CPS: Breakthrough: Secure Telerobotics
pdf
Abstract:
Telerobotic systems are cyber‐physical systems where human operators and robots exchange information using a combination of publicly available communication networks and temporary ad‐hoc wireless and satellite networks. These robotic systems are increasingly being used in situations where it not reasonable to send humans, due to danger, distance or size. Examples include telerobotic surgery, search and rescue operations, underwater activities, mining, and military applications. This project addresses cyber‐security attacks on telerobotic systems, and we are developing efficient tools to prevent the identified threats, by monitoring and detecting malicious activities and correcting for them. Using the Raven II R system as an experimental platform, multiple cyber‐security threats have been identified, and their scopes and impacts have been evaluated. Based on the identified impact, threats have been classified into intention modification, intention manipulation and hijacking attacks. The project demonstrates that it is currently possible to maliciously control a wide range of the robot’s functions, and to ignore or override command inputs from operators. Moreover, we have demonstrated that it is currently possible to abuse the robot’s existing emergency stop (E‐stop) mechanism to execute efficient (single packet) attacks. Important trade‐offs between real‐time teleoperation and security requirements have been observed, essentially posing a multi‐objective optimization problem. This project is also developing methods to mitigate these identified attacks, and to experimentally evaluate their feasibility. An additional effort is investigating threats from denial‐of service (DoS) attacks, which cannot be prevented using available cryptographic solutions. To prevent these attacks, a monitoring and detection system, which collects operator commands and manipulator feedback information, is proposed. Based on the collected data, the mechanism performs real‐time identification of the unique operator’s movement features. That is, it recognizes the operator’s movement signature. We have recently extended this work to consider signature authentication, based on how a signature is made (motion and applied forces) as well as the graphical image. Adding force and motion information greatly increases the space of possible passwords. This extension is motivated by recently available force‐sensitive touch screen devices (for smart phones, tablets, laptops and point‐of‐sale devices). Preliminary devices show excellent user identification and resistance to forgery, using this new biometric which does not require memorization of passwords and is very difficult to compromise. Potential commercialization or transfer of this technology is now under investigation. In conclusion, this project is bringing together research in robotics, computer and network security, control theory and machine learning, in order to gain better understanding of complex telerobotic systems, and to engineer these systems such that they provide strict safety, security and privacy guarantees. The results are expected to be relevant and applicable to a wide range of cyber‐physical systems.
Submitted by Howard Chizeck
on
Abstract:
Telerobotic systems are cyber‐physical systems where human operators and robots exchange information using a combination of publicly available communication networks and temporary ad‐hoc wireless and satellite networks. These robotic systems are increasingly being used in situations where it not reasonable to send humans, due to danger, distance or size. Examples include telerobotic surgery, search and rescue operations, underwater activities, mining, and military applications. This project addresses cyber‐security attacks on telerobotic systems, and we are developing efficient tools to prevent the identified threats, by monitoring and detecting malicious activities and correcting for them. Using the Raven II R system as an experimental platform, multiple cyber‐security threats have been identified, and their scopes and impacts have been evaluated. Based on the identified impact, threats have been classified into intention modification, intention manipulation and hijacking attacks. The project demonstrates that it is currently possible to maliciously control a wide range of the robot’s functions, and to ignore or override command inputs from operators. Moreover, we have demonstrated that it is currently possible to abuse the robot’s existing emergency stop (E‐stop) mechanism to execute efficient (single packet) attacks. Important trade‐offs between real‐time teleoperation and security requirements have been observed, essentially posing a multi‐objective optimization problem. This project is also developing methods to mitigate these identified attacks, and to experimentally evaluate their feasibility. An additional effort is investigating threats from denial‐of service (DoS) attacks, which cannot be prevented using available cryptographic solutions. To prevent these attacks, a monitoring and detection system, which collects operator commands and manipulator feedback information, is proposed. Based on the collected data, the mechanism performs real‐time identification of the unique operator’s movement features. That is, it recognizes the operator’s movement signature. We have recently extended this work to consider signature authentication, based on how a signature is made (motion and applied forces) as well as the graphical image. Adding force and motion information greatly increases the space of possible passwords. This extension is motivated by recently available force‐sensitive touch screen devices (for smart phones, tablets, laptops and point‐of‐sale devices). Preliminary devices show excellent user identification and resistance to forgery, using this new biometric which does not require memorization of passwords and is very difficult to compromise. Potential commercialization or transfer of this technology is now under investigation. In conclusion, this project is bringing together research in robotics, computer and network security, control theory and machine learning, in order to gain better understanding of complex telerobotic systems, and to engineer these systems such that they provide strict safety, security and privacy guarantees. The results are expected to be relevant and applicable to a wide range of cyber‐physical systems.