This paper presents a novel mechanism implemented in the SW to identify and authorize secure service call from the NW. While the current solution needs changes of the non-secure software (typically an RTOS), our solution exploits available hardware (i.e., the memory protection unit or MPU) to handle clients identification and authorization in a transparent way to non-secure software.

The Robotic Operating System (ROS) is the de-facto standard for the development of modular robotic systems. However, ROS is notorious for the absence of security mechanisms, only partially covered by recent advancements. Indeed, an attacker can easily break into ROS-enabled systems and hijacks arbitrary messages. We propose an integrated solution, ROS-Immunity, with small overhead that allows ROS users to harden their systems against attackers. The solution consists of three components: robustness assessment, automatic rule generation, and distributed defense with a firewall. ROSImmunity is also able to detect on-going attacks that exploit new vulnerabilities in ROS systems. We evaluated our solution against four use-cases: a self-driving car, a swarm robotic system, a centralized assembly line, and a real-world decentralized one. ROS-Immunity was found to have minimal overhead, with only an additional 7-18% extra system power per robot required to operate it. Furthermore, ROS-Immunity was able to prevent a wide variety of ROS system attacks with a worst-case false positive rate of only 17% and a typical false positive rate of 8%. Finally, ROS-Immunity was found to be able to react to and stop attackers after at most 2.4 seconds, when confronted with unknown vulnerabilities.

We demonstrate a new fuzzing tool for the Robotic Operating System (ROS), which exploits the physical nature of robotic systems to detect a novel class of bugs.