Developing a security framework for robots

Shyvakov, O. (2017) Developing a security framework for robots.

[img]
Preview
PDF
1MB
Abstract:Currently there is a significant increase in the popularity of robots. This statement holds true for both consumer and professional robots. The market is shifting towards automation and optimization. And robotics is one of the main tools which is leveraged for these purposes. However security still remains a weak point for robots. One of the reasons for it is an absence of security assessment documentation for robots. In this research we investigate what components constitute a robot and can influences its security. We obtain this information from a literature review, expert interviews and our investigation of a professional robot. Based on the obtained information we design the first security assessment framework for robots. Additionally we provide information on how to use the framework. In order to identify whether our framework provides value for security professionals we perform an experimental validation. We validate whether our framework helps to ensure that all the components that can influence robots security are assessed during security assessments (completeness). We do it by conducting an experiment which involves security professionals and a professional robot. Additionally we validate whether two independently working professionals can achieve same results with our framework even when they work independently (reproducibility). We do it by providing reasoning why it is true, making an assessment with the help of the framework ourselves and showing how the results of an assessment look like. During our assessment of a professional robot we identify importance of securing internal networks of robots even though it was not mentioned in the literature before. We identify that communications on internal networks most often have no authentication and encryption. Consequently all communications between nodes can be disrupted or modified. Attackers can issue rogue commands and therefore impact is high. However physical access to the robot is needed to launch the attack which lowers its probability. We identify that emerging security areas lack security assessment documentation. As a result ad hoc practices are used and it can influence the quality of security assessments. We tackle this problem on an example of robots by creating a security testing framework. Consequently it can be the first step to improve security in the robots industry by ensuring completeness and reproducibility of security assessments of robots.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:http://purl.utwente.nl/essays/73371
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page