17 May 2013 A preliminary cyber-physical security assessment of the Robot Operating System (ROS)
Author Affiliations +
Abstract
Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: “What prevents ROS from being used in commercial or government applications?” One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security “honeypot” running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: “What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?” This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.
© (2013) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Jarrod McClean, Jarrod McClean, Christopher Stull, Christopher Stull, Charles Farrar, Charles Farrar, David Mascareñas, David Mascareñas, } "A preliminary cyber-physical security assessment of the Robot Operating System (ROS)", Proc. SPIE 8741, Unmanned Systems Technology XV, 874110 (17 May 2013); doi: 10.1117/12.2016189; https://doi.org/10.1117/12.2016189
PROCEEDINGS
8 PAGES


SHARE
Back to Top