Skip to main content
SpringerLink
Log in

Penetration Testing ROS

  • Chapter
  • First Online:
Robot Operating System (ROS)

Part of the book series: Studies in Computational Intelligence ((SCI,volume 831))

Abstract

ROS is the most popular framework in robotics research and it also grows in terms of industrial use. This makes ROS a worthwhile target for attackers especially since security is not addressed by the core framework itself. Its open architecture and flexibility are also the reasons why ROS suffers from security issues. For example, in ROS it is possible to isolate single nodes from the rest of the application without the ROS master, the other nodes or even the node itself (i.e., its business code) noticing it. This is true for publishers, subscribers and services alike. This makes attacks very difficult to spot at runtime. Penetration testing is the most common security testing practice. The goal is to test an application for possible security flaws. To better facilitate penetration testing for ROS, we introduce ROSPenTo and Roschaos, tools that make use of the vulnerabilities of ROS and demonstrate how ROS applications can be sabotaged by an attacker. In this tutorial you will learn about the ROS XML-RPC API, which is our main attack point. You will see, how API attacks on ROS work in depth. You will get to know Roschaos and ROSPentTo, two tools, which can be used to manipulate running ROS applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.rosindustrial.org.

  2. 2.

    wiki.ros.org/ROS/Master_API.

  3. 3.

    wiki.ros.org/ROS/Parameter%20Server%20API.

  4. 4.

    wiki.ros.org/ROS/Slave_API.

  5. 5.

    http://wiki.ros.org/actionlib/DetailedDescription, last accessed 07/02/2018.

  6. 6.

    Download ROSPenTo at https://github.com/jr-robotics/ROSPenTo and follow building instructions in the README file.

  7. 7.

    A video of ROSPenTo in action can be found at https://vimeo.com/295958352.

  8. 8.

    http://www.mono-project.org.

  9. 9.

    http://wiki.ros.org/roscpp_tutorials.

  10. 10.

    http://wiki.ros.org/rospy_tutorials.

  11. 11.

    http://wiki.ros.org/omron_os32c_driver.

  12. 12.

    https://github.com/IFL-CAMP/iiwa_stack.

  13. 13.

    https://github.com/ThomasTimm/ur_modern_driver.

  14. 14.

    https://github.com/ruffsl/roschaos.

  15. 15.

    http://wiki.ros.org/roswtf.

  16. 16.

    http://www.ros2.org/.

  17. 17.

    https://github.com/ros2/sros2.

References

  1. Arkin, B., Stender, S., McGraw, G.: Software penetration testing. IEEE Secur. Priv. 3(1), 84–87 (2005)

    Article  Google Scholar 

  2. Breiling, B., Dieber, B., Schartner, P.: Secure communication for the robot operating system. In: Proceedings of the 11th IEEE International Systems Conference, pp. 360–365 (2017)

    Google Scholar 

  3. Cheminod, M., Durante, L., Valenzano, A.: Review of security issues in industrial networks. IEEE Trans. Ind. Inf. 9(1), 277–293 (2013)

    Article  Google Scholar 

  4. DeMarinis, N., Tellex, S., Kemerlis, V., Konidaris, G., Fonseca, R.: Scanning the internet for ROS: a view of security in robotics research. arXiv preprint arXiv:1808.03322 (2018)

  5. Dieber, B., Breiling, B., Taurer, S., Kacianka, S., Rass, S., Schartner, P.: Security for the robot operating system. Rob. Auton. Syst. 98, 192–203 (2017)

    Article  Google Scholar 

  6. Dieber, B., Kacianka, S., Rass, S., Schartner, P.: Application-level security for ROS-based applications. In: Proceedings of the 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS 2016) (2016)

    Google Scholar 

  7. Fairley, P.: Cybersecurity at U.S. utilities due for an upgrade: tech to detect intrusions into industrial control systems will be mandatory [News]. IEEE Spectr. 53(5), 11–13 (2016)

    Article  Google Scholar 

  8. Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: 37th Annual Conference of the IEEE Industrial Electronics Society (IECON 2011), pp. 4490–4494 (2011)

    Google Scholar 

  9. Kim, J., Smereka, J.M., Cheung, C., Nepal, S., Grobler, M.: Security and performance considerations in ROS 2: a balancing act. arXiv preprint arXiv:1809.09566v1 (2018)

  10. McClean, J., Stull, C., Farrar, C., Mascareñas, D.: A preliminary cyber-physical security assessment of the robot operating system (ROS). In: Proceedings of SPIE, vol. 8741, pp. 874110–874118. https://doi.org/10.1117/12.2016189 (2013)

  11. Miller, B., Rowe, D.: A survey of SCADA and critical infrastructure incidents. In: Proceedings of the 1st Annual Conference on Research in Information Technology, RIIT ’12, pp. 51–56. ACM, New York, NY, USA. https://doi.org/10.1145/2380790.2380805 (2012)

  12. Nelson, N.: The impact of dragonfly malware on industrial control systems. Tech. rep, SANS Institute (2016)

    Google Scholar 

  13. OMG: Data Distribution Service (DDS), Version 1.4. https://www.omg.org/spec/DDS/1.4 (2015)

  14. OMG: Data Distribution Service (DDS) Security Specification, Version 1.1. https://www.omg.org/spec/DDS-SECURITY/1.1 (2018)

  15. Portugal, D., Santos, M.A., Pereira, S., Couceiro, M.S.: On the security of robotic applications using ROS. In: Artificial Intelligence Safety and Security, pp. 273–289. Chapman and Hall/CRC (2018)

    Google Scholar 

  16. Quigley, M., Conley, K., Gerkey, B., Faust, J., Foote, T., Leibs, J., Wheeler, R., Ng, A.Y.: ROS: an open-source robot operating system. In: ICRA Workshop on Open Source Software. vol. 3, p. 5. Kobe, Japan (2009)

    Google Scholar 

  17. Rodríguez-Lera, F.J., Matellán-Olivera, V., Balsa-Comerón, J., Guerrero-Higueras, M., Fernández-Llamas, C.: Message encryption in robot operating system: collateral effects of hardening mobile robots. Frontiers in ICT 5,  2 (2018). https://doi.org/10.3389/fict.2018.00002

  18. Vilches, V.M., Gil-Uriarte, E., Ugarte, I.Z., Mendia, G.O., Pisón, R.I., Kirschgens, L.A., Calvo, A.B., Cordero, A.H., Apa, L., Cerrudo, C.: Towards an open standard for assessing the severity of robot security vulnerabilities, the robot vulnerability scoring system (RVSS). arXiv preprint arXiv:1807.10357 (2018)

  19. Vilches, V.M., Kirschgens, L.A., Calvo, A.B., Cordero, A.H., Pisón, R.I., Vilches, D.M., Rosas, A.M., Mendia, G.O., Juan, L.U.S., Ugarte, I.Z., et al.: Introducing the robot security framework (RSF), a standardized methodology to perform security assessments in robotics. arXiv preprint arXiv:1806.04042 (2018)

  20. White, R., Caiazza, G., Christensen, H., Cortesi, A.: SROS1: Using and Developing Secure ROS1 Systems, pp. 373–405. Springer International Publishing, Cham. https://doi.org/10.1007/978-3-319-91590-6_11 (2019)

    Google Scholar 

  21. White, R., Christensen, H., Quigley, M.: SROS: Securing ROS over the wire, in the graph, and through the kernel. In: Proceedings of the IEEE-RAS International Conference on Humanoid Robots (HUMANOIDS) (2016)

    Google Scholar 

Download references

Acknowledgements

The work reported in this article has been supported by the Austrian Ministry for Transport, Innovation and Technology (bmvit) within the project framework Collaborative Robotics and by the programme “ICT of the Future”, managed by the Austrian Research Promotion Agency (FFG), under grant no. 861264.

Author information

Authors and Affiliations

  1. Institute for Robotics and Mechatronics, Joanneum Research, Lakeside B08, 9020, Klagenfurt, Austria

    Bernhard Dieber, Sebastian Taurer & Benjamin Breiling

  2. Contextual Robotics Institute, University of California, San Diego, 9500 Gilman Drive, La Jolla, CA, 92093, USA

    Ruffin White & Henrik Christensen

  3. Ca’ Foscari University, Venice, Dorsoduro 3246, 30123, Venezia, Italy

    Gianluca Caiazza & Agostino Cortesi

Authors
  1. Bernhard Dieber
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ruffin White
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sebastian Taurer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Benjamin Breiling
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gianluca Caiazza
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Henrik Christensen
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Agostino Cortesi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bernhard Dieber .

Editor information

Editors and Affiliations

  1. College of Computer Science and Information Systems, Prince Sultan University, Riyadh, Saudi Arabia

    Anis Koubaa

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Dieber, B. et al. (2020). Penetration Testing ROS. In: Koubaa, A. (eds) Robot Operating System (ROS). Studies in Computational Intelligence, vol 831. Springer, Cham. https://doi.org/10.1007/978-3-030-20190-6_8

Download citation

Publish with us

Policies and ethics

Search

Navigation