Reference : Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for th... |
Dissertations and theses : Doctoral thesis | |||
Engineering, computing & technology : Computer science | |||
Security, Reliability and Trust | |||
http://hdl.handle.net/10993/46429 | |||
Securing Robots: An Integrated Approach for Security Challenges adn Monitoring for the Robotic Operating System | |
English | |
Rivera, Sean ![]() | |
18-Jan-2021 | |
University of Luxembourg, Luxembourg | |
Docteur en Informatique | |
State, Radu ![]() | |
Lenzini, Gabriele ![]() | |
Nita-Rotaru, Cristina ![]() | |
Becker, Sheila ![]() | |
Gurbani, Vijay ![]() | |
[en] Robotics ; Security ; ROS | |
[en] Robotic systems are proliferating in our society due to their capacity to carry out physical
tasks on behalf of human beings, with current applications in the military, industrial, agricultural, and domestic fields. The Robotic Operating System (ROS) is the de-facto standard for the development of modular robotic systems. Manufacturing and other industries use ROS for their robots, while larger companies such as Windows and Amazon have shown interest in supporting it, with ROS systems projected to make up most robotic systems within the next five years. However, a focus on security is needed as ROS is notorious for the absence of security mechanisms, placing people in danger both physically and digitally. This dissertation presents the security shortcomings in ROS and addresses them by developing a modular, secure framework for ROS. The research focuses on three features: internal system defense, external system verification, and automated vulnerability detection. This dissertation provides an integrated approach for the security of ROS-enabled robotic systems to set a baseline for the continual development of ROS security. Internal system defense focuses on defending ROS nodes from attacks and ensuring system safety in compromise. ROS-Defender, a firewall for ROS leveraging Software Defined Networking (SDN), and ROS-FM, an extension to ROS-Defender that uses the extended Berkely Packet Filter(eBPF), are discussed. External system verification centers on when data becomes the enemy, encompassing sensor attacks, network infrastructure attacks, and inter-system attacks. In this section, the use of machine learning to address sensor attacks is demonstrated, eBPF is utilized to address network infrastructure attacks, and consensus algorithms are leveraged to mitigate inter-system attacks. Automated vulnerability detection is perhaps the most important, focusing on detecting vulnerabilities and providing immediate mitigating solutions to avoid downtime or system failure. Here, ROSploit, an automated vulnerability scanner for ROS, and DiscoFuzzer, a fuzzing system designed for robots, are discussed. ROS-Immunity combines all the components for an integrated tool that, in conjunction with Secure-ROS, provides a suite of defenses for ROS systems against malicious attackers. | |
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Services and Data management research group (SEDAN) | |
Researchers | |
http://hdl.handle.net/10993/46429 |
File(s) associated to this reference | ||||||||||||||
Fulltext file(s):
| ||||||||||||||
All documents in ORBilu are protected by a user license.