. In this paper, we adopt a formal approach to analyze the security of the communication mechanism of ROS2. First, we use a state transition system to model the potential vulnerabilities of ROS2 based on the ROS2 communication mechanism and the basic process of penetration testing. Secondly, we introduce the CIA model on the basis of the established vulnerability model and use LTL to define its security properties. Then, we design and implement a vulnerability detection tool for ROS2 applications based on the vulnerability model and security properties. Finally, we experimentally test some ROS2-based applications, and the results show that ROS2 has vulnerabilities without additional protection safeguards.

show abstract

Section: Of 21mentioning

confidence: 99%

ROS2 Communication Security Vulnerability Detection Based on Formal Method

Yang,

Guo,

Rui

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Compared to the ROS, the ROS2 middleware framework is based on the DDS (Data Distribution Service) protocol, which provides better performance and security, and therefore, the latest robot manufacturers prefer ROS2-based applications. Although ROS2 uses DDS Security and SROS2 [34] to enhance its security and usability, it is not absolutely secure. The official ROS community has posted vulnerabilities in the robotic system from hardware to software [35], and the vulnerabilities regarding the ROS2 level are highly relevant to the work of this article.…”

Section: Related Workmentioning

confidence: 99%

Formal Analysis and Detection for ROS2 Communication Security Vulnerability

Yang,

Guo,

Rui

2024

Electronics

View full text Add to dashboard Cite

Robotic systems have been widely used in various industries, so the security of communication between robots and their components has become an issue that needs to be focused on. As a framework for developing robotic systems, the security of ROS2 (Robot Operating System 2) can directly affect the security of the upper-level robotic systems. Therefore, it is a worthwhile research topic to detect and analyze the security of ROS2. In this study, we adopted a formal approach to analyze the security of the communication mechanism of ROS2. First, we used a state transition system to model the potential vulnerabilities of ROS2 based on the ROS2 communication mechanism and the basic process of penetration testing. Secondly, we introduced a CIA model based on the established vulnerability model and used linear temporal logic to define its security properties. Then, we designed and implemented a vulnerability detection tool for ROS2 applications based on the vulnerability model and security properties. Finally, we experimentally tested some ROS2-based applications, and the results show that ROS2 has vulnerabilities without additional protection safeguards.

show abstract

“…From a straightforward application of the Grönwall-Bellman inequality (see, e.g., [27, Lemma A.1, p. 651]) to (13), it can be seen that κ(t) < κ(0) exp(2αt) holds for all t > 0. Therefore, the definition in ( 12) yields the following constraint on the time-varying stiffness and damping profiles where B 0 = B T (0) and K 0 = K T (0) for all t > 0.…”

Section: Adversarial Time-varying Impedance Target Dynamicsmentioning

confidence: 99%

“…Contributions of the Paper. This paper contributes to the emerging field of cybersecurity in robotics and automation (see, e.g., [12], [13]) in several important ways. The first contribution of the paper is founded in using variable impedance control synthesis techniques (see, e.g., [14], [15]) for generation of cyber-physical closed-loop attacks against the HSC steering systems.…”

Section: Introductionmentioning

confidence: 99%

Generation of Wheel Lockup Attacks on Nonlinear Dynamics of Vehicle Traction

Mohammadi

Malik

Abbaszadeh

2022

2022 American Control Conference (ACC)

View full text Add to dashboard Cite

The safety-critical nature of vehicle steering is one of the main motivations for exploring the space of possible cyber-physical attacks against the steering systems of modern vehicles. This paper investigates the adversarial capabilities for destabilizing the interaction dynamics between human drivers and vehicle haptic shared control (HSC) steering systems. In contrast to the conventional robotics literature, where the main objective is to render the human-automation interaction dynamics stable by ensuring passivity, this paper takes the exact opposite route. In particular, to investigate the damaging capabilities of a successful cyber-physical attack, this paper demonstrates that an attacker who targets the HSC steering system can destabilize the interaction dynamics between the human driver and the vehicle HSC steering system through synthesis of time-varying impedance profiles. Specifically, it is shown that the adversary can utilize a properly designed non-passive and time-varying adversarial impedance target dynamics, which are fed with a linear combination of the human driver and the steering column torques. Using these target dynamics, it is possible for the adversary to generate in real-time a reference angular command for the driver input device and the directional control steering assembly of the vehicle. Furthermore, it is shown that the adversary can make the steering wheel and the vehicle steering column angular positions to follow the reference command generated by the time-varying impedance target dynamics using proper adaptive control strategies. Numerical simulations demonstrate the effectiveness of such time-varying impedance attacks, which result in a non-passive and inherently unstable interaction between the driver and the HSC steering system.

show abstract

SROS2: Usable Cyber Security Tools for ROS 2

Cited by 20 publications

References 22 publications

ROS2 Communication Security Vulnerability Detection Based on Formal Method

ROS2 Communication Security Vulnerability Detection Based on Formal Method

Formal Analysis and Detection for ROS2 Communication Security Vulnerability

Generation of Wheel Lockup Attacks on Nonlinear Dynamics of Vehicle Traction

Contact Info

Product

Resources

About