CPS: Breakthrough: Secure Telerobotics - Demonstration and Evaluation of Cyber-Security Attacks on Telerobotic Systems
Abstract:
Telerobotic systems are cyber-physical systems where human operators and robots exchange information using a combination of publicly available communication networks and temporary ad-hoc wireless and satellite networks. These robotic systems are increasingly being used in robotic surgery, search and rescue operations, underwater missions, and battlefield scenarios. This project is researching potential cyber-security attacks on telerobotic systems, and it is developing efficient tools to prevent the identified threats, by monitoring and detecting malicious activities and correcting for them. Using the Raven IIOR system as an experimental platform, multiple cyber-security threats have been identified, and their scopes and impacts have been evaluated. In doing so, the following metrics have been used as a way of objectively measuring the impact of attacks on a teleoperated procedure: (i) the overall procedure time, (ii) the number of committed errors, (iii) the subjective assessment of diffi y, and (iv) the Fitt’s index of difficulty. Based on the identified impact, the threats have been classified into intention modification, intention manipulation and hijacking attacks. The project demonstrates that it is currently possible to maliciously control a wide range of the robot’s functions, and to completely ignore or override command inputs from operators. Moreover, it is demonstrated that it is currently possible to abuse the robot’s existing emergency stop (E-stop) mechanism to execute efficient (single packet) attacks. Furthermore, in several instances, trade-offs between real-time teleop- eration and security requirements have been observed. These trade-offs, essentially representing a multi-objective optimization problem, are currently being explored. However, they seem to reinforce some of the unique challenges specific to teleoperation security. This project further investigates possible steps to mitigate these identified attacks, and experimentally evaluates the feasibility of applying the existing cyber-security solutions to mit- igate them. A parallel effort is put into the investigation of threats from the class of denial-of- service (DoS) attacks, which cannot be prevented using available cryptographic solutions. To prevent these attacks, a monitoring and detection system, which collects operator commands and manipulator feedback information, is proposed. Based on the collected data, the mecha- nism will perform a real-time identification of the unique operator’s movement features. That is, it will recognize the operator’s movement signature. In conclusion, this project is bringing together research in robotics, computer and network security, control theory and machine learning, in order to gain better understanding of complex telerobotic systems, and to engineer these systems such that they provide strict safety, security and privacy guarantees. The results are expected to be relevant and applicable to a wide range of cyber-physical systems.