ROS (Robot Operating System) is the most popular platform in the field of research robotics, created by Willow Garage and now supported by the Open-Source Robotics Foundation (OSRF). The main goal of ROS is to provide a unified and open-source software framework for controlling robots in a variety of real and simulated environments. ROS is not the first such attempt: a Wikipedia search for "software for robots" finds 15 such projects. However, Willow Garage is no ordinary group of programmers making free software [ 1 ]. With solid funding, strong technical expertise, and a wellplanned series of development milestones, Willow Garage has sparked a kind of programming fever among robotics, creating hundreds of custom ROS packages already created in just a few short years [ 2 ]. ROS now includes software for tasks ranging from navigation and localization (SLAM), 3D object recognition, action planning, multi-arm motion control, machine learning, and even billiards [ 3 ].

ROS can run on various versions of Linux, MacOS X, and partly on Microsoft Windows. However, the easiest way to get started is to use Ubuntu Linux, as this OS is officially supported by OSRF.

However, ROS was not designed with security considerations in mind. With some basic knowledge of how ROS works internally, it is easy to manipulate.

ROS makes a clear distinction between app control (like finding a publisher for a topic I want to subscribe to) and data transfer. The former is handled through the XML-RPC API, and the latter is handled by TCP or UDP based communication. In both cases, security concerns regarding confidentiality, integrity or authenticity were not considered. The ROS node does not need to identify or authenticate itself before taking any action. The stateless API also ignores what is happening on the network. While many of these design decisions seem very elegant from a software development standpoint, this opens several attack surfaces in ROS. Apart from the ability to disable individual nodes (as a form of DOS attack), eavesdropping in ROS is easy because there is no encrypted communication [ 4 ]. This way, anyone can read the data that the application is sending.

To carry out attacks on ROS applications, you can use two ready-made utilities: roschaos and ROSPenTo. They exploit vulnerabilities in the ROS API [ 5 ].

The ROS Master API does not require authentication for registration and deregistration of publishers, subscribers, and services [ 6 ]. This leads to a vulnerability that can be easily exploited using off-the-shelf penetration testing tools by an attacker who has access to the internal robotic network [ 7 ].

Building a Docker image and running a Docker container: $ docker build -t basic_cybersecurity11:latest .

$ docker run -it --name basic_cybersecuirity11 basic_cybersecurity11:latest Launching ROS nodes and topics participating in the network after starting the container: root@xxx:/# rosrun scenario1 talker & root@xxx:/# rosrun scenario1 listener Now let's open and initialize another command line in the same Docker container: $ docker exec –it basic_cybersecurity11 /bin/bash root@xxx:/# . /opt/ros/kinetic/setup.bash In the newly opened terminal, display a list of nodes and topics: root@xxx:/# rosnode list /listener /publisher /rosout root@d64845e9601e:/# rostopic list /flag /rosout /rosout_agg

We are interested in the previously launched nodes / publisher and / subscriber. Both of them communicate via the / flag topic (you can check this either by looking at the source code of the nodes or using the rosnode info command): root @xxx: / # rostopic echo / flag data: "br {N (* - E6NgwbyWc" --data: "br {N (* - E6NgwbyWc" --data: "br {N (* - E6NgwbyWc" --

Unregister the / publisher node from the / listener node using the roschaos utility for auditing the security of ROS systems: root@xxx:/# rosnode list /listener /publisher /rosout root@xxx:/# roschaos master unregister node --node_name /publisher

Unregistering /publisher You can see that the / listener node has stopped receiving messages. We can check the list of nodes: root@xxx:/# rosnode list /listener /rosout

We can observe that ROS Master no longer finds the / publisher node as it is no longer registered. However, the talker process is still running: root@xxx:/# ps -e

PID TTY TIME CMD

1 pts/0 00:00:00 launch_script.b 31 pts/0 00:00:00 roscore 42 ? 00:00:01 rosmaster 55 ? 00:00:01 rosout 72 pts/0 00:00:00 bash 78 pts/1 90 pts/0 108 pts/0 174 pts/1 00:00:00 bash 00:00:00 talker 00:00:01 listener 00:00:00 ps

Unauthenticated theme publisher list updates

The publisherUpdate method, which is part of the ROS Slave API, does not require authentication, as you can see from the parameters it takes: publisherUpdate(caller_id, topic, publishers)

Callback from master of current publisher list for specified topic. Parameters caller_id (str)

ROS caller ID. topic (str)

Topic name. publishers ([str])

List of current publishers for topic in the form of XMLRPC

URIs Returns (int, str, int)

(code, statusMessage, ignore)

The main problem is that the nodes of the ROS network do not continuously poll the ROS Master. Instead, they are registered once within the publisherUpdate callback, making them available to any attacker who arbitrarily uses this method [ 8 ]. By exploiting this vulnerability, an attacker could potentially change the publisher list of a given topic, affecting selected nodes, while the rest of the ROS network would not be affected and would not notice any changes.

$ docker build -t basic_cybersecurity12:latest .

$ docker run -it –name basic_cybersecurity12 basic_cybersecurity12:latest Let's start two nodes that exchange data through the topic: --Unregistering / publisher from / listener

First, we need to unregister / publisher from / listener. We will do this using the ROS Master API but notifying only / listener and no other node else. Messages from / publisher will no longer be processed by / listener [ 9 ]. All of this will happen without the involvement of the ROS Master (and other non-target nodes such as / publisher). To do all this, we will use the ROSPenTo pentest utility, which can communicate via the XMLRPC protocol with the ROS Master and ROS nodes [ 10 ].

Let us launch ROSPenTo and analyze the robotic network [ 11 ]: root@d64845e9601e:/# rospento RosPenTo - Penetration testing tool for the Robot Operating System(ROS) Copyright(C) 2018 JOANNEUM RESEARCH Forschungsgesellschaft mbH This program comes with ABSOLUTELY NO WARRANTY.

This is free software, and you are welcome to redistribute it under certain conditions.

For more details see the GNU General Public License at <http://www.gnu.org/licenses/>. What do you want to do? 0: Exit 1: Analyse system... 2: Print all analyzed systems 1 Please input URI of ROS Master: (e.g. http://localhost:11311/) http://localhost:11311/ Parameter 0.2:

Name: /rosversion Parameter 0.3:

Name: /run_id

Now in the first terminal, we can observe that the / listener node has stopped receiving messages. If we turn to the ROS Master API using the standard ROS utilities, we will see that no changes have occurred in the list of nodes: root@19246d9bf44b:/# rosnode list /listener /publisher /rosout

If we run the "Analyze system ..." command of the ROSPenTo utility again, we will not notice any changes either.

What really happened: ROSPenTo called the publisherUpdate XML-RPC function with an empty list of publishers as a parameter. This caused the / listener node to assume that there were no publishers available with the / flag theme, and therefore dropped the connection to the / publisher node.

The ROS developers realized all the flaws in the architecture of their brainchild and released a new version of it. Now communication between nodes takes place according to the DDS standard, which currently has two implementations: Connext Secure 5.3.1 (proprietary); eProsima Fast-RTPS 1.6.0 (open-source)/mmAlso, there is no longer a Master Node in the scheme - all its duties fell on the shoulders of DDS, which means that it is no longer possible to unnoticeably turn off nodes and perform a substitution [ 13 ]. However, there is still no encryption out of the box, which means we can still intercept and read messages.

The formation of readiness indicator of information security specialists, interaction with employers contributed to increasing the responsibility of all participants in the educational process for the total results. The results of pedagogical monitoring were a clearer organization of practices, improved educational programs of several disciplines, modified educational and methodological complexes, modernized laboratory installations.

Teachers noted the increased interest of students in the learning process. From these positions, the motivational factor for learning was investigated throughout the training period according to the modified methodology.

Dynamics of structural elements of the readiness indicator on average (levels of theoretical knowledge, practical skills) is positive. Individual psychological qualities were assessed by specialists of the professional psychological selection group using a set of psychodiagnostical methods and tests considering modern requirements for an information protection specialist.

The experts of the commission, when assessing the psychological qualities of specialists in the field of information security, made a conclusion on the professional suitability of graduates based on levels of determination, mindfulness, stress resistance and others [ 14 ].

To solve the latter problem, the DDS-Security specification was developed, which consists of the so-called. Plugins: authentication plugin, access control (authorization) plugin, cryptography plugin (encryption, decryption, hashing, EDS, etc.), logging plugin and data tagging plugin. The last two are not implemented in the free DDS implementation - eProsima Fast-RTPS [ 15 ]. However, the implementation does not always comply with the specification, and here it is the same, attacks are still available, but their complexity is greatly increasing. For example, topology recovery during the handshake stage is because at the very beginning the nodes exchange access control manifests, which contain metainformation that can be used to reconstruct the topology of the robotic network [ 16 ].

A consortium of four well-known companies - Intel, NXP, Synopsys and UbiquiOS under the auspices of the Linux Foundation - have created the Zephyr Project, a lightweight, scalable real-time operating system designed to run on resource-constrained devices of various architectures and distributed under the Apache 2.0 license. Unlike ROS, we see a real-time OS implementation here [ 17 ].

However, like any software, Zephyr is periodically found to have vulnerabilities, although participation in the development of an IT giant like Intel contributes to an increase in software quality, which means fewer bugs [ 18 ]. However, in May of this year, NCC audited Zephyr and found two critical networking stack vulnerabilities: 1) Stack overflow in net_ipv4_parse_hdr_options. An attacker can infiltrate or execute code inside the kernel when a malicious ICMP packet reaches the device. The screenshot shows how the attacker disabled the device. 2) Insecure parsing of MQTT header, which leads to memory corruption. A remote attacker could send an MQTT packet with a malformed header to cause memory corruption in the Zephyr kernel, which could lead to code execution.

The robot operating system is used to develop control applications for robots and unmanned aerial vehicles [ 19 ]. Such systems are usually a very important component, since all the logic for controlling the robot is built on them [ 20-23 ]. ROS was not designed with security considerations in mind, providing the basics - confidentiality, integrity, or authenticity. Consequently, ROS becomes a tasty morsel for attackers. They can:Listen to traffic; Disable individual nodes; Substitute nodes. The situation became even simpler when utilities for auditing the security of ROS systems appeared in the public domain: roschaos; rospento. ROS application developers have implemented security measures themselves to prevent these threats. If systems fail or fail, then the robot itself and the environment in which it is located may be at risk. To solve the last problem, we developed the DDS-Security specification, which consists of the so-called. plugins: authentication plugin, access control (authorization) plugin, cryptography plugin (encryption, decryption, hashing, EDS, etc.), logging plugin and data tagging plugin. The last two are not implemented in the free implementation of DDS eProsima Fast-RTPS.

However, the implementation does not always comply with the specification, and here it is the same, attacks are still available, but their complexity increases greatly. For example, topology recovery during the handshake stage is because, at the very beginning, nodes exchange access control manifests that contain meta-information from which robotic network topologies can be restored.

Our research has shown that ROS is quite vulnerable and requires significant improvement. Using such a system to manage critical applications becomes unacceptable [ 21 ]. The developers of ROS realized the shortcomings in the architecture and released a new version of it. Now communication between nodes takes place according to the DDS standard, which currently has two implementations: Connext Secure 5.3.1 (proprietary), eProsima Fast-RTPS 1.6.0 (open-source).

In addition, there is no longer a Master node in the scheme - all its responsibilities fell on the shoulders of DDS, which means that it is no longer possible to silently disable nodes, as well as perform substitution. However, there is still no encryption out of the box, which means that we can still intercept and read messages.ROS2 is becoming more secure; however, a fair number of vulnerabilities are still present. In general, despite the existing vulnerabilities of the operating system, it is a convenient mechanism for developing robot control systems. It is most convenient to collect and receive data from the sensor system and transmit control commands to ROS 2. This is due to the publisher architecture. the subscriber processes appear to be isolated from each other and may not communicate directly with each other, but act through the publisher. At the same time, it is possible to ensure that the publisher will carry out the authorization of processes. One of the directions for ensuring security in this case may be the integration of a mandatory access control model. Provided that it is required to provide an isolated environment and the highest level of protection.

This research was funded by the Russian Science Foundation grant number 21-79-00194, https://rscf.ru/project/21-79-00194/ in Southern Federal University.