Thesis

Security of robotic workflows

Downloadable Content

Download PDF
Creator
Rights statement
Awarding institution
  • University of Strathclyde
Date of award
  • 2022
Thesis identifier
  • T16503
Person Identifier (Local)
  • 201851443
Qualification Level
Qualification Name
Department, School or Faculty
Abstract
  • Recent advances in computer science, artificial intelligence and engineering has pioneered the field of robotics, bringing guarantees of higher levels of accuracy and lowered complications in a wide array of environments such as the automotive, manufacturing and healthcare industries. These environments we interact with on a daily basis are becoming increasingly connected, leaving many of these robotic systems vulnerable to a new set of threats and attacks from both a physical and cyber standpoint. Upon review of the robotics security landscape, the focus of the thesis is split into two parts. The first part of this thesis looks at the capabilities of a passive attacker in both the cyber and physical domain. Existing literature focuses on active attackers with little attention paid to passive attackers. If an attacker is able to passively gather information about robot behaviours, such as how it moves, they could use this information to reconstruct entire operational workflows. For example, in surgical settings, if movement information was captured, then entire surgical procedures could be reconstructed. Combined with other information sources, such as patient admission and exit times, patient privacy could be compromised. Upon review of teleoperated robot architectures, three side channel attacks are investigated. The first side channel is traffic analysis in the cyber domain, wherein an attacker eavesdrops on the encrypted communication link between a robot and its controller, using traffic features to fingerprint robot movements and workflows. The second side channel leverages unintentional acoustic emanations in the physical domain as a robot moves and acoustic characteristics are exploited for fingerprinting. The third and final side channel explored is radio frequency, where unintentional emissions of radio frequencies from microprocessors and motors are captured and analysed to fingerprint movements and workflows. Upon evaluation of all three side channels, radio frequency is the most successful with at least 96% accuracy. The acoustic and traffic analysis side channel, while also useful to an attacker, show lowered accuracy in comparison. The second part of this thesis pertains to securing calibration for robotic systems. The calibration ecosystem intends to shift to a digital environment to keep up with technological advances. However, existing processes require immediate change in order to scale and remain robust to an evolved threat landscape. Specifically, little attention has been paid to the security of robot calibration and several inadequacies need to be addressed, including: efficiency, availability, integrity and tamper-resistance, confidentiality and managing conflicts between interacting parties in the calibration ecosystem. To address these challenges, two solutions are explored. First, blockchains adequately meet these required system properties and significantly outperform the current state-of-the-art in calibration traceability. While these properties are met by the proposed blockchain solution, the enforcement of some of these security properties – namely integrity, confidentiality and managing conflicts of interest – come with a set of information flows that present an interesting access control challenge. Specifically, it is important to verify that an individual verifying the calibration of a device, or even calibrating a device, has the appropriate rights to do so. The second solution explored demonstrates that existing models cannot adequately manage the unique information flows, ultimately requiring a novel unification of three existing models that outperforms traditional models and can scale well with robots and IoT. Ultimately, this thesis provides a review on the robotics threat landscape and identifies open challenges, to which several passive attacks and solutions are explored in both the cyber and physical domains. Further, this thesis also provides the first insights into a completely novel aspect of robotics security that needs careful consideration – securing the calibration of robots.
Advisor / supervisor
  • Ahmed, Chuadhry Mujeeb
  • Nagaraja, Shishir
  • Duncan, Paul
  • Revie, Crawford
Resource Type
DOI
Funder

Relations

Items

Thumbnail Title Date Uploaded Visibility Actions
file details PDF of thesis T16503 2023-03-08 Public Download