Robotics cyber security: vulnerabilities, attacks,

countermeasures, and recommendations

Yashvi kakadiya (BSC.IT 2020-23)

School of Information Technology

Auro University
Surat, India
[email protected]

Abstract Keywords Robotics · Security systems ·

The recent digital revolution led robots to Security attacks · Countermeasures · Risk
become integrated more than ever into analysis · Counter-terrorism/insurgency ·
different domains such as agricultural, Robotics against COVID-19
medical, industrial, military, police (law
enforcement), and logistics. Robots are 1 Introduction
devoted to serve, facilitate, and enhance
the human life. However, many incidents With the latest digital revolution and the
have been occurring, leading to serious heavy reliance on Artificial Intelligence
injuries and devastating impacts such as (AI), smart robots are being employed to
the unnecessary loss of human lives. speed up the transformation of digital
Unintended accidents will always take operations. In this context, the market of
place, but the ones caused by malicious intelligent machines, including
attacks represent a very challenging issue. autonomous robots, is exponentially
This includes maliciously hijacking and growing; more than 40 million robots were
controlling robots and causing serious reportedly sold between 2016 and 2019.
Robotics is one of those technologies that
economic and financial losses. This paper
are witnessing tremendous expansion and
reviews the main security vulnerabilities,
threats, risks, and their impacts, and the growth especially with the rise of the
main security attacks within the robotics ongoing COVID-19 pandemic. Moreover,
domain. In this context, different its emergence into the Internet of Things
approaches and recommendations are (IoT) domain led it to be called the Internet
presented in order to enhance and improve of Robotic Things. In fact, robots play a
the security level of robotic systems such crucial role in modern societies, offering
as multi-factor device/user authentication various opportunities to help in various
schemes, in addition to multi-factor domains, including civilian and military
cryptographic algorithms. We also review sectors, as well as agricultural, industrial,
and medical ones. However, there are
the recently presented security solutions
several concerns related to robots’
for robotic systems.
deployment in critical infrastructures (e.g.,
industrial, medical, etc.). These concerns
are mainly related to security, safety,
accuracy and trust. Security is primarily use of robots in industrial, medical,
related to the level of protection of these disaster and agriculture fields, in addition
robots against different types of cyber- to police and military one.
attacks. Safety is related to the reduction of (Yaacoub, 19 March 2021)
the likelihood of accidents’ occurrence(s),
accuracy is based on performing the 2.1 Industrial field
intended task without any faults/mistakes,
Industrial robots are mainly used in order
while trust is based on the level of
to reduce manpower. Robots have become
satisfaction and capability of these robots
artificially smart and able to perform jobs
to accurately perform and replace humans
faster, safer, and with higher efficiency.
in certain fields and activities. However,
Such jobs include manufacturing,
various security concerns, issues,
construction, transportation, and quality
vulnerabilities, and threats are constantly
control. In particular, robots are being used
arising, including the malicious misuse of
in hazardous locations to perform
these robots via cyber-attacks, which may
dangerous tasks. They are also capable of
result in serious injuries and even death.
performing repetitive tasks with the same
precision and accuracy, better than their
2 Robot application human counterpart.
(Yaacoub, 19 March 2021)
domains
Robots have been deployed in different
domains and employed in different fields, 2.2 Medical field
including civilian and military ones, which Robots have been deployed in the medical
are illustrates the various robotic usages in domain to be used in tele-medicine, virtual
different fields of operations for many care, and remote treatment concepts. In
tasks and purposes such as photography, fact, they were designed to serve as
product delivery, agriculture, wildlife medical robots, surgical robots, and
monitoring, policing, search and rescue, hospital robots. They are used to perform
emergency response, crisis/disaster small surgeries accurately, and new
response, casualty evacuation, medical robots are capable of performing
reconnaissance and surveillance, Cardio-Pulmonary Resuscitation (CPR).
counterterrorism/insurgency, counter- (Yaacoub, 19 March 2021)
IEDs/unexploded ordnance, border patrol,
infrastructure inspections, and science. 2.3 Agriculture field
There are different types of robots Robots are used in agriculture due to their
depending on their field of operation: efficient and increased performance in
Unmanned Aerial Vehicles (UAVs) such reducing manpower and resource
as drones, Autonomous Unmanned consumption. They are used to perform
Aircraft Vehicles (AUAVs), Unmanned some tasks efficiently, especially when
Aerial Combat Vehicles (UACVs) and dealing with a large farming area that
Unmanned Aircraft Systems (UASs) requires at least a dozen of workers and
Unmanned Ground Vehicles (UGVs) such several days. This enhances irrigation,
as robots and autonomous vehicles, and crop testing, crop agriculture, and so on.
Unmanned Underwater Vehicles (UUVs) (Yaacoub, 19 March 2021)
such as underwater drones, Autonomous
Surface Vehicle (ASV), Remotely
Operated Underwater Vehicles (ROUVs)
and Autonomous Underwater Vehicles
(AUVs). This section discusses the main
2.4 Disaster field “Skunk” drones which are armed and
Disaster robots can be used to reach and equipped with pepper spray. The American
find helpless people who were isolated by police and law enforcement are also using
floods, or stuck and lost somewhere. “weaponized drones” armed with tasers,
Disaster robots can perform jobs and reach tear gas, and rubber bullets.
places that humans cannot. Their famous (Yaacoub, 19 March 2021)
use was when Search and Rescue (SAR)
robots were deployed to locate and find 2.6 Military field
lost Thai cave boys safely. Moreover, Military robots became the latest adopted
robots were used in the firefighting weapons to be used in most of military
domain, which helps in sparing the lives of operations, especially with the extensive
firefighters and to access areas that are use of Unmanned Aerial Vehicles (UAVs)
deemed too dangerous, too small, and/or to perform target detection and to launch
too risky for firefighters. In fact, both airstrikes. Moreover, robots were used to
robots and UAVs were used after the counter the Improvised Explosive Device
devastating Beirut port explosion that (IED) threat, especially in Iraq and
occurred at around 6:07 pm on August 4th, Afghanistan. In fact, they were being used
2020, to help with assessing the damage by the British army in Northern Ireland
and impact radius, as well as in the search since 1970s, to combat the IEDs threat
for missing personnel. The explosion was imposed by the Irish Republican Army
caused by the alleged detonation of 2750 (IRA) and its different factions and issues.
tonnes of Ammonium Nitrate due to lack (Yaacoub, 19 March 2021)
of proper storage, equivalent to 1.1
kilotons of Trinitrotoluene (TNT), and is
considered as one of the most powerful 3 Robotics security: issues,
non-nuclear explosions in history. vulnerabilities, threats, and
(Yaacoub, 19 March 2021) risks
Despite the great advantages and
2.5 Police and law promising future, the robotic field holds,
enforcement field some major concerns are still lurking
around, and imposing serious threats and
Robots are being deployed in various
police fields, especially when it comes to issues that can potentially affect both
shooting down, neutralizing, or humans and machines. For this reason,
eliminating suspects in places that are these main issues and challenges are
considered too dangerous and that could presented in this section.
lead to the loss of valuable officers’ lives. (Yaacoub, 19 March 2021)
A well-known use case of this application
is when the police used a robot strapped 3.1 Security issues
with a C4 explosive and detonated it in Robotic issues are not limited to one, but
order to kill the Dallas shooter. In fact, the to many aspects that could exploit any
Israeli police is known to have used drones vulnerability/security gap to target robotic
(i.e., spiderman urban assault drone), with systems and applications alike. The aim is
others equipped with tear gas to counter to identify and classify them to gain a
the Gaza protests and to reduce the threat better insight, which helps other fellow
imposed by possibly armed infiltrators and researchers in their quest to identify, tackle
burning/armed explosive incendiary kites and overcome them
and balloons. Indian, South African, and • Lack of secure networking which renders
Dutch police are also known to have used the communication between
robots/machines and humans insecure and disruptions and can reconfigure the backup
prone to various attacks. resources.
•Lack of proper authentication which leads •Lack of safety designs is very risky and
to an unauthorized access using standard has proven in many real-case incidents to
usernames and passwords, which can be be lethal and threatening towards humans
easily trespassed by a given attacker. with a remarkable number of casualties
•Lack of confidentiality which is due to the and fatalities, aside the economic/financial
use of weak encryption algorithms that can losses.
be easily broken, leading to the •Lack of security by-design features leads
interception and exposure of robotic to breaking into the robotic system’s
sensitive data and design plans. architecture and design to scan and exploit
•Lack of privacy can result in the exposure its vulnerability/security gap(s) for further
of business deals and trades that can affect attacks, including malicious data injection
the reputation of a given organization, and and modification.
the exposure of the collaboration between •Lack of AI-based designs affects the
different robotic security firms. operational and functional performance of
•Lack of integrity which is due to the use robots when being assigned a task, with
of weak message authentication protocols both accuracy and performance being
that can be easily compromised, leading to affected.
the alteration of robotic sensitive data, •Lack of update for the robotic operating
stored or in transit. system, firmware,
•Lack of verification which does not and software may result in various cyber-
include strong biometric features to physical attacks.
prevent any abuse of privilege or •Lack of advanced IDS solutions is also a
unauthorized access. major issue, especially when relying on
•Lack of authorization it defines the right intrusion detection system that either
physical access based on the assigned detect anomaly, behaviour or signature
access controls inside robotic labs, pattern of a given malware, rather than
factories, and industries. relying on advanced hybrid and
•Misconfiguration and bad programming lightweight or AI-based IDS solutions.
which may render the robotic systems and The same is true for the use of Honeypots.
operating systems incapable of performing •Lack of penetration testing could lead to
the intended tasks at the required accuracy security breaches of the deployed
level, and thus, threatening their human applications.
operators and badly affecting the software •Lack of security patches increases the
features. chance of basic and advanced attacks such
•Lack of tamper-resistant hardware renders as stealing of sensitive data, remote access,
robots prone to damage and/or partial/total and rootkit.
destruction, which can lead to the loss of •Lack of personnel training is also a
the robot’s functional and operational serious issue since personnel working in
capabilities. the coding robotic domain, or as human
•Lack of self-healing processing leaves the operators, or as IT or chief executives, are
robotic system prone to the possibly of targeted by social engineering, reverse
cascading attacks with the inability to engineering and phishing attacks.
recover or react in time to prevent further •Lack of human–machine collaboration
degradation in its performance. Hence, a could affect the human activity in terms of
self-healing process is required to ensure labour, work, and performance.
that robotic systems can sense faults or
•Lack of employee screening could result •Heterogeneity and homogeneity
in having an insider attack led by a vulnerability the heterogeneous nature of
whistle-blower that leaks sensitive data robotic systems makes their integration
and exposes classified information and prone to many security issues. Moreover,
sensitive robotic details. their homogeneous nature also leaves them
(Yaacoub, 19 March 2021) prone to similar attacks with possibly
cascading effects.
•Management vulnerability includes the
3.2 Security vulnerabilities
lack of advised planning, security
Robotic systems are prone to various guidelines, procedures and policies.
vulnerabilities that can affect their
(Yaacoub, 19 March 2021)
performance in terms of connectivity,
productivity, operations, and accuracy.
This paper presents several vulnerabilities 3.3 Security threats
that are challenging: Robotics threats are growing, not only due
•Network vulnerability with the lack or the to the concept of industrial competition,
adoption of basic security measures, but also due spying and terrorism.
robotic systems are vulnerable to various (Yaacoub, 19 March 2021)
wired/wireless communication and
connections attacks including replay, man- 3.3.1 Threat source
in-the-middle, eavesdropping, sniffing,
Threats can originate from different
spoofing, etc.
sources, and can be part of cyber-crimes,
•Platform vulnerability includes the lack of cyber-warfare, cyber-espionage, or even
constant updates of software and firmware cyber-terrorism. This paper lists the main
patches, as well as security patches to ones as follows:
maintain a secure up-to-date robotic
•Insiders (or whistle-blowers) are usually
system. This results into also having
rogue or unsatisfied employees who aim to
configuration and database vulnerabilities.
either steal robotic confidential
•Application vulnerability applications that information, or infiltrators that help
are not tested and evaluated for coding or outsiders to conduct their attack remotely
compatibility bugs, can also affect the through abuse of privilege. Insiders can
robotic system’s performance. Hence, also cause physical damage and
further testing is essentially required. destruction to robotic systems.
•Security vulnerability the adoption of new •Outsiders aim to gain access to a robotic
security measures without thorough testing system through the Internet. The external
can sometimes affect the performance of adversary’s aim is to get access to
both robotic systems and devices. Hence, information for malicious purposes, to
testing is essential before deployment. cause malfunction or/and disrupt the
•Bad practice vulnerability includes the system’s services through the injection of
bad choice of security measures and either fake or malicious data.
means, as well as lack of coding skills, •Competitors usually, rivals in the robotic
which can be easily re-modified to cause industry aim to maintain a leading edge in
errors or to perform the wrong tasks. this domain. Many methods can be
•Update vulnerability robots are also prone adopted such as the reliance on insiders, or
to update vulnerabilities that can cause part of industrial espionage to leak
their systems and operating systems to act confidential documents and damage the
differently due to the new update, rival company’s reputation
including the loss of unsaved data, •Incompetent developers include bad
interruption of the ongoing process, etc. manufacturers and programmers who do
not take into consideration the essential •Spies are constantly being used to
safety and security requirements upon the conduct (cyber) espionage and sabotage
development of software for robots and operations, typically between rival
machines. countries such as Iranian-Israeli cold
•Incompetent operators include either cyber-war, which reached its height in
ignorant users who do not know how to May 2020, including cyber-attacks and
use well a robot or a machine, or malicious sabotage operations. A prime example is
users who try to use the robot/machine for the “Quicksand” operation led by Iran’s
a malicious task. “Muddy Water” and Cyber “Avengers”
•Cyber criminals including hackers whose that are linked to the Islamic
aim is put their cyber-attack capabilities Revolutionary Guard Corps (IRGC)
into action via scanning for security gaps targeting Israel’s industrial infrastructure,
or software/firmware vulnerability and followed by a series of ongoing Israeli
exploiting them. counter-cyber-offensives, which reached
•Organized criminals unlike cyber their height in June, targeting Iran’s
criminals, they break into a given company infrastructure ports, electricity firms,
and steal robotic components, parts, covert nuclear labs, etc. In fact, the Iranian
designs, or architecture plan in order to sell cyber-threat is growing with many
it into the black market to rival companies, Advanced Persistent Threat (APT) actors
or for their own personal gains. attacking Western targets such as: APT33
•Malicious manufacturers leave, on targeting aerospace and (petrochemical)
purpose, a backdoor into the robotic energy, APT34 involving a long-term
system to track and monitor the activities cyber espionage operation targeting
of the robot and its operator without the financial, government, energy, chemical
owner’s knowledge. Also, they can gather firms, APT35 (or Newscaster Team)
sensitive and confidential information targeting military, governmental, media
about the user’s device through key and engineering firms, and APT39
logging and root-kits. In fact, many targeting telecommunications sector and
manufacturers leave on purpose a design high-tech industry.
flaw or a misconfiguration as a backdoor (Yaacoub, 19 March 2021)
in order to exploit it or to get quick access
to the robotic system. 3.3.2 Threat nature
•State-sponsored hackers are usually Despite the already listed issues, there are
recruited as a nation’s cyber-army to various threats targeting Industrial IoT
perform defensive and offensive tasks to systems that need to be addressed before
achieve political influence and gain. This diving further into the security aspect of
can include hijacking military robots, the robotic domain. These main threats are
leaking sensitive and confidential classified as follows:
documents about lethal robot designs, or •Wireless jamming robotic
declassifying robotic documents and communications are prone to various
experiments. availability attacks that can jam, disrupt
•Terrorists also rely, in this domain, in the or/and interrupt its connection via either
physical and cyber-world. Terrorists use de-authentication or jamming. This leads
robots and drones in their paramilitary to the complete or partial loss of
operations. Also, cyber-terrorism is controlling the robot
growing to retrieve details and gain •Reconnaissance and scanning robotic
insights about robotic systems to build systems are also prone to various
their own versions. reconnaissance and scanning attacks that
aim to evaluate their level of protection, robotic systems, or via launching a
the employed software, hardware, and (distributed) denial of service attack.
operating systems, to search for a security •Sabotage and espionage robotic systems
vulnerability or gap that may be exploited are typically prone to industrial espionage
in future attacks. operations, which can be further extended
•Information disclosure can take place to become a sabotage operation resulting
either via physical leaking of confidential into hijacking, destroying or severely
documents, or remotely via a cyber-attack. crippling the ability of robotic systems to
Targeting both privacy and confidentiality properly perform their intended task(s).
of robotic manufacturers, businesses and This can also be classified as an act of
industries. terrorism.
•Abuse of privilege still remains a threat in •Tracking and monitoring several robotic
the robotic domain whereby unauthorized applications may include covert tracking
users trespass physical and logical access systems that can monitor and track the
controls to gain an unauthorized access or robotic operators without their knowledge
perform unauthorized tasks. (i.e., iRobot cleaner), all by secretly
•Information gathering remains an collecting information about them
essential threat, especially with personnel including personal details, devices in use,
working in the robotic domain (operators, geographical locations, etc. In fact, threats
manufacturers, IT security, Chief Robotics also target the security goals that surround
Officers (CROs), etc.) lacking the right traditional and advanced Industrial Control
security training to overcome phishing and Systems (ICSs), as well as the Cloud
social engineering attempts. Computing (CC) domain associated with
•Information interception operating on the robotic field
different high frequencies allows •Confidentiality threats these include, in
manufacturers to communicate without addition to the use of malware, passive
interference. However, the lack of security traffic analysis (i.e., eavesdropping),
protection and encryption over these sensitive data theft, malicious code
channels leave them prone to various injection (i.e., XSS or SQLi), exposure of
interception and delay attacks, which can sensitive information, side channel attacks,
result in a total breach of privacy, dumpster diving, and the adoption of
confidentiality and integrity. social engineering or phishing techniques.
•Information modification is a common •Integrity threats include active traffic
threat that targets the AI aspect of robotics, analysis (i.e., man/meet-in-the-middle),
with malicious modifications affecting the snooping, spoofing, data/information
ability of AI to distinguish between modification, malicious data or malware
pictures, for example, the accuracy of injection, false data injection,
performing the intended tasks. physical/logical compromise of robotic
•Physical damage robots are also prone to devices, back-doors, rootkits and elevation
physical damage, attack and theft by of privilege.
insiders (rogue employees) and intruders. •Availability threats include service-data
This is mainly due to the lack of available theft, service denial/disruption,
security checks and tamper-resistant disruption/interruption of network
equipment. communications, exhaustion of resources
•Service disruption or denial can be caused and buffer overflow (i.e., Central
either by an employee’s mistake or by Processing Unit (CPU), memory, battery
malicious users who inject malicious data consumption), jamming, malware types
affecting the accuracy and performance of (i.e., Trojans, Botnets, etc.), physical
damage to various equipment including
routers and switches, replay attacks, and malicious users to disconnect legitimate
selective forwarding, as well as wormhole, owners and re-control them (i.e., robots
blackhole and sinkhole attacks. and drones).
•Authentication threats include malicious •Fake applications many robotic
third-party applications and services, applications are develop by third party
social engineering and phishing vendors, some of which are fake
techniques, abuse of privilege, key-stroke applications masqueraded as legitimate
register, stealing sensitive documents, lack apps. Such apps include various malware
of proper (logical/physical) access types attached to them such as
controls, deployment of dummy/fake ransomware, backdoor, spyware, botnet,
nodes, and spoofing worm, Trojan, and ransomware and can
target the privacy, availability and
3.4 Security risks authentication of robotic users.
The rise of various robotic security and •Insecure backup and data storage lack of
cyber-security issues, threats and proper and verified storage of data can
vulnerabilities, in addition to their negative lead to data loss or corruption. In fact,
effects are presented as follows: without proper data storage, any attack
•Security and system flaw these risks (i.e., ransomware) can cripple the ability of
affect the normal processing and industrial organizations to safely operate,
performance of industrial robots, and could which may also affect the performance of
disrupt the production and industrial the robotic systems and devices alike.
processes, leading to financial losses. • System failure robotic systems, in case of
More precisely, they could result in a cyber- events (i.e., attack or
system blockage, data interception, malfunctioning), are prone to various
extraction, and physical damage. issues including major and cascading
•Back-doors ill-configured robotic system failures, loss of power, and lack of
applications or applications with third- operational availability.
party access led to various backdoor and •Battery constraints some robotic devices
rootkit attacks. This would expose robotic are resource constrained and as such, they
users by targeting their privacy first, and are prone to excessive battery
then by keeping them under constant consumption, battery power draining,
surveillance, monitoring, and tracking, battery life expectancy, and resource-
with possibility of registering keystrokes exhaustion.
and capturing snapshots or even videos •Inaccurate activity threshold the lack of
without their knowledge. available robotic activity threshold risks
•Remote-access insecure and open having robots performing abnormal and
wireless communications and deviating activities without them being
communication ports, as well as unused detected. This might affect both
ones if not closed, could lead to operational and functional safety and
interception whereby attackers use them to security procedures that may endanger the
gain remote access to a given robotic life of their human operators.
system, to launch their cyber-attack, • Obstacle testing robots that are not tested
especially, robots relying on vulnerable in their field of deployment are prone to
Lora WAN communications. various software/hardware and operating
•Device theft robotic devices are also system issues. This may lead to system
prone to physical theft or hijacking and and hardware failures, disabling the
control, a prime example is the de- robotic system, and bringing its production
authentication process that allows to a total halt, which is associated with
financial losses.
• Authentication threats include malicious •Fake applications many robotic
third-party applications and services, applications are developed by third party
social engineering and phishing vendors, some of which are fake
techniques, abuse of privilege, key-stroke applications masqueraded as legitimate
register, stealing sensitive documents, lack apps. Such apps include various malware
of proper (logical/physical) access types attached to them such as
controls, deployment of dummy/fake ransomware, backdoor, spyware, botnet,
nodes, and spoofing. worm, Trojan, and ransomware and can
(Yaacoub, 19 March 2021) target the privacy, availability and
authentication of robotic users.
the rise of various robotic security and •Insecure backup and data storage lack of
cyber-security issues, threats and proper and verified storage of data can
vulnerabilities, in addition to their negative lead to data loss or corruption. In fact,
effects are presented as follows: without proper data storage, any attack
•Security and system flaw these risks (i.e., ransomware) can cripple the ability of
affect the normal processing and industrial organizations to safely operate,
performance of industrial robots, and could which may also affect the performance of
disrupt the production and industrial the robotic systems and devices alike.
processes, leading to financial losses. •System failure robotic systems, in case of
More precisely, they could result in a cyber-events (i.e., attack or
system blockage, data interception, malfunctioning), are prone to various
extraction, and physical damage. issues including major and cascading
•Back-doors ill-configured robotic system failures, loss of power, and lack of
applications or applications with third- operational availability.
party access led to various backdoor and •Battery constraints some robotic devices
rootkit attacks. This would expose robotic are resource constrained and as such, they
users by targeting their privacy first, and are prone to excessive battery
then by keeping them under constant consumption, battery power draining,
surveillance, monitoring, and tracking, battery life expectancy, and resource-
with possibility of registering keystrokes exhaustion.
and capturing snapshots or even videos •Inaccurate activity threshold the lack of
without their knowledge available robotic activity threshold risks
•Remote-access insecure and open having robots performing abnormal and
wireless communications and deviating activities without them being
communication ports, as well as unused detected. This might affect both
ones if not closed, could lead to operational and functional safety and
interception whereby attackers use them to security procedures that may endanger the
gain remote access to a given robotic life of their human operators.
system to launch their cyber-attack, •Obstacle testing robots that are not tested
especially, robots relying on vulnerable in their field of deployment are prone to
Lora WAN communications. various software/hardware and operating
•Device theft robotic devices are also system issues. This may lead to system
prone to physical theft or hijacking and and hardware failures, disabling the
control, a prime example is the de- robotic system, and bringing its production
authentication process that allows to a total halt, which is associated with
malicious users to disconnect legitimate financial losses.
owners and re-control them (i.e., robots •Non-backed communication can lead to
and drones) the interception or loss of communication
between the robotic system and its
operator(s), which in turn, leads to loss of 4 Robotic security attacks
control. This occurs especially when the There are various increasing attacks that
device goes beyond the (visual) line-of- are specifically targeting robotic systems,
sight. Hence, further work needs to be especially after their integration in
invested in this domain. domains such as Industrial IoT, Medical
•Supply-chain disruption the disruption of IoT and Battlefield IoT. This resulted into
semi- or fully automated supply chain various attacks being conducted targeting
systems may lead to drastic financial both robotics data and systems’ security
losses, significant time-to-repair, in including confidentiality, integrity,
addition to risking the availability of availability, authentication and privacy.
robotic services and activities. This section will present and discuss the
•Nature’s disruption without a backup plan main attacks that target the robotic field.
to mitigate the threats imposed by natural (Yaacoub, 19 March 2021)
disasters such as earthquakes, flooding,
and so on, the operational services of
robotic systems may come to a total halt,
leading to high financial and economic
losses related to the damage and
destruction of hardware and software
equipment, in addition to the loss of data.
•Data transmission quality the diversity of
mitigation techniques deployed to protect
robotic systems may affect the robotics’
performance and data transmission quality.

(Yaacoub, 19 March 2021)

4.1 Robotic attacks: taxonomies required tasks, these software programs are
and classification vulnerable to application attacks, rendering
The aim of this subsection is to identify the application itself prone to various types
and classify these attacks which target both of attacks. This includes malware that
robots and robotic systems. Moreover, the including viruses, worms, software
attack impact is also highlighted and Trojans attacks, in addition to buffer
discussed. For this reason, presented to overflow and malicious code injection
summarize the main robot related cyber- attacks. In the following, a set of these
attacks, their structure and impact, along possible software attacks are described.
their cause and concerns. Lastly, the main •Worm attacks aim to target the robotic
risk assessment solutions are presented and systems by exploiting the vulnerabilities of
analysed in order to ensure a quicker their network’s connected devices before
assessment of cyber risks, threats, self-propagation and self-replicating to
vulnerabilities and attacks, followed by a infect other robotic devices, and target
qualitative risk assessment table being industrial control systems. A prime
proposed. example of that is the famous Stuxnet
(Yaacoub, 19 March 2021) attack including its Stuxnet 2.0 and
Stuxnet Secret Twin Variant. This also
included Flame, Gauss and Grayfish,
4.1.1 Attacks on the robot hardware Duqu, and Duqu 2.0, which were initially
These attacks can vary from least designed by the joint US and Israel’s
dangerous (e.g., phishing) to the most signal intelligence (SIGINT) National Unit
dangerous ones (e.g., hardware Trojans). (ISNU), Unit 8200 as part of “Operation
Such attacks can lead to the Olympics” to target Iran’s nuclear program
implementation of back-doors for the assets.
attacker to lead another attack by gaining •Ransomware attacks aim to encrypt all
unauthorized access to the robots being the data linked to robotic systems, devices
used, or during their maintenance. In some and applications, as well as locking the
cases, they can even have a full access to backed-up data while preventing legitimate
the hardware. Furthermore, robots are users from re-accessing them without
prone to implementation attacks such as conducting a Bitcoin payment. Hence, the
side channel attacks or fault attacks that term of “Crypto ware”, targeting robotic
could possibly lead to sensitive data loss or systems and data confidentiality, integrity,
system exploitation (depending on the availability, authentication and privacy.
attacker’s target(s)).
•Botnet attacks are usually employed as
(Yaacoub, 19 March 2021) bots to conduct D-DoS attacks against
medical and industrial robotic systems.
4.1.2 Attacks on the robot’s firmware Botnets can be based on malicious codes
The Operating System (OS) upgrades are used to infect unprotected robotic devices.
achieved via internet connection, due to Botnets can also be linked to worms,
the presence of firmware codes that are ransomware and Trojans which allow them
usually stored on a flash memory. to conduct attacks against robotic systems
However, with each upgrade, the OS might and data’s privacy, confidentiality and
be vulnerable to new types of attacks. integrity. This includes, a variety of
According to, the OS is prone to DoS and botnets such as Storm (2007), Cutwail
DDoS attacks, along with the arbitrary (2007), Grum (2008), Kraken (2008),
code execution, and root-kit attacks. On Mariposa (2008), Methbot (2016), Mirai
the other hand, since applications rely on (2016), and Glupteba (2019). This type of
running software programs to perform the
malware can affect the confidentiality, •Traffic analysis attacks since robotic
integrity, availability, authentication of systems are still relying on open wireless
data and robots. communications or communications with
basic security measures, traffic analysis

(Yaacoub, 19 March 2021) attacks can occur in a much more frequent

manner. This includes listening to the
4.2 Attacks on the robots ongoing traffic between the robots and
their robot controllers, and retrieve vital
communications
information without being detected. This
Robotic communications are also prone to mainly affects the privacy and
different attacks that might affect different confidentiality of both robotic systems and
security services (i.e., authentication, data, and can lead to further future attacks.
confidentiality, and integrity), as stated in
(Yaacoub, 19 March 2021)
the following.
•Jamming attacks aim to interrupt and 4.3 Robotic attacks: impact and
disrupt the robot-to robot and robot-to- concerns
humans communication with the aim to
The increasing number of attacks against
suspend further robotic activities and jam
robots and robotic systems has led to an
any sort of communication and control.
increase in number of concerns. This has
Thus, targeting both systems and data
raised many concerns surrounding this
availability.
field along questioning the ability of
•De-authentication attacks aim to effectively deploying in various domains
temporarily, periodically or disable the and areas of operation.
robotic devices from being able to connect
•On national security the use of robots and
back to their initial operator, disrupting the
robotics in domestic crimes and domestic
communication between them and the
terrorism has increased recently, not only
robotic devices and possibly preventing
through their use in the cyber field, but
them from re-connecting back and
also in the physical field too. Robots can
hijacking the robot by gaining control.
be re-modified to carry lethal weapons or
This aims to target the availability,
can be re-programmed to perform an
authentication and integrity of both data
excessive use force which can lead to both
and systems.
human and material losses. In fact, without TECHNICAL INTELLIGENCE
a proper programming that ensures a safer (TECHINT) and intelligence gathered
and much more secure deployment and use from the dark web (silk road). This allows
of robots in police and law enforcement an enhancement in the robotic domain via
fields, robots may end up in a blue-on-blue an evidence-based malware analysis.
engagement which may result in friendly (Yaacoub, 19 March 2021)
fire, or engaging the wrong targets
including civilians. 6 Security requirements,
(Yaacoub, 19 March 2021)
recommendations, and future
research directions
5 Securing robotics: presented
Based on the reviewed works, we found
solutions and effective that various security requirements are still
countermeasures needed to be studied, conducted and
It is essential to implement and maintain analysed to enhance the discussed security
effective security countermeasures in order countermeasures and the recommendations
to secure the robotics systems. Therefore, for future research directions. A very
the need for a strong multi-factor limited number of presented work included
authentication process, along with the managing the security aspect of robotics
identification and verification processes during the design phase, and many focused
(based on a strong access control policy on how to maintain the privacy and
and robot fingerprints measures), in confidentiality through encryption without
addition to multi-factor confidentiality, are taking into consideration the source
highly recommended. This allows the authentication and data integrity part
prevention of any malicious physical through the use of strong keyed hash
and/or logical unauthorized access. In fact, mechanism (e.g. HMAC) or by using
securing robots, robotics, and robot authentication operation mode such as
operating systems is not an easy task. Cipher-based Message Authentication
However, it is not also an impossible task Code (CMAC) and Galois Message
either. Therefore, different cryptographic, Authentication Code (GMAC).
non-cryptographic and AI-based solutions (Yaacoub, 19 March 2021)
were presented for this specific task. We
highlight the various solutions presented 6.1 Security requirements
by various authors and highlight their It is essential to ensure the security of
advantages and drawbacks. robot’s wireless communication through
(Yaacoub, 19 March 2021) the implementation of various security
mechanisms. This maintains secure
5.1 Cyber threat intelligence communication and ensures authentication,
The Cyber Threat Intelligence (CTI) is integrity, confidentiality, and availability.
based on the information gathered about (Yaacoub, 19 March 2021)
robotic threats and threat actors which
would help in mitigating harmful cyber- 6.1.1 Adaptive security
events based on the Advanced Persistent This paper found that it is important to
Threat (APT) concept through early ensure and implement an active and
detection and prevention. In fact, CTI adaptive security solution. This adaptive
sources include information gathered from security solutions can be divided into two
HUMAN INTELLIGENCE (HUMINT), main types, threat centred or data-centred
Open-Source INTELLIGENCE (OSINT),
to know what data to secure, and against References
whom the data must be secured 1. Rüßmann, M., Lorenz, M., Gerbert, P.,
(Yaacoub, 19 March 2021) Waldner, M., Justus, J., Engel, P.,
Harnisch, M.: Industry 4.0: the future of
7 Conclusion productivity and growth in manufacturing
Nowadays, robotic systems are being industries. Boston Consult. Group 9(1),
deployed and used in different domains 54–89 (2015)
that are based on critical infrastructures. 2. Bahrin, M.A.K., Othman, M.F., Nor
However, robotic systems suffer from Azli, N.H., Talib, M.F.: Industry 4.0: a
several security vulnerabilities that can be review on industrial automation and
exploited to launch dangerous attacks, robotic. J. Teknol. 78(6–13), 137–143
which may have drastic consequences on (2016)
these infrastructures escalating from 3. Pfeiffer, S.: Robots, industry 4.0 and
economical losses all the way to the loss of humans, or why assembly work is more
human lives. Such attacks are possible due than routine work. Societies 6(2), 16
to the lack security by design of robotic (2016)
systems and the reliance on open wireless 4. Shyvakov, O.: Developing a security
communication channels. As such, it is framework for robots. Master’s thesis,
highly recommended to protect robots University of Twente (2017)
from any possible attack and by all means 5. Simoens, P., Dragone, M., Saffiotti, A.:
necessary. This includes detecting and The internet of robotic things: a review of
preventing attackers from breaching into concept, added value and applications. Int.
these systems to inject malicious malware J. Adv. Robot. Syst. 15(1),
or/and data to cause either chaos and 1729881418759424 (2018)
havoc in the robots’ operation, or to leak 6. Chui, M., Manyika, J., Miremadi, M.:
sensitive information (industrial Where machines could replace humans-
espionage). Therefore, the authentication and where they can’t (yet). McKinsey Q.
process should be designed to reach the 7, 1–6 (2016) 7. Kirschgens, L.A., Ugarte,
highest possible security level by I.Z., Uriarte, E.G., Rosas, A.M., Vilches,
employing mutual multi-factor V.M.: Robot hazards: from safety to
authentication scheme. This helps in security (2018). arXiv preprint
reducing the illegal access to robots/users. arXiv:1806.06681
8. Guerrero-Higueras, Á.M., DeCastro-
Garcia, N., Matellan, V.: Detection of
cyber-attacks to indoor real time
localization systems for autonomous
robots. Robot. Auton. Syst. 99, 75–83
(2018)
9. Petit, J., Shladover, S.E.: Potential
cyberattacks on automated vehicles. IEEE
Trans. Intell. Transp. Syst. 16(2), 546–556
(2015)
10. Cerrudo, C., Apa, L.: Hacking robots
before skynet. Cybersecurity Insight,
IOActive Report, Seattle, USA (2017)
11. Vuong, T., Filippoupolitis, A., Loukas,
G., Gan, D.: Physical indicators of cyber
attacks against a rescue robot. In: 2014
IEEE International Conference on survey. Robot. Auton. Syst. 94, 43–52
Pervasive Computing and (2017)
Communications Workshops (PERCOM
Workshops), pp. 338–343. IEEE (2014)
12. Dash, P., Karimibiuki, M.,
Pattabiraman, K.: Stealthy attacks against
robotic vehicles protected by control-based
intrusion detection techniques. J. Digit.
Threats Res. Pract. 2(1), 1–25 (2021)
13. Chowdhury, A., Karmakar, G.,
Kamruzzaman, J.: Survey of recent cyber
security attacks on robotic systems and
their mitigation approaches. In: Cyber
Law, Privacy, and Security: Concepts,
Methodologies, Tools, and Applications,
pp. 1426–1441. IGI Global (2019) 14.
Lacava, G., Marotta, A., Martinelli, F.,
Saracino, A., La Marra, A., Gil-Uriarte, E.,
Vilches, V.M.: Current research issues on
cyber security in robotics (2020) 15.
Mitchell, R., Chen, I.-R.: A survey of
intrusion detection techniques for cyber-
physical systems. ACM Comput. Surv.
(CSUR) 46(4), 55 (2014)
16. Kehoe, B., Patil, S., Abbeel, P.,
Goldberg, K.: A survey of research on
cloud robotics and automation. IEEE
Trans. Autom. Sci. Eng. 12(2), 398–409
(2015)
17. Chowdhury, A., Karmakar, G.,
Kamruzzaman, J.: Survey of recent cyber
security attacks on robotic systems and
their mitigation approaches. In: Detecting
and Mitigating Robotic Cyber Security
Risks, pp. 284–299. IGI Global (2017)
18. Jeong, S.-Y., Choi, I.-J., Kim, Y.-J.,
Shin, Y.-M., Han, J.-H., Jung, G.-H., Kim,
K.-G.: A study on ros vulnerabilities and
countermeasure. In: Proceedings of the
Companion of the 2017 ACM/IEEE
International Conference on Human–
Robot Interaction, pp. 147– 148. ACM
(2017)
19. Hellaoui, H., Koudil,M., Bouabdallah,
A.: Energy-efficient mechanisms in
security of the internet of things: a survey.
Comput. Netw. 127, 173–189 (2017)
20. Guiochet, J., Machin, M., Waeselynck,
H.: Safety-critical advanced robots: a