Security risk assessment of the PeopleBot mobile robot research platform

Nowadays, robots are widely ubiquitous and integral part in our daily lives, which can be seen almost everywhere in industry, hospitals, military, etc. To provide remote access and control, usually robots are connected to local network or to the Internet through WiFi or Ethernet. As such, it is of great importance and of a critical mission to maintain the safety and the security access of such robots. Security threats may result in completely preventing the access and control of the robot. The consequences of this may be catastrophic and may cause an immediate physical damage to the robot. This paper aims to present a security risk assessment of the well-known PeopleBot; a mobile robot platform from Adept MobileRobots Company. Initially, we thoroughly examined security threats related to remote accessing the PeopleBot robot. We conducted an impact-oriented analysis approach on the wireless communication medium; the main method considered to remotely access the PeopleBot robot. Numerous experiments using SSH and server-client applications were conducted, and they demonstrated that certain attacks result in denying remote access service to the PeopleBot robot. Consequently and dangerously the robot becomes unavailable. Finally, we suggested one possible mitigation and provided useful conclusions to raise awareness of possible security threats on the robotic systems; especially when the robots are involved in critical missions or applications.

[1]  Andrea Maria Zanchettin,et al.  An Experimental Security Analysis of an Industrial Robot Controller , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[2]  Junjie Yan,et al.  To Make a Robot Secure: An Experimental Analysis of Cyber Security Threats Against Teleoperated Surgical Robots , 2015, ArXiv.

[3]  Louis T Batson,et al.  Unmanned Tactical Autonomous Control and Collaboration threat and vulnerability assessment , 2015 .

[4]  Blake Hannaford,et al.  Raven-II: An Open Platform for Surgical Robotics Research , 2013, IEEE Transactions on Biomedical Engineering.

[5]  Philippe Massonet,et al.  Co-engineering Security and Safety Requirements for Cyber-Physical Systems , 2016, ERCIM News.

[6]  Zhun Fan,et al.  Service robots for hospitals: A case study of transportation tasks in a hospital , 2009, 2009 IEEE International Conference on Automation and Logistics.

[7]  Hubert Roth,et al.  Mobile robots for search and rescue , 2005, IEEE International Safety, Security and Rescue Rototics, Workshop, 2005..

[8]  Emanuele Menegatti,et al.  A BCI Teleoperated Museum Robotic Guide , 2009, 2009 International Conference on Complex, Intelligent and Software Intensive Systems.

[9]  George Loukas,et al.  Performance Evaluation of Cyber-Physical Intrusion Detection on a Robotic Vehicle , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[10]  Jeremy Straub,et al.  Using deep learning to detect network intrusions and malware in autonomous robots , 2017, Defense + Security.

[11]  Carlos Balaguer,et al.  Cryptobotics: Why Robots Need Cyber Safety , 2015, Front. Robot. AI.

[12]  Mikael Björk,et al.  Analysis of the Remote Access Market in North America , 2012 .

[13]  Weiqing Sun,et al.  Cyber security threat analysis and modeling of an unmanned aerial vehicle system , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[14]  Tuan Vuong,et al.  Cyber-physical intrusion detection for robotic vehicles , 2017 .

[15]  Douglas W. Gage,et al.  Security Considerations for Autonomous Robots , 1985, 1985 IEEE Symposium on Security and Privacy.