Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Intelligent Machines

Hordes of research robots could be hijacked for fun and sabotage

As more robots are connected to the internet, they will become targets for cybercrime and mischief.

Many experimental robots that live in research laboratories around the world may be wide open to hackers.

Researchers at Brown University, led by Stefanie Tellex, scanned the internet for machines running ROS, a popular open-source operating system used on many research robots. Tellex and her team discovered more than a hundred systems vulnerable to being accessed and even manipulated over the internet. Not a huge number—but a warning for the research community, Tellex says.

These systems could present a juicy target for online mischief makers, Tellex says, simply because it would be fun, and cool, to take control of a real live robot. But it isn’t inconceivable that state-sponsored hackers might also go after them, in order to steal data, disrupt research, or cause accidents.

UW’s Robot
Brown University

The issue isn't due to any security flaws or oversights in the design of ROS. Users are simply expected to secure their own systems. But without due care, the situation could get worse in the future. “As robotics becomes more advanced and spread out around the world, it’s important that we make sure these systems are fielded in a secure way,” Tellex says.

The Brown researchers tried taking control of one robot, a machine at the University of Washington, with the permission of its owners. They showed that they could read the robot’s sensors and move it around.

They even found one vulnerable machine in their own lab. This was so that another research group, at MIT, could remotely operate the robot using virtual reality. “But we should’ve taken it offline after we were done,” Tellex says.

Robots have been common at university research labs for decades. These machines are becoming ever more sophisticated, and researchers are exploring many ideas that involve connecting robotic systems over a network, for purposes including tele-operation and allowing one robot to share what it has learned with another system—an approach known as “cloud robotics” (see “Robots that teach each other”).

ROS, which stands for Robotic Operating System, has been a boon to robotics researchers over the past few years. It provides a standard platform for programming different hardware and a growing array of packages that give robots new capabilities. These includes libraries and algorithms for vision, navigation, manipulation, and so on.

Image obtained from the robot’s camera.
Brown University
View from RVIZ showing 3D point cloud and TF tree.
Brown University

ROS has been also been adopted by startups developing novel robotic systems including self-driving cars, warehouse helpers, and delivery bots. Industrial engineers tend to take security a lot more seriously, but internet connectivity inevitably creates new vectors for hackers (see “Botnets of things”).

“When we started work on ROS over 10 years ago, we wanted the system to be as flexible and as easy to use as possible,” says Brian Gerkey, CEO of Open Robotics, the foundation behind ROS. “As the authors of this paper note, users of ROS should take care to secure their ROS systems at the network level.”

Gerkey notes that Open Robotics is currently working on a 2.0 version of the software that will be more secure. The foundation has also announced the creation of a new, security-focused version of the operating system, called SROS (Secure ROS).

Keep up with the latest in robots at EmTech Digital.
Don't be left behind.

March 25-26, 2019
San Francisco, CA

Register now
UW’s Robot
Brown University
Image obtained from the robot’s camera.
Brown University
View from RVIZ showing 3D point cloud and TF tree.
Brown University
More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.