Risk Analysis and Policy Enforcement of Function Interactions in Robot Apps

03/23/2021
by   Yuan Xu, et al.
0

Robot apps are becoming more automated, complex and diverse. An app usually consists of many functions, interacting with each other and the environment. This allows robots to conduct various tasks. However, it also opens a new door for cyber attacks: adversaries can leverage these interactions to threaten the safety of robot operations. Unfortunately, this issue is rarely explored in past works. We present the first systematic investigation about the function interactions in common robot apps. First, we disclose the potential risks and damages caused by malicious interactions. We introduce a comprehensive graph to model the function interactions in robot apps by analyzing 3,100 packages from the Robot Operating System (ROS) platform. From this graph, we identify and categorize three types of interaction risks. Second, we propose RTron, a novel system to detect and mitigate these risks and protect the operations of robot apps. We introduce security policies for each type of risks, and design coordination nodes to enforce the policies and regulate the interactions. We conduct extensive experiments on 110 robot apps from the ROS platform and two complex apps (Baidu Apollo and Autoware) widely adopted in industry. Evaluation results indicated RTron can correctly identify and mitigate all potential risks with negligible performance cost. To validate the practicality of the risks and solutions, we implement and evaluate RTron on a physical UGV (Turtlebot) with real-word apps and environments.

READ FULL TEXT

page 4

page 9

page 13

page 14

page 15

page 16

page 19

page 20

research
02/03/2021

Discovering Physical Interaction Vulnerabilities in IoT Deployments

Internet of Things (IoT) applications drive the behavior of IoT deployme...
research
05/14/2018

AUSERA: Large-Scale Automated Security Risk Assessment of Global Mobile Banking Apps

Contemporary financial technology (FinTech) that enables cashless mobile...
research
03/21/2021

A Systematical Study on Application Performance Management Libraries for Apps

Being able to automatically detect the performance issues in apps can si...
research
03/28/2022

The...Tinderverse?: Opportunities and Challenges for User Safety in Extended Reality (XR) Dating Apps

Dating apps such as Tinder have announced plans for a dating metaverse: ...
research
02/02/2023

MAVERICK: An App-independent and Platform-agnostic Approach to Enforce Policies in IoT Systems at Runtime

Safety and security issues in programmable IoT systems are still a press...
research
01/14/2018

Tyche: Risk-Based Permissions for Smart Home Platforms

Emerging smart home platforms, which interface with a variety of physica...
research
03/09/2023

A Variable Autonomy approach for an Automated Weeding Platform

Climate change, increase in world population and the war in Ukraine have...

Please sign up or login with your details

Forgot password? Click here to reset