SROS1: Using and Developing Secure ROS1 Systems

Part of the Studies in Computational Intelligence book series (SCI, volume 778)


SROS1 is a proposed addition to the ROS1 API and ecosystem to support modern cryptography and security measures. An overview of current progress will be presented, explaining each major advancement, including: over-the-wire cryptography for all data transport, namespaced access control enforcing graph policies/restrictions, and finally process profiles using Linux Security Modules to harden a node’s resource access. This chapter not only seeks to raise community awareness of the vulnerabilities in ROS1, but to provide clear instruction along designed patterns of development for using proposed solutions provided by SROS1 to advance the state of security for open source robotics subsystems.


ROS Secure communications Access control Robotics 



The authors would like to thank the Open Source Robotics Foundation for helping support the design and development of the SROS work presented. This work has been partially supported by CINI Cybersecurity National Laboratory within the project FilieraSicura: Securing the Supply Chain of Domestic Critical Infrastructures from Cyber Attacks.


  1. 1.
    J. Åkerberg, M. Gidlund, T. Lennvall, J. Neander, M. Björkman, Efficient integration of secure and safety critical industrial wireless sensor networks (EURASIP J. Wirel. Commun, Netw, 2011)Google Scholar
  2. 2.
    J. Åkerberg, M. Gidlund, T. Lennvall, J. Neander, M. Björkman, Efficient integration of secure and safety critical industrial wireless sensor networks. EURASIP J. Wirel. Commun. Netw. 2011(1), 100 (2011)CrossRefGoogle Scholar
  3. 3.
    M. Bauer, Paranoid penguin: an introduction to novell apparmor. Linux J. 2006(148), 13 (2006)Google Scholar
  4. 4.
    B. Breiling, B. Dieber, P. Schartner, Secure communication for the robot operating system, in 2017 Annual IEEE International Systems Conference (SysCon) (2017), pp. 1–6Google Scholar
  5. 5.
    M. Cheminod, L. Durante, A. Valenzano, Review of security issues in industrial networks, in IEEE Transactions on Industrial Informatics, vol. 9 (2013)CrossRefGoogle Scholar
  6. 6.
    C.M. Chris Valasek, Remote Exploitation of an Unaltered Passenger Vehicle. Technical report, IOActive, (2015)Google Scholar
  7. 7.
    A. Cortesi, P. Ferrara, N. Chaki, Static analysis techniques for robotics software verification, in Proceedings of the 44th International Symposium on Robotics, IEEE ISR 2013, Seoul, Korea (South), October 24–26, 2013 (2013), pp. 1–6Google Scholar
  8. 8.
    S.K. Datta, R.P.F. Da Costa, C. Bonnet, J. Härri, ONEM2M architecture based IOT framework for mobile crowd sensing in smart cities, in 2016 European Conference on Networks and Communications (EuCNC) (IEEE, New York, 2016), pp. 168–173Google Scholar
  9. 9.
    T. Denning, C. Matuszek, K. Koscher, J.R. Smith, T. Kohno, A spotlight on security and privacy risks with future household robots: attacks and lessons, in Proceedings of the 11th International Conference on Ubiquitous Computing, UbiComp’09 (2009), pp. 105–114Google Scholar
  10. 10.
    B. Dieber, S. Kacianka, S. Rass, P. Schartner, Application-level security for ROS-based applications, in 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS) (IEEE, 2016), pp. 4477–4482Google Scholar
  11. 11.
    R. Dóczi, F. Kis, B. St, V. Pser, G. Kronreif, E. Jsvai, M. Kozlovszky, Increasing ros 1.x communication security for medical surgery robot, in 2016 IEEE International Conference on Systems, Man, and Cybernetics (SMC) (2016), pp. 4444–4449Google Scholar
  12. 12.
    B. Dowling, M. Fischlin, F. Günther, D. Stebila, A cryptographic analysis of the TLS 1.3 handshake protocol candidates, in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15 (ACM, New York, 2015), pp. 1197–1210.
  13. 13.
    D. Dzung, M. Naedele, T.P. von Hoff, M. Crevatin, Security for industrial communication systems. Proc. IEEE 93, 1152–1177 (2005)CrossRefGoogle Scholar
  14. 14.
    W.K. Edwards, R.E. Grinter, At home with ubiquitous computing: Seven challenges, in Proceedings of the 3rd International Conference on Ubiquitous Computing, UbiComp ’01 (2001), pp. 256–272CrossRefGoogle Scholar
  15. 15.
    P.E. Eric Byres, D. Hoffman, The myths and facts behind cyber security risks for industrial control systems, in VDE Kongress (2004)Google Scholar
  16. 16.
    I. Foster, A. Prudhomme, K. Koscher, S. Savage, Fast and vulnerable: a story of telematic failures, in Proceedings of the 9th USENIX Conference on Offensive Technologies. WOOT’15 (2015)Google Scholar
  17. 17.
    J. Huang, C. Erdogan, Y. Zhang, B. Moore, Q. Luo, A. Sundaresan, G. Rosu, Rosrv: Runtime verification for robots, in Proceedings of the 14th International Conference on Runtime Verification. LNCS, vol. 8734 (Springer International Publishing, Berlin, 2014), pp. 247–254Google Scholar
  18. 18.
    K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, Experimental security analysis of a modern automobile, in Proceedings of the 2010 IEEE Symposium on Security and Privacy, SP ’10 (2010), pp. 447–462Google Scholar
  19. 19.
    F.J.R. Lera, J. Balsa, F. Casado, C. Fernández, F.M. Rico, V. Matellán, Cybersecurity in autonomous systems: Evaluating the performance of hardening ROS. Málaga, Spain-June 2016, 47 (2016)Google Scholar
  20. 20.
    I. Muscat, Web vulnerabilities: identifying patterns and remedies. Netw. Secur. 2016(2), 5–10 (2016), CrossRefGoogle Scholar
  21. 21.
    M. Nemec, M. Sys, P. Svenda, D. Klinec, V. Matyas, The return of coppersmith’s attack: practical factorization of widely used RSA moduli, in 24th ACM Conference on Computer and Communications Security (CCS’2017) (ACM, New York, 2017), pp. 1631–1648Google Scholar
  22. 22.
    G. Pardo-Castellote, OMG data-distribution service: architectural overview, in 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings (2003), pp. 200–206Google Scholar
  23. 23.
    D. Portugal, M.A. Santos, S. Pereira, M.S. Couceiro, On the security of robotic applications using ROS, in Artificial Intelligence Safety and Security (CRC Press, Boca Raton, 2017)Google Scholar
  24. 24.
    M. Quigley, K. Conley, B. Gerkey, J. Faust, T. Foote, J. Leibs, R. Wheeler, A.Y. Ng, ROS: an open-source robot operating system, in ICRA Workshop on Open Source Software, vol. 3 (Japan, Kobe, 2009), p. 5Google Scholar
  25. 25.
    A. Stubblefield, J. Ioannidis, A.D. Rubin et al., Using the fluhrer, mantin, and shamir attack to break wep, in NDSS (2002)Google Scholar
  26. 26.
    M. Vanhoef, F. Piessens, Key reinstallation attacks: Forcing nonce reuse in WPA2, in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17 (ACM, New York, 2017), pp. 1313–1328.
  27. 27.
    C. Wang, A. Carzaniga, D. Evans, A.L. Wolf, Security issues and requirements for internet-scale publish-subscribe systems, in Proceedings of the 35th Annual Hawaii International Conference on System Sciences, 2002. HICSS (IEEE, New York, 2002), pp. 3940–3947Google Scholar
  28. 28.
    R. White, M. Quigley, ,S ROS: Securing ROS Over the Wire, in the Graph, and Through the Kernel (ROSCon, Seoul South Korea, 2016),
  29. 29.
    R. White, M. Quigley, H. Christensen, SROS: Securing ROS over the wire, in the graph, and through the kernel, in Humanoids Workshop: Towards Humanoid Robots OS (Cancun, Mexico, 2016)Google Scholar
  30. 30.
    W. Xu, S. Bhatkar, R. Sekar, Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks, in USENIX Security Symposium (2006), pp. 121–136Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Contextual Robotics Institute, University of CaliforniaLa JollaUSA
  2. 2.Ca’ Foscari UniversityVeneziaItaly

Personalised recommendations