Skip to main content
SpringerLink
Log in

TROS: Protecting Humanoids ROS from Privileged Attackers

  • Published:
International Journal of Social Robotics Aims and scope Submit manuscript

Abstract

The spread adoption of humanoid social robots in different application fields is growing the interest of hackers who could violate the privacy of people, or—even worse—threaten humans’ life from physical and emotional/social point of views. Different vectors of attack exist, which are more easily exploitable if physical access to the target robot is available. This is very likely for humanoids that typically reside in untrusted environments where physically access to the robot is allowed and expected, thus permitting anyone to exploit the Linux kernel vulnerability (e.g., through the insertion of a USB pen drive) with the objective of tampering sensitive data. The Robot Operating System (ROS) is at the core of humanoids. Thus, it is crucial for their security. The most-recent solutions introduced in ROS2, SROS, and H-ROS are not sufficient for facing powerful adversaries. In this paper, we first identify the uncovered ROS weaknesses, which are particularly worrying in the case of humanoids. Then, we present our patched ROS solution called Trusted-ROS (TROS) leveraging hardware-assisted trusted computing to shield data managed by ROS, which otherwise would reside in robot’s memory unencrypted. The design of TROS is reported, together with a prototype implementation using a simulated version of the NAO humanoid secured through an Intel SGX hardware. Finally, we evaluated the proposed solution from both security and performance perspectives in order to demonstrate the practicability of our approach.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Notes

  1. Misuse cases describe steps and scenarios which a user performs in order to accomplish a malicious act against a system.

  2. https://github.com/504ensicslabs/lime.

  3. https://github.com/carmaa/inception.

References

  1. Alemzadeh H, Chen D, Li X, Kesavadas T, Kalbarczyk ZT, Iyer RK (2016) Targeted attacks on teleoperated surgical robots: dynamic model-based detection and mitigation. In: DSN. IEEE Computer Society, pp 395–406 (2016)

  2. ARM TR (2009) Security technology building a secure system using trustzone technology

  3. Bonaci T, Herron J, Yusuf T, Yan J, Kohno T, Chizeck HJ (2015) To make a robot secure: an experimental analysis of cyber security threats against teleoperated surgical robots. CoRR arXiv:1504.04339. http://dblp.uni-trier.de/db/journals/corr/corr1504.html#BonaciHYYKC15

  4. Breiling B, Dieber B, Schartner P (2017) Secure communication for the robot operating system. In: 2017 annual IEEE international systems conference (SysCon), pp 1–6. https://doi.org/10.1109/SYSCON.2017.7934755

  5. Broquère X, Finzi A, Mainprice J, Rossi S, Sidobre D, Staffa M (2014) An attentional approach to human–robot interactive manipulation. Int J Soc Robot 6(4):533–553

    Article  Google Scholar 

  6. Burattini E, Finzi A, Rossi S, Staffa M (2009) Monitoring strategies for adaptive periodic control in behavior-based robotic systems. In: Proceedings—2009 advanced technologies for enhanced quality of life, AT-EQUAL 2009, pp 130–135. https://doi.org/10.1109/AT-EQUAL.2009.34

  7. Burattini E, Finzi A, Rossi S, Staffa M (2012) Attentional human–robot interaction in simple manipulation tasks. In: Yanco HA, Steinfeld A, Evers V, Jenkins OC (eds) HRI. ACM, New York, pp 129–130

    Chapter  Google Scholar 

  8. Cavallo F, Aquilano M, Bonaccorsi M, Mannari I, Carrozza MC, Ratti PD (2011) Multidisciplinary approach for developing a new robotic system for domiciliary assistance to elderly people. In: EMBC. IEEE, pp 5327–5330

  9. Clark GW, Doran MV, Andel TR (2017) Cybersecurity issues in robotics. In: 2017 IEEE conference on cognitive and computational aspects of situation management (CogSIMA), pp 1–5. https://doi.org/10.1109/COGSIMA.2017.7929597

  10. Coker G, Guttman J, Loscocco P, Herzog A, Millen J, Hanlon B, Ramsdell J, Segall A, Sheehy J, Sniffen B (2011) Principles of remote attestation. Int J Inf Secur 10(2):63–81. https://doi.org/10.1007/s10207-011-0124-7

    Article  Google Scholar 

  11. Coker G, Guttman J, Loscocco P, Sheehy J, Sniffen B (2008) Attestation: evidence and trust. In: Proceedings of the 10th international conference on information and communications security, ICICS’08. Springer, Berlin, pp 1–18. https://doi.org/10.1007/978-3-540-88625-9_1

  12. Coppolino L, D’Antonio S, Mazzeo G, Romano L (2019) A comprehensive survey of hardware-assisted security: from the edge to the cloud. Internet Things 6:100055. https://doi.org/10.1016/j.iot.2019.100055

    Article  Google Scholar 

  13. Coppolino L, D’Antonio S, Mazzeo G, Romano L (2017) Cloud security: emerging threats and current solutions. Comput Electr Eng 59:126–140. https://doi.org/10.1016/j.compeleceng.2016.03.004

    Article  Google Scholar 

  14. Coppolino L, D’Antonio S, Mazzeo G, Romano L, Sgaglione L (2018) Exploiting new CPU extensions for secure exchange of ehealth data at the EU level. In: 2018 14th European dependable computing conference (EDCC), pp 17–24. https://doi.org/10.1109/EDCC.2018.00015

  15. Dynamic root of trust in trusted computing. www.tml.tkk.fi/Publications/C/25/papers/Nie_final.pdf. Accessed 17 Apr 2018

  16. Dieber B, Breiling B, Taurer S, Kacianka S, Rass S, Schartner P (2017) Security for the robot operating system. Rob Auton Syst 98(C):192–203. https://doi.org/10.1016/j.robot.2017.09.017

    Article  Google Scholar 

  17. Dieber B, Kacianka S, Rass S, Schartner P (2016) Application-level security for ROS-based applications. In: 2016 IEEE/RSJ international conference on intelligent robots and systems (IROS), pp 4477–4482. https://doi.org/10.1109/IROS.2016.7759659

  18. Elkady A, Sobh T (2012) Robotics middleware: a comprehensive literature survey and attribute-based bibliography. In: 2016 IEEE/RSJ international conference on intelligent robots and systems (IROS) (2012). https://doi.org/10.1155/2012/959013

  19. Fetzer C, Mazzeo G, Oliver J, Romano L, Verburg M (2017) Integrating reactive cloud applications in Sereca. In: Proceedings of the 12th international conference on availability, reliability and security, ARES’17. ACM, New York, NY, USA, pp 39:1–39:8. https://doi.org/10.1145/3098954.3105820

  20. glibc - ’realpath()’ privilege escalation. https://www.exploit-db.com/exploits/44889/. Accessed 28 June 2018

  21. Giuliani MV, Scopelliti M, Fornara F (2005) Elderly people at home: technological help in everyday activities. In: RO-MAN. IEEE, pp 365–370

  22. Götzfried J, Eckert M, Schinzel S, Müller T (2017) Cache attacks on Intel SGX. In: Proceedings of the 10th European workshop on systems security, EuroSec’17. ACM, New York, NY, USA, pp 2:1–2:6. https://doi.org/10.1145/3065913.3065915

  23. Hardware robot operating system (H-ROS). https://acutronicrobotics.com/technology/som/files/Hans_CoS.pdf. Accessed 17 Apr 2018

  24. Iengo S, Origlia A, Staffa M, Finzi A (2012) Attentional and emotional regulation in human–robot interaction. In: RO-MAN. IEEE, pp 1135–1140

  25. Jayaram Masti R, Marforio C, Capkun S (2013) An architecture for concurrent execution of secure environments in clouds. In: Proceedings of the 2013 ACM workshop on cloud computing security workshop, CCSW’13. ACM, New York, NY, USA, pp 11–22. https://doi.org/10.1145/2517488.2517489

  26. Kim J, Smereka JM, Cheung C, Nepal S, Grobler M (2018) Security and performance considerations in ROS 2: a balancing act. CoRR arXiv:1809.09566

  27. King HHI, Tadano K, Donlin R, Friedman DCW, Lum MJH, Asch V, Wang C, Kawashima K, Hannaford B (2009) Preliminary protocol for interoperable telesurgery. In: ICAR. IEEE, pp 1–6

  28. Kocher P, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2018) Spectre attacks: exploiting speculative execution. CoRR arXiv:1801.01203

  29. Maene P, Gotzfried J, de Clercq R, Muller T, Freiling F, Verbauwhede I (2017) Hardware-based trusted computing architectures for isolation and attestation. IEEE Trans Comput PP(99):1–1. https://doi.org/10.1109/TC.2017.2647955

    Article  MATH  Google Scholar 

  30. Martignoni L, Paleari R, Bruschi D (2010) Conqueror: tamper-proof code execution on legacy systems. In: Proceedings of the 7th international conference on detection of intrusions and malware, and vulnerability assessment, DIMVA’10. Springer, Berlin, pp 21–40

  31. Mayoral V, Hernández A, Kojcev R, Muguruza I, Zamalloa I, Bilbao A, Usategi L (2017) The shift in the robotics paradigm—the hardware robot operating system (H-ROS); an infrastructure to create interoperable robot components. In: 2017 NASA/ESA conference on adaptive hardware and systems (AHS), pp 229–236. https://doi.org/10.1109/AHS.2017.8046383

  32. McKeen F, Alexandrovich I, Berenzon A, Rozas CV, Shafi H, Shanbhogue V, Savagaonkar UR (2013)Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, HASP

  33. Morante S, Victores J, Balaguer C (2015) Cryptobotics: why robots need cyber safety. Front. Robot. AI. https://doi.org/10.3389/frobt.2015.00023

  34. Nocera D, Finzi A, Rossi S, Staffa M (2014) The role of intrinsic motivations in attention allocation and shifting. Front Psychol. https://doi.org/10.3389/fpsyg.2014.00273

  35. Quigley M, Conley K, Gerkey BP, Faust J, Foote T, Leibs J, Wheeler R, Ng AY (2009) Ros: an open-source robot operating system. In: ICRA workshop on open source software

  36. Rossi S, Santangelo G, Staffa M, Varrasi S, Conti D, Di Nuovo A (2018) Psychometric evaluation supported by a social robot: personality factors and technology acceptance. In: In the proceedings of the 27th IEEE international conference on robot and human interactive communication, Ro-MAN2018. IEEE

  37. Rossi S, Staffa M, Tamburro A (2018) Socially assistive robot for providing recommendations: comparing a humanoid robot with a mobile application. Int J Soc Robot 10(2):265–278

    Article  Google Scholar 

  38. Staffa M, Rossi S (2016) Recommender interfaces: the more human-like, the more humans like. In: Agah A, Cabibihan JJ, Howard AM, Salichs MA, He H (eds) ICSR, lecture notes in computer science, vol 9979, pp 200–210

  39. Setup and configuration of the navigation stack on a robot. http://wiki.ros.org/navigation/Tutorials/RobotSetup#Base_Controller_.28base_controller.29. Accessed 25 May 2019

  40. The new Intel Xeon scalable processor powers the future of AI. https://itpeernetwork.intel.com/xeon-scalable-powers-future-ai/. Accessed 17 Apr 2018

  41. Tower probe USB vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2017-15102. Accessed 04 May 2019

  42. Vuong T, Loukas G, Gan D, Bezemskij A (2015) Decision tree-based detection of denial of service and command injection attacks on robotic vehicles. https://doi.org/10.1109/WIFS.2015.7368559

  43. White R, Christensen HI, Quigley M (2016) SROS: securing ROS over the wire, in the graph, and through the kernel. CoRR arXiv:1611.07060

  44. Xu Y, Cui W, Peinado M (2015) Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: Proceedings of the 2015 IEEE symposium on security and privacy, SP’15. IEEE Computer Society, Washington, DC, USA, pp 640–656. https://doi.org/10.1109/SP.2015.45

  45. Yu R, Hui E, Lee J, Poon D, Ng A, Sit K, Ip K, Fannie Y, Wong M, Shibata T, Woo J (2015) Use of a therapeutic, socially assistive pet robot (paro) in improving mood and stimulating social interaction and communication for people with dementia: study protocol for a randomized controlled trial. JMIR Res Protoc 4:e45. https://doi.org/10.2196/resprot.4189

    Article  Google Scholar 

  46. Zaraki A, Khamassi M, Wood L, Lakatos G, Tzafestas C, Robins B, Dautenhahn K (2018) A novel paradigm for children as teachers to the Kaspar robot learner. In: BAILAR workshop at the 27th international symposium on robot and human interactive communication (RO-MAN 2018). Nanjing, China

Download references

Author information

Authors and Affiliations

  1. Department of Engineering, University of Naples Parthenope, Centro Direzionale, Isola C4, Naples, Italy

    Giovanni Mazzeo

  2. Department of Physics, University of Naples Federico II, Naples, Italy

    Mariacarla Staffa

Authors
  1. Giovanni Mazzeo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mariacarla Staffa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mariacarla Staffa.

Ethics declarations

Conflict of interest

One of the authors of this paper, Mariacarla Staffa, is part of the Editorial Board of this Special Issue. The authors declare that they have no other conflict of interest to disclose.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mazzeo, G., Staffa, M. TROS: Protecting Humanoids ROS from Privileged Attackers. Int J of Soc Robotics 12, 827–841 (2020). https://doi.org/10.1007/s12369-019-00581-4

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12369-019-00581-4

Keywords

Search

Navigation