See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/319354229

Cyber security risks in Robotics

Chapter · March 2017

DOI: 10.4018/978-1-5225-2154-9.ch022

CITATIONS READS
11 7,185

1 author:

Ishaani Priyadarshini
University of Delaware
34 PUBLICATIONS   125 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Singularity Problem in Artificial Intelligence View project

Call For Chapters (Artificial Intelligence and Cybersecurity) View project

All content following this page was uploaded by Ishaani Priyadarshini on 18 December 2017.

The user has requested enhancement of the downloaded file.

 Cybersecurity risks in Robotics
-Ishaani Priyadarshini

Abstract: With technology flourishing at a rapid rate, humans have been able to achieve considerable
heights of success. Accomplishment of tasks nowadays is either a click away or a command away in most
of the technological arenas. One such realm of technology is that of Robotics which has been there for
almost a century and continues advancing day by day. The evolution of robotics has ranged from the
basic remote controlled systems to humanoid robots. With applications as well as accuracy increasing
for every new system implemented, security risks too have been making their way into the new
invention. Since different robots have been created for different purposes in different fields like the
defense, household, medical or the space, protecting systems against their exploitation is of utmost
importance as these fields incorporate sensitive as well as intricate tasks. This chapter focusses on the
security aspects of Robotics. The necessity of Cybersecurity in Robotics has been explored by taking
different kinds of robots used in different fields. The current state of Robotics is vulnerable to many risks
and several case studies have been highlighted to support the need of securing Robotics by identifying
several risks to which it is vulnerable. Apart from that mitigation strategies have been discussed to
secure the domain of Robotics. An attack comparison has been made for three robots in analyzing them
against the vulnerabilities faced by them.
Keywords: Robotics, Humanoid Robots, Cybersecurity
Introduction to Cybersecurity and Robotics

Cybersecurity may be defined as the state of being protected against the criminal or unauthorized use of
electronic data or the measures to achieve this. It is a field which strives to defend attacks against
computer systems which may incorporate control systems, critical infrastructures and technology
transport systems. It ensures five security services namely Confidentiality, Integrity, Availability,
Authenticity and Non repudiation of electronic, computer and network domains. Most of the
organizations, corporations, institutions and governments collect, process and store magnanimous
amount of confidential data and transmit it across the networks to other systems. One of the most
contributing causes of cybersecurity is the constantly evolving nature of security risks. Even though the
traditional systems have been successful in protecting against significant threats, many possible threats
still remain unchartered. As the volume and sophistication of cyber-attacks increase exponentially, it is
necessary to safeguard information which might be of personal interest as well related to national
security. Thus a body of technologies, processes and practices works towards securing the networks,
computers, programs and data from attack, damage or unauthorized access. The National Institute of
Science and Technology (NIST), defines cyber-attack as a means of using the cyber space for disrupting,
disabling, destroying or maliciously controlling a computing environment or infrastructure [1]. This will
lead to destroying the integrity of the data or stealing controlled information. The cyber infrastructure
generally comprises of Electronic Information and communication systems, hardware and software,
storage, processing and communication. Cybersecurity being the biggest risk of technological operations
finds its use in almost every realm of technology. Ranging from real time data analytics to Drones and
Robotics, Cybersecurity becomes critically important as Internet of Things constantly grows. One
element of the cyber infrastructure is the field of robotics which we will be considering in this article.

The history of robots can be traced back to the 20th century when a mere humanoid machine was
introduced. Gradually it developed into what we call the robot nowadays. The first generation of robots
saw stationary, non-programmable, electromechanical devices which lacked sensors. They were
replaced by second generation robots which came with sensors and controllers. The third generation
robot was an even more refined version of the second generation robot and was full of features. It could
be stationary or mobile and could provide complex programming along with speech recognition and
synthesis. The fourth generation of robots is currently undergoing research and is under the developing
phase. Over the time, the definition for robots has kept on changing. A robot may be defined as a unit
devised to carry out tasks in a repeated manner, keeping a track of speed and precision. The term robot
comes from the Czech word ͚robota͛ depicting ͚forced labor͛. A robot may be controlled by a human
operator as well as a computer [2]. Robots may be classified into two types depending on how they are
controlled.

i) Autonomous Robots: These are the robots which do not need human or operator
intervention and can perform tasks by themselves [3]. For instance, the Bump and Go robot
 which has bumper sensors to detect obstacles. With respect to every bump that it faces as
it hits the obstacle, it is given the command to change its direction.
ii) Insect Robots: A group of robots which function on the command of a single controller fall
into the category of Insect robots [4]. It is similar to a colony of insects wherein the entire
fleet follows a single leader. Antbo is an insect robot [5].

A more vivid definition for a robot focusses on a few characteristics followed by the device. The
characteristics are as follows [6],

i) Sensing: A robot must be able to sense its surroundings. For this purpose it is equipped with
light sensors, touch and pressure sensors, chemical sensors, sonar sensors and taste
sensors. A robot lacking sensors is unaware of its environment.
ii) Movement: One of the characteristics which makes robot so proficient is its ability to move.
A robot may be dependent on wheels or walking legs to move. The movement may depict
either an actual displacement in the position of the robot or simple parts of the robot to
move.
iii) Energy: A robot must be equipped with the required amount of energy/power to perform its
functions. It may draw power from solar cells, batteries or electricity.
iv) Intelligence: Specific programming may induce intelligence into the robot. These are called
as ͚smarts͛. The robot must receive the program to act in the required manner.

Thus, a robot can be termed as a system incorporating sensors, control systems, manipulators,
power supplies and softwares functioning simultaneously to accomplish a task. It requires
knowledge from domains like mechanical engineering, physics, electrical and structural engineering.
The concept of mathematics and computing also contribute to the same. Due to their parallelism
with human beings, specific advanced robots are given the name Android [7]. With the constant
evolution of robots, every domain explored by human beings benefits. Modern robots find their use
in space, land, oceans, biology and other technology oriented domains.

According to the National Aeronautics and Space Administration (NASA), Robotics is the study of
robots which are machines meant to perform specific tasks [8]. Some robots can do work by
themselves. Other robots must always have a person telling them what to do. Of all the ways NASA
uses robotics for, moving large objects in space is probably the most significant use of robotics.

Consequently, robotics is the branch of engineering that deals with conception, design,
manufacturing and operation of robots. The branch also highlights the importance of artificial
intelligence, nanotechnology and bioengineering. Isaac Asimov proposed a few postulates termed as
͚Asimov͛s three laws of Robotics͛ stating that [3],

i) Robots must never harm humans

ii) Robots must follow instructions from humans without violating rule 1
iii) Robots must protect themselves without violating any rules.

Structure of Chapter
1. Importance of Cybersecurity in Robotics
We live in a world which is undergoing rapid changes. Innovation and technology have resulted
in constant evolution of robotics over the last few decades. Initially the field of Robotics was
restricted to the manufacturing world but now robots are capable of performing complex work
alongside humans expanding the productivity in lesser time. Cyber threat has been increasing
exponentially as data, systems and people are being connected digitally. It has been estimated
that the Robotics and automation industry will grow from $62 billion to $1.2 trillion in the next
ten years. The consumer robotics industry by 2019 is believed to be over $1.5 billion. Moreover
Robotics may also be associated with the Cloud Computing Environment. As the demand for
Robotics will grow, so will the risk associated with robotics. Cyber security breaches in robots
will have an adverse effect on robotics, thus damaging the financial aspects and reputation. A
hacked service robot could be otherwise used to harm people or carry out malfunctions
deliberately. Through open source platforms, people may get equipped with hacking skills, such
that automation will replace human labor. In the coming years it is likely that hackers could
override industry safeguards, disrupt services, harm products and steal important information.
Many real time constraints often play a pivotal role in robotics applications. Other than software
bugs and vulnerabilities, robotics is also prone to communication. We highlight a few
applications which require security and privacy to be introduced in the field of robotics
i) Defense and Space: The military field makes use of robotics in order to introduce automatic
aerial vehicles, also known as drones which typically are used in surveillance and combat
missions. Even though such communications should be encrypted, most of the times they
are not. There may be a situation such that an intruder snoops into the drone by taking its
control thus benefits from the non-encrypted communication. He may also crash the drone
into a highly populated area. There may also be a situation wherein an unauthorized entity
takes control over a robot making his way to sensitive data centers and sabotaging the
records.
ii) Medical Surgeries: There is potential danger involved in the process of operating patients
by instructing commands to robots. If there is no encryption or authentication mechanism
driving the same, the system is prone to man in the middle attacks. The consequences may
be dire as an unauthorized entity takes control of a surgical robot.
iii) Household Robots: It is expected that by 2020, every house will have a robot [9]. These
robots can be used as assistants or domestic helps and may assist in daily chores of the
household. They may adorn microphones, cameras and sensors which can collect vast
repositories of information. This information must be guarded. Many robots will be
endowed with the capacity to collect health status of people. Such sensitive information
must be taken care of, negligence of which may cause an unauthorized entity to take control
of the household robot and gain access to the sensitive data.
iv) Disaster Robots: Many robots have been introduced for coming to an aid during disasters.
They may be given the responsibility of accessing, breaking, repairing and disrupting harmful
systems. Since the robots are capable of excessive danger, it is necessary that they should
not be accessed by an external entity. An unauthorized entity may take control of a disaster
 robot which has been deployed to disconnect a nuclear platform. This can cause a hindrance
for the disconnecting process.

2. Current State of Security in Robotics

As already stated, robotics makes use of sensors, control systems, manipulators and softwares
which lead to efficient managing and controlling of the device. As component based software
engineering plays a key role in robotics, components act as individual computer programs which
communicate with each other by using protocols. Robot Operating System (ROS) and Yet
another Robot Platform (YARP) are robotics oriented architectures incorporating a number of
programs on many hosts connected by peer to peer topology. In ROS, messages are transmitted
unencrypted using the Transmission Control Protocol/Internet Protocol (TCP/IP) or User
Datagram Protocol/Internet Protocol (UDP/IP). MD5 is a message digest algorithm which
ensures data integrity and that various authentication mechanisms have been introduced.
However the drawback suffered by the system is that even though it increases overall security, if
data is not encrypted, it can be easily intercepted by an unauthorized entity.
In YARP, sensors, processors and actuators are linked by softwares. It makes use of handshaking
offered by TCP. Anyone who can access the corresponding TCP port may connect to YARP port.
Since the YARP infrastructure is exposed, and the application is vulnerable to corrupted data, it
leads to high security risk. The internal machine running processes may get exposed in such a
situation.
In the past, an authentication protocol has also been implemented for ensuring authenticity of
information while controlling robot by making use of TCP/IP, however, the communication is not
encrypted. Moreover there are hardware systems to verify integrity of system in telesurgical
(remote) robots. Robotics professionals are working on the ITP protocol to enhance the security
features of this hardware system.
BeamPro, being a telepresence robot, is a remote controlled device which may also be wheeled.
As it is also concerned with features like video chats and video conferencing, it mainly focusses
on cybersecurity. It works on basis of secure protocols, symmetric encryption and data
authentication.

3. Some recent case Studies highlighting Cybersecurity risks faced by Robotics

Cybersecurity for robotics demands that the system be flexible beyond current security
technologies. For instance if a robot is to deliver a small package at a target destination it should
consider multiple factors. It should be able to land safely by intelligently detecting the
environment. Beginning from the recognition of entrance of the target destination to locating a
system and plugging into the Universal Serial Bus (USB), it should equally be stealthy in its
approach so that it may not get detected. It is important that it is dexterous so as to avoid
obstacles and adaptive in case any damage takes place. It must be easy to reconfigure and
modify if required. As technology is getting smarter, we have cars which can park themselves
and cell phones which are efficient in detecting our heart rates. With such incredible features,
there is also a greater chance of many uninvited risks. It is possible to breach smart devices and
obtain personal information. A survey conducted showed that recently more than 69000 devices
 have been wirelessly hacked [10]. We highlight some of the case studies which bring into our
notice how robotics face cybersecurity challenges on a daily basis.
i) Automotive Industry: One of the fastest growing industries has been successful in devising
intelligent cars. These intelligent cars may be partially or completely automated with
numerous capabilities like intelligent keys, hands free door lock, digital instrumentations,
the ability to warn when foreseeing a collision, eco fuel systems and automatically
generating signals when required. Google, Audi AG, Hyundai as well as Toyota have been
known to develop such self-driving cars. However, the biggest risk these cars face is from
hackers as they comprise of complex distributed systems. These automated machines rely
on onboard computers which are connected by internal wired networks. Sensors in their
wheels may also prompt wireless communication. Researchers, keen on the invasion
technique set up two areas of attacks, one being the small range wireless which made use of
wireless network, and the other being the long range which made use of cellular networks.
A car will receive radio signals through its software which will first decode the radio signal.
Several bugs were found by making use of complex reverse engineering tools. When hackers
got access to internal network, they were able to create variations in the speedometer,
disable breaks, and install malwares compromising the entire system. Also they were able to
spoof objects like people, vehicles and obstacles remotely.
ii) Super-secret Stealth drone hacked by Iran : On December4, 2011, an unmanned aerial
vehicle named as Lockheed Martin RQ 170 belonging to the United States was seized by the
Iranian cyber warfare unit. It is believed that the drone͛s Global Positioning System (GPS)
coordinates were compromised and manipulated. Another possibility is that the electronic
warfare specialists were successful in cutting off the communication link by overwhelming
the communications. The leakage of encrypted signals is the primary cause of the drone
being hacked. It is possible to feed fake GPS coordinates to a system which has been
compromised. The drone͛s GPS coordinates were reconfigured and modified to meticulous
latitudinal and longitudinal data. This compelled the drone to land at the corresponding
location. As such drones work by capturing signals from satellites and solve equations to
confirm positions. When the system is compromised, a drone is communicated with a liable
satellite, after which spoofed signals may be sent for performing any kind of breach.
iii) Medical surgical robots: Raven II in an advanced teleported robot [11]. It responds to inputs
from surgeons and is capable of performing surgical operations. These robots rely on
available networks as well as temporary ad hoc wireless and satellite networks for
transmitting sensitive information like video, audio and other sensory information between
the surgeon and robots. Even though this technology has been contributing immensely to
the medical world, the open and uncontrollable communication system encourages a
variety of cyber security risks. A group of researchers at the University of Washington
Seattle, has been successful in detecting the loopholes of Raven II [12]. They have efficiently
shown all possible ways a malicious attacker can adopt to disrupt the behavior of the robot.
The robot relies on software based on open standards as well as the Linux and Robot
Operating System to function along with the Interoperable Telesurgery Protocol. The public
networks over which it takes place are inadvertently accessible to anyone making it
 extremely easy for intruders to overwhelm and disrupt, as well as take over sensitive
communications. The attack is believed to hamper the computer and make use of
manipulated signals to control the robot. The team carried out three types of attacks
successfully. In the first attack the group was able to change the commands sent to the
robot by operator. This involved deleting, delaying and reordering commands. The
consequences of this kind of attack were that the robotic movements became jerky and at
times the robot went out of control. In the second type of attack, the intensity of signals
could be modified. This could enable the robot to perform the commanded actions but with
different intensities. The final attack or the hijacking ensured that the attacker took
complete control of the robot. Finally, after constantly sending commands and jeopardizing
the Interoperable Telesurgery Protocol, the attackers were successful in carrying out Denial
of Service attacks and could stop the robots from being reset again and again.
Even though many researchers say that encryption and authentication being low cost can be
beneficial to the robotics society, many argue that encryption cannot simply mitigate all the
attacks. An interception attack like the Man-in-the- Middle attack or eavesdropping may still
threaten the security aspects of robotics.

4. Some Cybersecurity risks faced by robotics

Any cyber-attack in the domain of Robotics forms a basis of either an endpoint compromise or is
a network- communication based attack. An endpoint compromise sees a controller unable to
control the robot whereas the network communication based attack encourages an attacker to
either eavesdrop into the network or inject malicious code into it. A factor which compares the
intensity of the two attack vectors is the physical access. As physical access is more to the
network-communication based attack, they are much more feasible in comparison to endpoint
compromise attacks [11].
As discussed above, the robotics arena is threatened by many risks and vulnerabilities. In this
section we will take into account various attacks faced by robots.
i) Intention Modification Attacks: Such attacks are performed deliberately to affect the
actions of a robot which is commanded by the controller. This particular attack aims at
altering the message while the packets are still in a transition mode. Specifically, packet
headers are modified by an adversary to either direct the packets to another destination
or for modifying the data present on target machines. Denial of Service attacks
represent a class of Intention Modification attacks. In such attacks, the robots͛ network
interface is overwhelmed with TCP traffic. It may result in either of the following.
a) Robot halting: it is a physical indicator of the fact that the robot has been overwhelmed
by a Denial of Service attack. It may also lead to erratic movements in the robot. The
robot may halt repeatedly and for different durations. Also the speed may vary.
b) Delay in responding to direction commands: A robot under Denial of Service attack
displays delay while transition from low to high speed. It may not respond instantly to
various navigation commands.
ii) Intention Manipulation Attacks: In Intention Manipulation attack, the attacker
reconstructs the message transmitted from the robots to the controller. These are also
 known as feedback messages as they are a response to the input given by the controller.
They may be in form of video clips or readings. As the intention of the controller is
authentic, there is some level of difficulty in performing these attacks. However, if
executed correctly, it may be difficult to detect or prevent such attacks. If the
manipulated feedback is believed to be legitimate, it may lead to unfavorable
consequences. As most of the robots are governed by communication networks they
are highly vulnerable to manipulation attacks. A worm may be written to manipulate
components in the robot and spread over the network without any human intervention.
iii) Hijacking Attacks: It is an attack wherein the adversary takes in control of the
communication between two end points. If the endpoints were believed to be the
controller and the robot, it is possible that the adversary disregards the intention of the
controller and execute unethical actions. The hijacking may temporarily or permanently
take control of the robot and disrupt the services for a few hours or irreversibly. The
hacking of teleported surgical robot Raven II is an example of hijacking attack in robots.
The attacks stated above may be carried out by two kinds of attackers. They are listed as
follows:
i) Network Observer: An adversary with an intention of eavesdropping or snooping on the
information being transmitted between a controller and a robot. He may be involved in
collecting information, introducing unreliable information into the communication network
while appearing benign to both the parties at the ends.
ii) Network Intermediary: An adversary who positions himself between the controller and the
robot thus preventing confidential communication between the ends.

5. An attack comparison study for three robots

As stated above a robot may be thought of as a cyber-physical system driven by actuators,
sensors and mobility to perform a specific task. Even though robots are capable of multitasking
and providing various benefits, they also lead to rising concern in the aspect of security and
privacy. This section takes into account three robots the WowWee Rovio, Erector Spykee, and
Wow Wee RoboSapien V2 [13]. We will explore the vulnerabilities faced by the stated robots
and analyze them for security and privacy.
i) WowWee Rovio: It is a mobile webcam robot which is inclined towards remote
communication as well as home surveillance. It is equipped with a video camera,
microphone and a speaker. It is also capable of changing the position of its camera which is
controlled by a web interface. It may be controlled wirelessly by robot͛s ad hoc wireless
network, home wireless network and the Internet.
ii) Erector Spykee: A toy spy telepresence robot by nature, the Erector Spykee has a video
camera, a microphone as well as a speaker. Though the movement is restricted to only
horizontal plane, it is controlled in the same way as the Rovio. A significant feature which
distinguishes both the robots is the intended user base which is much larger in case of the
Rovio.
iii) WowWee RoboSapien V2: It is regarded as a toy and is driven by infrared. It has multiple
sensors and a color camera which play a pivotal role in tracking objects. Even though it is
 proficient in displaying autonomous movements, it is predominantly driven by remote
control.

The following are few vulnerabilities faced by robots that we have taken into consideration
for analyzing the robots
i) Remote Identification and Discovery: Remote identification and discovery is an important
vulnerability as it is relied upon to identify the presence of a robot. An adversary makes use
of the communication network to intercept or inject commands. WowWee Rovio and
Erector Spykee are relatively easy to detect as they make use of ad hoc networks or robot͛s
home network. Infrared provides a secure way to transmit and synchronize data making
WowWeeRoboSapien2 relatively difficult to identify.
ii) Passive and active Eavesdropping: The aim of Passive eavesdropping is to gather sensitive
information. An adversary may simply listen to weakly encoded or unencrypted packets to
seek confidential information. On the other hand, an Active eavesdropping follows two
phases, wherein in the former phase, the adversary sniffs messages from a liable user and
sends spoofed messages to the access point where the messages will be decoded and
further sent to another adversary. Both adversaries compare the encrypted messages with
the plaintext and can derive the mathematical key corresponding to the encryption process.
In this situation, a passive adversary may learn the password for enabling Rovio by method
of interception and further intercept the sensitive information being transmitted. The
Spykee lacks efficiency of protecting secret credentials, however intercepting sensitive data
in case of Spykee is difficult as it uses Diffie Hellman key exchange algorithm which is a
digital encryption technique. However Diffie Hellman Key exchange is vulnerable to Man in
the Middle attacks. Robosapien V2 is easily hackable. A group of hackers were successful in
replacing the robot͛s head with a pocket PC [14].
iii) Operational notifications: Some robots are capable of providing audible and other alerts
when a user is logged into the system. This enables people nearly to know that the system is
being accessed. Other robots periodically generate noise or signals when they are immobile.
This suggests that the robot is collecting data. The Rovio only provides a minimal visual cue
and no auditory cue when it is accessed. It can only indicate when it is powered on and
mobile. The Spykee provides chimes when it is accessed, however with the speaker being
turned off, it is practically impossible to indicate if someone has logged into the system.
Minimal visual cues give an idea that the robot is activated, however noticeable noise is
generated when it moves. The Robosapien 2 is known to generate significant noise as well
as making verbal exclamations.
iv) Controlling the Robots: An important aspect of maintaining security and privacy is the ability
to control the robot whenever and wherever required. An efficient robot must pay heed to
the instructions of its commander. Rovio and Spykee are controlled by using legitimate login
credentials. Even though they are physically limited, they can be effective in pushing small
objects on the floor. In case of RoboSapien V2, it is difficult to gain fine control of the robot,
however multiple trials can effectively lead to performing tasks like lifting up objects. It is
 incapable of performing accurate physical tasks but may carry out tasks like picking a set of
keys.
v) Network security: As most of the robots are influenced by the network it is essential that
network security must be ensured. Both Rovio and Spykee use Wired Equivalence Privacy
(WEP) with 64 bit or 128 bit encryption, but Spykee has an advantageous edge of connecting
to Wi-Fi Protected Access (WPA). Networks using WEP encryption can be compromised by
cracking.

Vulnerabilities WowWee Rovio Erector Spykee WowWee RoboSapien

V2

Remote Identification Relatively Easy Relatively Easy Relatively difficult

and Discovery
Passive and Active Easy Moderate Easy
Eavesdropping
Operational No auditory cue Noticeable noise Generates Significant
Notifications Minimal visual cue generated when Noise
moving Makes verbal
Minimal visual cues exclamations

Controlling the Robots Control usingControl using Achieve fine control

legitimate logins legitimate logins with multiple trials
(limited physical(limited physical (better physical
capabilities) capabilities) capabilities)
Network Security WEP (64 bit or 128 WEP (64 bit or 128
bit) bit) -
WPA
Table1: Attack comparison for three robots based on their vulnerabilities

6. Some Mitigation Strategies to avoid Cybersecurity Risks among Robots

With the security breaches knowing no bound and the domain of robotics being vulnerable to so
many insecurities, there is a necessity to prevent such attacks before they take a toll on us.
Several methods have been put forward for identifying attacks and mitigating the threats to
secure a system. We shall be discussing a few in this section.
i) Communication Robustness: The transmission of commands from a controller to the robot
and feedback from the robot to the controller require a transmission medium. It is this
transmission medium which is vulnerable to most of the attacks. Ensuring that a layer of
security is provided over the channels for information being transmitted will certainly
reduce probable insecurities. Since the communication is dedicated, encryption and
 introduction of authentication mechanisms on transmitted data will restrict modification,
manipulation and hijacking attacks.
ii) Data Distribution Service in ROS: As already discussed, in Robot Operating Systems (ROS),
messages may be transmitted without encryption which encourages eavesdropping.
However, integrating data Distribution Service (DDS) as a transport layer will lead to
installation of plugins that ensure authentication, access control and cryptography.
iii) Authentication Mechanism in YARP: When making use of YARP, the entire infrastructure
may be revealed. However, an authentication mechanism may be introduced in the YARP by
ensuring key exchange. Port monitoring and arbitration may ensure proper encoding and
decoding of transmitted data.
iv) Securing the Cloud: Cloud robotics is an emanating field which has robotics embedded into
the cloud computing environment. It relies on cloud storage and other internet technologies
of the cloud infrastructure. It leads to enhancement of memory, computational power and
interconnectivity for robotics applications. The data is collected by sensors, and the
corresponding information is uploaded to remote computation center. The information is
processed and may be shared with other robots.
v) Communication Buses: Secure communication may also be provided by Communication
buses. Unlike traditional buses, communication buses are based on Ethernet and hence can
make use of features pertaining to TCP/UDP/IP.

7. Robots as Secure Applications

Robotics platform is based on the traditional computer systems platform, hence making the
security issues similar for both. Robotic platforms are mainly constituted of hardware and
software components. As general purpose robots become popular, many apps also surface
which enable the robots to perform specific tasks. Thus there is a need to secure the robot. High
level abstractions may be used to secure the system whereas privacy is another major concern
which may be achieved by certain access control mechanisms. As users are identified securely
and privileges are given levels, privacy is ensured. Specific software architectures have been
proposed to ensure security in robotics. High level abstractions define policies for robots.
Securing web browsers also has its own impact. Separating main components of framework and
defining a rigid interface between them may allow securing the system easily. The inter
component communications in this case will pass through a common message passing interface
which may be easily inspected. The given figure is a proposed architecture which resembles a
microkernel inhabiting a thin layer of software responsible for transmitting different messages.
The layers above implement hardware specific features, robot abstractions and abstractions for
applications. The applications running on the top make use of the abstractions conveyed by
lower levels [16].
 Fig1: Architecture for secure robot

The security application of robots are many. We discuss four security applications of robots as
follows

i) Robots for remote surveillance

Robots relying on autonomous mobile platform such as the RoboSentry can not only
move with the help of wheels but can also record video, audio and other sensitive data.
They may be autonomous or teleoperated with high resolution cameras. They have the
ability to detect hazardous gases and may also integrate security and Closed Circuit
Television (CCTV) systems.
ii) Robots for alarm verifications
For any security installation, false alarms are undesirable. Many robots ensure
verifiability of alarm conditions. The robots may be integrated to existing security, access
control and CCTV systems. If alarm conditions are identified, robots may be dispatched as
soon as possible. On reaching, the onboard sensors may confirm the presence of heat,
smoke and flames and also send live audio and video messages. A confirmation signal
sent to the centralized station may assist in preventing any mishap.
iii) Robots for asset tracking
Given a definite range, with an autonomous mobile platform, a robot can track and locate
Radio Frequency Identification (RFID) tagged items. The current location of a specific item
on a map may be created and maintained by a robot. It may also be integrated into an
already existing security system.
iv) Robots for Facility Management
An autonomous mobile robot is capable of creating and maintaining a highly accurate,
dynamically maintained map of a facility. This map may be used to collect information.
Few of the environmental parameters which may be identified by the robots are blocked
aisles, malfunctioning safety lighting, temperature, Wi-Fi coverage and cell phone
coverage. Audio and video recording along with image snapshots may be used for facility
management by the robot.
8. Ethics in Robotics
Robotics, which finds its backbone in artificial intelligence has revolutionized our lives. With the
latest developments, robotics has been instrumental in driving cars, accessing medical records
and other day to day activities. However, the same introduces fear of compromised privacy and
security as most of the operations make use of the Internet. Thus there is an issue of liability.
Smart robots and driverless cars are effective but they bring ethical issues too. Cybertechnology
includes hand held devices, personal computers, mainframe computers and so on through
which robotics can be easily propagated. Cyber ethics underpin ethical issues in computing
machines performed by computer professionals. Cybersecurity ethics in Robotics comprises of
both cyberethics and technological ethics. Cyberethics deal with ethics pertaining to computers
and take an account of the behavior and effects of computer systems whereas technological
ethics are involved with the development of new technology. As Robotics underpin both
technology as well as cyberspace, the ethics in robotics must be in accordance with both the
domains. Ethics in robotics is concerned with the behavior of humans, how humans construct,
design and treat robots. Some ethical challenges for Robotics from the perspective of
technology and cyberspace are as follows
i) Copyrights
Certain ethics concern the artists, producers, end users and the country of which a robot
is a part. The ethical considerations pertaining to these may affect industries, national
government as well as international relations. The use of copyrighted material to create
new innovation is restricted.
ii) Cybercriminality
Technology affects social, cultural and economic realms. As globalization prevails,
transactions are in accordance. Often the facilities are exploited such that multiple
criminal activities surface. As cybercrie grows rapidly, criminals may use digital means to
threated people͛s freedom
iii) Privacy and Security (A case of Full Body Scanners at the airports)
As full body X ray scanners have been introduced, many people have questioned privacy
of people. People are encouraged to stand in rectangular machine so that alternate
wavelength image of a person͛s naked body for detecting metals may be performed. It is
done to increase security. However ethical concerns point out at violation of modesty
and personal privacy and potential misuse of technology. The Centre for Society, Science
and Citizenship has been instrumental in introducing recommendations for this
technology in order to preserve privacy of individuals.
iv) Privacy and Global Positioning System (GPS) technologies
GPS devices have played a pivotal role in evolution of Robotics. The location of people
carrying cellphones can be tracked in no time with GPS technology which challenges
privacy. It not only affects the interaction of citizens with their states but also that of
employees at their workplaces. Many vehicles and equipments support GPS thereby
contradicting civil liberties. Appropriate privacy levels are questioned due to such
technological impacts.
 v) Genetically Modified organisms
Genetically modified foods offer more yield, greater nutritional value, resistance to
pests but several questions arise as far as ethics is concerned for their use. Genetically
modified crops depend on unintended cross pollination and other unforeseen health
concerns for humans. Many organisms are modified to appear fluorescent and the
operations are carried by robots which question ethics in robotics
vi) Autonomous robots on choosing their own targets
With autonomous systems becoming popular, human domains are invaded, thus there
is a need to control them. These cars may zip ahead to take parking spots people have
been waiting for. There may be systems that buy an unlimited supply of goods from a
store while people wait on. One cannot allow their mechanical valets to vote on behalf
of them. An autonomous robot should not be allowed to choose its own targets. The
need is to create civilized robots which can be only done by following certain ethics.

9. Some rules of Ethics to be followed in Robotics

Robots serve many functions to the society ranging from an entertainer to educator to
executioner. As the robotics technology advances, certain ethical issues surface. We highlight
certain specific principles that act as a code of ethics for the robotics domain concerning
cyberethics and technological ethics [17].
i) Human Dignity Considerations
a) The emotional needs of humans to be always respected
b) The humans͛ right to privacy to be always respected
c) Human frailty to be always respected, physically and psychologically.
ii) Design Considerations
a) Maximal, reasonable transparency in the programming of robotic systems to be
ensured.
b) Predictability in robotic behavior is desirable.
c) Trustworthy system design principles are required across all aspects of a robot͛s
operation
d) Real-time status indicators to be provided to users to the greatest extent consistent
with reasonable design objectives.
e) Obvious opt-out mechanisms must be required to the greatest extent consistent
with reasonable design objectives.
iii) Legal Considerations
a) All relevant laws and regulations concerning individuals͛ rights and protections to be
respected.
b) A robot͛s decision paths must be re-constructible for the purposes of litigation and
dispute resolution.
iv) Social Considerations
a) To avoid any racist, sexist, ableist morphologies or behaviors while designing a
robot.
 b) Tendency of humans to form attachments to robots must be carefully considered
during designing.

10. Laws of Robotics for ensuring Cybersecurity

In the previous section we have highlighted the challenges which outrage the ethics of robotics.
In order to ensure that a robot performs all its functions within the boundaries of ethics, certain
laws have been introduced. The laws are as follows
i) It is mandatory to determine whether the designer, programmer, manufacturer or
operator is at fault in case an autonomous drone strikes or goes wrong or an automatic
car causes an accident. To allocate responsibilities, autonomous systems must be
equipped with logs with timestamp so that they can be referred to whenever needed.
ii) If ethical systems be embedded into robots, it is necessary that the decisions made must
seem justified to most of the people. Experimental philosophy may be used for the
same.
iii) A collaboration between engineers, ethicists, lawyers and policymakers ensures a
proper system. Both engineers and ethicists may work together to form a greater
understanding on the common subject.

11. The Future of Robotics

Robotics is one of the most contributory fields in the arena of information and technology. It is
continuously being prompted and altered to meet the very basic future requirements.
Anticipating the demands of this field in future, several inventions have already made their way
into sectors and several are being worked upon. It is believed, by the Ministry of Information
and Communication (South Korea) that by 2020, every South Korean household will enjoy the
privilege of owning a robot. Several intelligent robots will surface to carry out various intrinsic
operations and human level manual tasks. The US Department of Defense can foresee
completely autonomous robot soldiers by 2035. There are also speculations regarding
nanorobots. Technology evolving at such a rampant rate will definitely lead to many security
leaks in the future endeavors. As asked by Stephen Hawking, to an intelligent computer that had
been built, if there is a God, the system replied ͚there is now͛ followed by a bolt of lightning
struck to a plug such that it could not be turned off. Consequently, the future will be based on
what we create today, and if security risks are not taken care of, artificial intelligence which
forms the very basis of robotics may dominate humans someday. One way to ensure that
humans are ahead of robots in future is by taking care of the cyber security risks faced by
Robotics. It will not only give humans the power to steer what they have created, but will also
suppress the negative impacts which can be inflicted by robots.
Key Terminology & Definitions

Robotics
Machines have been around since classical times. Nowadays robots serve purposes in military,
commercial as well as domestic fields. They are helpful in diffusing weapons, finding survivors as well as
space operations. Robotics is a branch which makes use of mechanical engineering, computer
engineering and electronics engineering to design and construct robots by taking into account control,
feedback and information processing. These automated machines are believed to be able to mimic
humans in the coming future and may also resemble humans in appearance, behavior and cognition.

Humanoid Robotics
Humanoid robots are robots which resemble human beings with respect to their body shapes. They are
an excellent tool for researchers who need to comprehend human body structure and behavior
collaboratively known as biomechanics. They can perform human tasks like personal assistance and
providing entertainment. They may be used in future for performing dangerous space missions. An
Android is a humanoid robot. The extensive study of humanoid robots is termed as humanoid robotics.
It deals with designing and construction of humanoid robots.

Cybersecurity
The concept of cyber security dates back to the 1990s. The collaboration of tools, policies, security
concepts and risk management approaches which can lead to protection of a cyber-environment is
termed as cyber security. It leads to protection of computers, networks and data from unauthorized
access and risks initiated by cyber criminals. Thus it is the aggregation of efforts invested for eradicating
cyber risks.

Authors Bio:

Ishaani Priyadarshini completed her B.Tech in Computer Science and

Engineering from KIIT University, Bhubaneswar and is currently
pursuing her M.Tech in the same university. Her areas of interest
include Cybersecurity and Cloud Computing. She has published
Research papers in peer reviewed international journals and
conferences.
Email id : [email protected]
References
[1] Richard Kissel et al, ͚Glossary of Key Information Security Terms͛, Computer Security Division,
Information Technology laboratory, National Institute of Standards Technology, pp. 57-59, May
2013.

[2] Bob Struuk, ͚Influence of the new trends in the economics on the military and industrial
robot system design philosophy͛, National University of Public Service, PhD Institute in Military
Technology, pp. 15, 2014.

[3] George A. Bekey, ͚Autonomous Robots- From Biological inspiration to Implementation and
Control, MIT Press, Cambridge Massachussets, London, England, Chapter-1, pp. 01-02, 2005.

[4] Margaret Rouse, ͚Robot (Insect Robot, Autonomous Robot͛,

http://whatis.techtarget.com/definition/robot-insect-robot-autonomous-robot , April 2007.

[5] Ashley Carman, ͚Antbo is an insect robot you can build͛, www.theverge.com, 2016.

[6] Prathyusha.K et al,͛Design and development of a RFID based mobile robot͛, International
Journal of Engineering and Advanced Technology, Volume-1, Issue-1, pp.30-35, 2011.

[7] Takashi Minato et al, ͚ Development of an Android Robot for Studying Human Robot
Interaction͛, Innovations in Applied Artificial Intelligence Volume 3029 of the series Lecture
Notes in Computer Science, Springer, pp. 424-434, 2004.

[8] Sandra May, ͚What is Robotics͛, National Aeronautics and Space Administration,
www.nasa.gov , NASA Educational Technology Services, 2009.

[9] Michael Hoffman, ͚A Robot In Every South Korean Home by 2020͛, DailyTech, April 2004.

[10] Cortney L. Bolden, ͚Cybersecurity Challenges for Manned and Unmanned Systems͛,
American Military University, Homeland Security, 2015.

[11] Tamara Bonaci et al, ͚To Make a Robot Secure: An Experimental Analysis of Cyber Security
Threats Against Teleoperated Surgical Robots͛, ACM Transaction on Cyber-Physical Systems,
pp.02, 2015.

[12] Jennifer Langston. ͚ Researchers hack a teleoperated surgical robot to reveal security flaws͛,
www.washington.edu, University of Washington, pp. 01-03, 2015.
 [13] Tamara Denning et al, ͚A Spotlight on Security and Privacy Risks with Future Household
Robots: Attacks and Lessons͛, 11th International Conference on Ubiquitous Computing
(Ubicomp), pp. 105-114, October 2009.
[14] Sven Behnke et al, ͚Playing Soccer with RoboSapien͛, Lecture Notes in Artificial Intelligence,
LNAI 4020, Springer, 2006.

[15] Major John G. Lehane, ͚Military Androids: A vision for human replacement in 2035͛, United
States Marine Corps, School of Advanced War fighting, Marine Corps University, pp. 01-23,
2010.

[16] Murph Finnicum and Samuel T. King, ͚Building Secure Robot Applications͛, Proceedings of
the 6th USENIX conference on Hot topics in security͛ USENIX Association Berkeley,pp. 01-06,
2011.

[17] Laurel D. Riek and Don Howard, ͚A Code of Ethics for the Human-Robot Interaction
Profession͛, In We Robot 2014.

View publication stats