Edition 2 | Exploring the Autonomous Systems

5 months ago, I posted by saying- Autonomous vehicle companies may or may not use it, but learning ROS is a smart move-you might be surprised in the future.

I was incorrect! Today, I say "Autonomous vehicle companies use it, learn it now".

Yes, it is a window into opportunities.

Robotics Hacking

Back in December 2022, I started to learn ROS1 with the goal of exploring Robotics Cybersecurity. The first thing I did was program an automated bash script and perform a replay attack on a simulation bot. Easy-peasy ;)

This is just an example of what another tests we will conduct during assessment of autonomous vehicles which are powered by Robot Operating Systems (ROS). They perceive environmental data, process it, make decisions, and then control the actuators to move autonomously. I won't go into detail because I'm just trying to hand you homework.

Now, without further ado, let's try to understand the different types of Autonomous Systems and their unique security challenges based on their working and use cases.

Open-World Autonomous Systems

This kind of autonomous vehicle operates in unpredictable environments, like autonomous cars navigating in real-world traffic with lot of unpredictable and unplanned scenarios. Their ability to adapt to dynamic conditions makes them super advanced but also vulnerable to cyber threats like spoofing, signal interference, and unexpected sensor manipulation.

Threat actors can find it hard to get into this systems(it all depends on level of security though) but once exploited, these can cause malfunction or even gain control over the autonomous systems.

Here’s few list of unique security challenges open-world autonomous systems may have:

• Constantly Changing Conditions: Open-world systems, like autonomous vehicles, operate in unpredictable environments where they interact with other vehicles, pedestrians, and infrastructure. This makes it harder to predict threats, as attackers can exploit dynamic elements such as GPS spoofing, sensor interference, or even physical obstacles.

Have a look at this post by Denis Laskov , a perfect example of physical obstacles.

• Interconnected Systems: Open-world autonomous systems often rely on V2X (Vehicle-to-Everything) communication, connects with infrastructure, other vehicles, and cloud services. This significantly increases the attack surface with technology related to V2X communication rather than other simpler elements of the vehicles.
• Dependency on External Data Sources & Sensors: Open-world systems need external data & sensor-fusion for decision-making (e.g., maps, weather, traffic, perceptions), which can be tampered or compromised. For example, threat actor can manipulate data feeds, causing incorrect navigation or hazardous behavior.

• Dependence on AI and ML: Many open-world systems rely on AI/ML for real-time decision. These algorithms can be manipulated through adversarial attacks (e.g., altering traffic signs that confuse the AI) or data poisoning (manipulating input data to bias decision-making).
• Latency Sensitivity: Open-world systems require low-latency communication to make real-time decisions, especially in critical scenarios like collision avoidance. Any delays or disruptions caused by cyberattacks or interference can have serious consequences, such as accidents or system failures.

Closed-World Systems

On the other hand, functions within pre-defined, controlled environments, such as autonomous shuttles in the parks, airport, industrial areas or automated manufacturing robots on a factory floor. Their map and path is not going to change dynamically. They know their decision very precisely like when to slow down, turn, and so on. While they might seem more secure to you, they’re not actually immune to security risks like insider threats, malware attacks, or unauthorized access. A breach can lead to significant disruptions of functions and potential safety hazards.

Closed-world systems can sometimes appear to be more secure due to their controlled environments. However, the implemented security can create vulnerabilities if not addressed properly.

Here is a list of unique security challenges, closed-world systems may have:

• Controlled Environment: Since closed-world systems operate in predictable, well-defined environments (like factories or warehouses), there are often an assumptions that external threats are limited. This can lead to less focus on cybersecurity measures, making these systems more vulnerable to insider threats that exploit internal weaknesses.
• Less Adaptability: Closed-world systems are designed for specific, fixed tasks and are less learning capabilities to unexpected conditions, making them more susceptible if a threat actor finds a way to manipulate the environment or internal systems.

• Insider Threats: In a closed-world area, unauthorized access is more likely to come from within the organization, such as unhappy employees or contractors. These Insider can exploit it using their knowledge of the system to launch attacks, install malware, or cause disruptions in the functions.

• Lack of Security Patch: Since the environment and system configurations are mostly static, closed-world systems may not receive frequent software updates or security patches. This leaves them vulnerable to exploits based on known vulnerabilities that have not been addressed, comparing to open-world systems that often need continuous monitoring and security updates.

• Focus on Operational over Cybersecurity: In industries like manufacturing, efficiency in operations and uptime are their top priorities. This focus can sometimes ignores the need for required security protocols, leading to an environment where productivity is prioritized at the expense of cybersecurity.

Both autonomous systems rely on sensors, like cameras LiDAR, and communication modules, the number of components increases the attack surface. Attackers can target anything from LIDAR sensors to wireless communication modules, making it easier to find weak points.

Coming to ROS, It can be found in both open-world and closed-world autonomous vehicles, but the architectural factors often make it more easily accessible, and potentially more vulnerable, in closed-world systems.

In many closed-world autonomous vehicles or robots, physical access to the hardware running ROS is often easier. Threat actor can physically connect to the network, attach malicious devices, or tamper with nodes directly.

However, in open-world systems like autonomous cars, physical access is harder to achieve, requiring more sophisticated remote attacks including multiple expertise to get into ROS network.

END

Alright, that's all I had planned for you all. Thanks for sticking with me until the end of this edition; until next time, bye! Happy learning and stay ahead of the game of cybersecurity.

Yours in Cybersecurity

Gagan (Sourav)

PS: While I start writing the next edition, spread the word about "Security Pulse" by sharing it with your connections and friends.