ROS-Immunity: Integrated Approach for the Security of ROS-enabled Robotic Systems

The Robotic Operating System (ROS) is the de-facto standardfor the development of modular robotic systems. However,ROS is notorious for the absence of security mechanisms,only partially covered by recent advancements. Indeed, anattacker can easily break into ROS-enabled systems and hijacksarbitrary messages. We propose an integrated solution,ROS-Immunity, with small overhead that allows ROS usersto harden their systems against attackers. The solution consistsof three components: robustness assessment, automaticrule generation, and distributed defense with a firewall. ROSImmunityis also able to detect on-going attacks that exploitnew vulnerabilities in ROS systems. We evaluated our solutionagainst four use-cases: a self-driving car, a swarm roboticsystem, a centralized assembly line, and a real-world decentralizedone. ROS-Immunity was found to have minimal overhead,with only an additional 7-18% extra system power perrobot required to operate it. Furthermore, ROS-Immunity wasable to prevent a wide variety of ROS system attacks with aworst-case false positive rate of only 17% and a typical falsepositive rate of 8%. Finally, ROS-Immunity was found to beable to react to and stop attackers after at most 2.4 seconds,when confronted with unknown vulnerabilities.