Brown University Paper Shows Research Robot Vulnerability

Aug 28, 2018 · 2 min read

Google Brain Research Scientist Ian Goodfellow has tweeted an alarm about IoT hacking of a particularly nightmarish type, after Brown University security researchers were able to remotely access and control a robot in a university research lab. The research also showed that many robotic labs worldwide may be vulnerable to such a takeover technique.

Security issues are a top concern in robotic platforms, and although industrial robot security is robust, relatively little effort has been put into discovering and mitigating security issues at robotics research facilities. The Brown University researchers scanned the global IPv4 address space and identified a number of Robot Operating Systems (ROS) exposed to the public Internet — which could enable unauthorized access to robotic sensors and actuators. A remote operator could for example make a robot leak sensitive information about its surroundings, or even cause physical harm.

ROS designers are not security experts, and do not have a clear threat model to include in any security mechanism. Brown University researchers found more than 100 publicly accessible hosts running vulnerable ROS master nodes across North America, Europe and Asia. A number of these connect to simulators, while others appear to be real robots that could be remotely manipulated. The robot they were able to remotely read sensor info from and move (with consent) belonged to a research group at a US university.

The Brown University research has two main goals: to emphasize the importance of robot security not only in production systems, but also in the scientific research environment; and to provide information about a concerning situation and guidance on how the robotics community can improve security.

The paper Scanning the Internet for ROS: A View of Security in Robotics Research has been published on arXiv.

Author: Jessie Geng | Editor: Michael Sarazen

Follow us on Twitter @Synced_Global for more AI updates!

Subscribe to Synced Global AI Weekly to get insightful tech news, reviews and analysis! Click here !

We produce professional, authoritative, and…


Written by

AI Technology & Industry Review — | Newsletter: | Share My Research | Twitter: @Synced_Global


We produce professional, authoritative, and thought-provoking content relating to artificial intelligence, machine intelligence, emerging technologies and industrial insights.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store