Please click on this link and join the online PhD defense.
Members of the defense committee:
- A-Prof. Dr. Gabriele Lenzini, University of Luxembourg, Chairman
- Prof. Dr. Cristina Nita-Rotaru, Northeastern University, Boston, USA, Deputy Chairman
- A-Prof. Dr. Radu State, University of Luxembourg, Supervisor
- Dr. Vijay Gurbani, Illinois Institute of Technology, Chicago, USA, Member
- Dr. Sheila Becker, Institut Luxembourgeois de Régulation, Luxembourg, Member
- Dr. Antonio Ken Iannillo, University of Luxembourg, Member
- Dr. Sofiane Lagraa, University of Luxembourg, Expert in Advisory Capacity
Abstract:
Robotic systems are proliferating in our society due to their capacity to carry out physical tasks on behalf of human beings. Current applications include, but are not limited to, military, industrial, agricultural, and domestic robots. The Robotic Operating System (ROS) is the de-facto standard for the development of modular robotic systems. Manufacturing and other industries use ROS for their robots, while both Windows and Amazon have shown interest in supporting it, with ROS systems projected to make up the majority of robotic systems within the next five years. However, a focus on security is needed as ROS is notorious for the absence of security mechanisms which places people in danger both physically and digitally. This dissertation presents the security shortcomings in ROS and addresses them by developing a modular, secure framework for ROS. The research work takes into account three aspects: internal system defense, external system verification, and automated vulnerability detection. This dissertation provides an integrated approach for the security of ROS-enabled robotic systems to set a baseline for the continual development of ROS security. Internal system defense focuses on defending ROS nodes from attacks and ensuring system safety in compromise. ROS-Defender, a firewall for ROS leveraging Software De-fined Networking (SDN) and ROS-FM, an extension to ROS-Defender that uses the extended Berkely Packet Filter(eBPF) are discussed. External system verification centers on when data becomes the enemy, encompassing sensor attacks, network infrastructure attacks, and inter-system attacks. In this section, the use of machine learning is demonstrated to address sensor attacks, eBPF is used to address network infrastructure attacks, and consensus algorithms are used to mitigate inter-system attacks. Automated vulnerability detection is perhaps the most important, focusing on detecting vulnerabilities and providing immediate mitigating solutions to avoid downtime or system failure. Here, ROSploit, an automated vulnerability scanner for ROS, and DiscoFuzzer, a fuzzing system designed for robots, are discussed.