ABSTRACT
The use of social robots in public spaces is becoming increasingly popular due to their ability to provide personalized services to users. However, the convergence of different technologies and software applications has raised concerns regarding security requirements, standards, and regulations. Specifically, there are significant concerns about the evolving threat landscape for software applications in public settings, where social robots interact without supervision and are in direct contact with threat actors. During the development of social robots software, developers and practitioners need practical tools to continuously assess their products’ security profiles. This paper presents a preventive approach to the dynamic evolving security landscape of Social Robots in Public Spaces (SRPS) using design science research (DSR) methodology to develop a security framework. The study investigates security threats, vulnerabilities, and risks associated with SRPS software development and analyzes existing related frameworks to design a security framework for SRPS software developers. The research aims to provide insights into the security aspects of SRPS software application development processes and contribute to developing effective security frameworks to mitigate evolving risks and ensure secure operation and acceptance in public spaces.
- Hala Assal and Sonia Chiasson. 2019. ’Think Secure from the Beginning’: A Survey with Software Developers. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems(CHI ’19). Association for Computing Machinery, New York, NY, USA, 1–13. https://doi.org/10.1145/3290605.3300519Google ScholarDigital Library
- Kim Baraka, Patrícia Alves-Oliveira, and Tiago Ribeiro. 2020. An Extended Framework for Characterizing Social Robots. In Human-Robot Interaction: Evaluation Methods and Their Standardization, Céline Jost, Brigitte Le Pévédic, Tony Belpaeme, Cindy Bethel, Dimitrios Chrysostomou, Nigel Crook, Marine Grandgeorge, and Nicole Mirnig (Eds.). Springer International Publishing, Cham, 21–64. https://doi.org/10.1007/978-3-030-42307-0_2Google Scholar
- Elena Basan, Anton Gritsynin, and Tatyana Avdeenko. 2019. Framework for Analyzing the Security of Robot Control Systems. In 2019 International Conference on Information Systems and Computer Science (INCISCOS). IEEE, Quito, Ecuador, 354–360. https://doi.org/10.1109/INCISCOS49368.2019.00062Google Scholar
- Tony Belpaeme, James Kennedy, Aditi Ramachandran, Brian Scassellati, and Fumihide Tanaka. 2018. Social Robots for Education: A Review. Science Robotics 3, 21 (Aug. 2018), eaat5954. https://doi.org/10.1126/scirobotics.aat5954Google ScholarCross Ref
- Andreas Birk, Sören Schwertfeger, and Kaustubh Pathak. 2009. A Networking Framework for Teleoperation in Safety, Security, and Rescue Robotics. IEEE Wireless Communications 16, 1 (Feb. 2009), 6–13. https://doi.org/10.1109/MWC.2009.4804363Google ScholarDigital Library
- ENISA. 2011. Measurement Frameworks and Metrics for Resilient Networks and Services: Technical Report. Technical Report. ENISA. 119 pages. https://www.enisa.europa.eu/publications/metrics-tech-report/at_download/fullReportGoogle Scholar
- Eduard Fosch-Villaronga, Christoph Lutz, and Aurelia Tamò-Larrieux. 2020. Gathering Expert Opinions for Social Robots’ Ethical, Legal, and Societal Concerns: Findings from Four International Workshops. International Journal of Social Robotics 12, 2 (May 2020), 441–458. https://doi.org/10.1007/s12369-019-00605-zGoogle ScholarCross Ref
- Alan Hevner and Samir Chatterjee. 2010. Design Science Research in Information Systems. In Design Research in Information Systems: Theory and Practice, Alan Hevner and Samir Chatterjee (Eds.). Springer US, Boston, MA, 9–22. https://doi.org/10.1007/978-1-4419-5653-8_2Google Scholar
- Alan R Hevner, Salvatore T March, Jinsoo Park, and Sudha Ram. 2004. Design Science in Information Systems Research. MIS Quarterly 28, 1 (2004), 77–105. https://www.in.th-nuernberg.de/professors/Holl/Personal/Hevner_DesignScience_ISRes.pdfGoogle ScholarCross Ref
- Rafiq Ahmad Khan, Siffat Ullah Khan, Habib Ullah Khan, and Muhammad Ilyas. 2022. Systematic Literature Review on Security Risks and Its Practices in Secure Software Development. IEEE Access 10 (2022), 5456–5481. https://doi.org/10.1109/ACCESS.2022.3140181Google ScholarCross Ref
- Barbara Kitchenham. 2004. Procedures for Performing Systematic Reviews. Keele University Technical Report TR/SE-0401 33 (2004), 1–26.Google Scholar
- Barbara Kitchenham, Lech Madeyski, and David Budgen. 2023. SEGRESS: Software Engineering Guidelines for REporting Secondary Studies. IEEE Transactions on Software Engineering 49, 3 (March 2023), 1273–1298. https://doi.org/10.1109/TSE.2022.3174092Google ScholarDigital Library
- Maria Kyrarini, Fotios Lygerakis, Akilesh Rajavenkatanarayanan, Christos Sevastopoulos, Harish Ram Nambiappan, Kodur Krishna Chaitanya, Ashwin Ramesh Babu, Joanne Mathew, and Fillia Makedon. 2021. A Survey of Robots in Healthcare. Technologies 9, 1 (March 2021), 8. https://doi.org/10.3390/technologies9010008Google ScholarCross Ref
- Giovanni Mazzeo and Mariacarla Staffa. 2020. TROS: Protecting Humanoids ROS from Privileged Attackers. International Journal of Social Robotics 12, 3 (July 2020), 827–841. https://doi.org/10.1007/s12369-019-00581-4Google ScholarCross Ref
- Daniel Méndez Fernández, Wolfgang Böhm, Andreas Vogelsang, Jakob Mund, Manfred Broy, Marco Kuhrmann, and Thorsten Weyer. 2019. Artefacts in Software Engineering: A Fundamental Positioning. Software & Systems Modeling 18, 5 (Oct. 2019), 2777–2786. https://doi.org/10.1007/s10270-019-00714-3Google ScholarDigital Library
- MITRE. 2018. Cyber Resiliency Metrics, Measures of Effectiveness, and Scoring: Enabling Systems Engineers and Program Managers to Select the Most Useful Assessment Methods. Technical Report AD1108019. MITRE, United States. 119 pages.Google Scholar
- Nikola Naumov. 2019. The Impact of Robots, Artificial Intelligence, and Service Automation on Service Quality and Service Experience in Hospitality. In Robots, Artificial Intelligence, and Service Automation in Travel, Tourism and Hospitality, Stanislav Ivanov and Craig Webster (Eds.). Emerald Publishing Limited, Emerald Publishing Limited, Bingley, 123–133. https://doi.org/10.1108/978-1-78756-687-320191007Google Scholar
- Samson O. Oruma, Mary Sánchez-Gordón, Ricardo Colomo-Palacios, Vasileios Gkioulos, and Joakim K. Hansen. 2022. A Systematic Review on Social Robots in Public Spaces: Threat Landscape and Attack Surface. Computers 11, 12 (Dec. 2022), 181. https://doi.org/10.3390/computers11120181Google ScholarCross Ref
- Batuhan Özdol, Elif Köseler, Ezgi Alçi̇çek, Süha Eren Cesur, Perif Jan Aydemi̇r, and Şerif Bahti̇yar. 2021. A Survey on Security Attacks with Remote Ground Robots. El-Cezeri 8, 3 (Sept. 2021), 1286–1308. https://doi.org/10.31202/ecjse.916532Google Scholar
- Ken Peffers, Tuure Tuunanen, Charles E Gengler, Matti Rossi, and Wendy Hui. 2006. THE DESIGN SCIENCE RESEARCH PROCESS: A MODEL FOR PRODUCING AND PRESENTING INFORMATION SYSTEMS RESEARCH. Proc. of First International Conference on Design Science Research in Information Systems and Technology (2006), 83–106. https://doi.org/10.48550/arXiv.2006.02763Google Scholar
- Eleni Philippou, Sylvain Frey, and Awais Rashid. 2020. Contextualising and Aligning Security Metrics and Business Objectives: A GQM-based Methodology. Computers & Security 88 (Jan. 2020), 101634. https://doi.org/10.1016/j.cose.2019.101634Google ScholarDigital Library
- Samantha Reig, Michal Luria, Elsa Forberger, Isabel Won, Aaron Steinfeld, Jodi Forlizzi, and John Zimmerman. 2021. Social Robots in Service Contexts: Exploring the Rewards and Risks of Personalization and Re-embodiment. In Designing Interactive Systems Conference 2021(DIS ’21). Association for Computing Machinery, New York, NY, USA, 1390–1402. https://doi.org/10.1145/3461778.3462036Google ScholarDigital Library
- Research and Markets. 2022. Global Social Robots Market - Growth, Trends, COVID-19 Impact, and Forecasts (2022 - 2027). https://www.researchandmarkets.com/reports/5120156/global-social-robots-market-growth-trends.Google Scholar
- Sean Rivera and Radu State. 2021. Securing Robots: An Integrated Approach for Security Challenges and Monitoring for the Robotic Operating System (ROS). In 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM). IEEE, Bordeaux, France, 754–759.Google Scholar
- Per Runeson and Martin Höst. 2009. Guidelines for Conducting and Reporting Case Study Research in Software Engineering. Empirical Software Engineering 14, 2 (April 2009), 131–164. https://doi.org/10.1007/s10664-008-9102-8Google ScholarDigital Library
- Per Runeson, Martin Höst, Austen Rainer, and Björn Regnell. 2012. Case Study Research in Software Engineering: Guidelines and Examples (first ed.). Wiley, Hoboken, New Jersey. https://doi.org/10.1002/9781118181034Google Scholar
- Pericle Salvini, Diego Paez-Granados, and Aude Billard. 2021. On the Safety of Mobile Robots Serving in Public Spaces: Identifying Gaps in EN ISO 13482:2014 and Calling for a New Standard. ACM Transactions on Human-Robot Interaction 10, 3 (July 2021), 19:1–19:27. https://doi.org/10.1145/3442678Google ScholarDigital Library
- Oleksandr Shyvakov. 2017. Developing a Security Framework for Robots. Master’s thesis. University of Twente.Google Scholar
- M Swanson, N Bartol, J Sabato, J Hash, and L Graffo. 2003. Security Metrics Guide for Information Technology Systems (zeroth ed.). Technical Report NIST SP 800-55. National Institute of Standards and Technology, Gaithersburg, MD. NIST SP 800–55 pages. https://doi.org/10.6028/NIST.SP.800-55Google Scholar
- Mohammad Tahaei and Kami Vaniea. 2019. A Survey on Developer-Centred Security. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, Stockholm, Sweden, 129–138. https://doi.org/10.1109/EuroSPW.2019.00021Google ScholarCross Ref
- The Research Council of Norway. 2021. User-Centred Security Framework for Social Robots in Public Space (SecuRoPS) - Prosjektbanken. https://prosjektbanken.forskningsradet.no/project/FORISS/321324.Google Scholar
- Margaret V. Tonkin. 2020. Socially Responsible Design for Social Robots in Public Spaces. Ph. D. Dissertation. University of Technology Sydney.Google Scholar
Index Terms
- Towards a User-centred Security Framework for Social Robots in Public Spaces
Recommendations
Threat Actors and Methods of Attack to Social Robots in Public Spaces
HCI for Cybersecurity, Privacy and TrustAbstractThe use of social robots in critical domains such as education and healthcare, as well as in public spaces, raises important challenges in ethics, information governance, cybersecurity, and privacy. Studies have shown that commercial social robots ...
Cybersecurity vulnerability mitigation framework through empirical paradigm: Enhanced prioritized gap analysis
AbstractExisting cybersecurity vulnerability assessment tools were designed based on the policies and standards defined by organizations such as the U.S. Department of Energy and the National Institute of Standards and Technology (NIST). ...
Highlights- Demonstrates the cybersecurity vulnerability mitigation framework (CyFEr).
- ...
Do social robots walk or roll?
ICSR'10: Proceedings of the Second international conference on Social roboticsThere is a growing trend of social robots to move into the human environment. This research is set up to find the trends within social robotic designs. A sample of social robotic designs is drawn to investigate on whether there are more legged social ...
Comments