The Robotic Operating System (ROS) is a popular framework for robotics research and development. It's a system that provides hardware abstraction with low-level device management to handle communications and services. ROS is a distributed system, which allows various nodes in a network to communicate using a method such as message passing. When integrating systems using ROS, it is vital to consider the security and privacy of the data and information shared across ROS nodes, which is considered to be one of the most challenging aspects of ROS systems. The goal of this study is to examine the ROS architecture, primary components, and versions, as well as the types of vulnerabilities that might compromise the system. In order to achieve the CIA's three fundamental security criteria on a ROS-based platform, we categorized these vulnerabilities and looked into various security solutions proposed by researchers. We provide a comparative analysis of the ROS-related security solutions, the security threats and issues they addressed, the targeted architecture of the protection or defense system, the solution's evaluation methodology and the evaluation metric, and the limitations that might be viewed as unresolved issues for the future course of action. Finally, we look into future possibilities and open challenges to assist researchers to develop more secure and efficient ROS systems.

AbuSaif is a human-like social robot designed and built at the UAE University's Artificial Intelligence and Robotics Lab. AbuSaif was initially operated by a classical personal computer (PC), like most of the existing social robots. Thus, most of the robot's functionalities are limited to the capacity of that mounted PC. To overcome this, in this study, we propose a web-based platform that shall take the benefits of clustering in cloud computing. Our proposed platform will increase the operational capability and functionality of AbuSaif, especially those needed to operate artificial intelligence algorithms. We believe that the robot will become more intelligent and autonomous using our proposed web platform.

Robot Operating System 2 (ROS2) is the latest release of a framework for enabling robot applications. Data Distribution Service (DDS) middleware is used for communication between nodes in a ROS2 cluster. The DDS middleware provides a distributed discovery system, message definitions and serialization, and security. In ROS2, the DDS middleware is accessed through an abstraction layer, making it easy to switch from one implementation to another. The existing middleware implementations differ in a number of ways, e.g., in how they are supported in ROS2, in their support for the security features, their ease of use, their performance, and their interoperability. In this work, the focus is on the ease of use, interoperability, and security features aspects of ROS2 DDS middleware. We compare the ease of installation and ease of use of three different DDS middleware, and test the interoperability of different middleware combinations in simple deployment scenarios. We highlight the difference that enabling the security option makes to interoperability, and conduct performance experiments that show the effect that turning on security has on the communication performance. Our results provide guidelines for choosing and deploying DDS middleware on a ROS2 cluster.

Systems for relative localization in multi-robot systems based on ultra-wideband (UWB) ranging have recently emerged as robust solutions for GNSS-denied environments. Scalability remains one of the key challenges, particularly in adhoc deployments. Recent solutions include dynamic allocation of active and passive localization modes for different robots or nodes in the system. with larger-scale systems becoming more distributed, key research questions arise in the areas of security and trustability of such localization systems. This paper studies the potential integration of collaborative-decision making processes with distributed ledger technologies. Specifically, we investigate the design and implementation of a methodology for running an UWB role allocation algorithm within smart contracts in a blockchain. In previous works, we have separately studied the integration of ROS2 with the Hyperledger Fabric blockchain, and introduced a new algorithm for scalable UWB-based localization. In this paper, we extend these works by (i) running experiments with larger number of mobile robots switching between different spatial configurations and (ii) integrating the dynamic UWB role allocation algorithm into Fabric smart contracts for distributed decision-making in a system of multiple mobile robots. This enables us to deliver the same functionality within a secure and trustable process, with enhanced identity and data access management. Our results show the effectiveness of the UWB role allocation for continuously varying spatial formations of six autonomous mobile robots, while demonstrating a low impact on latency and computational resources of adding the blockchain layer that does not affect the localization process.

Internet of Medical Things (IoMT) is a rapidly growing branch of IoT (Internet of Things), which requires special treatment to cyber security due to confidentiality of healthcare data and patient health threat. Healthcare data and automated medical devices might become vulnerable targets of malicious cyber-attacks. While a large number of robotic applications, including medical and healthcare, employ robot operating system (ROS) as their backbone, not enough attention is paid for ROS security. The paper discusses a security of ROS-based swing doors automation in the context of a robotic hospital framework, which should be protected from cyber-attacks.

ROS 2 is rapidly becoming a standard in the robotics industry. Built upon DDS as its default communication middleware and used in safety-critical scenarios, adding secu-rity to robots and ROS computational graphs is increasingly becoming a concern. The present work introduces SROS2, a series of developer tools and libraries that facilitate adding security to ROS 2 graphs. Focusing on a usability-centric approach in SROS2, we present a methodology for securing graphs systematically while following the DevSecOps model. We also demonstrate the use of our security tools by presenting an application case study that considers securing a graph using the popular Navigation2 and SLAM Toolbox stacks applied in a TurtieBot3 robot. We analyse the current capabilities of SROS2 and discuss the shortcomings, which provides insights for future contributions and extensions. Ultimately, we present SROS2 as usable security tools for ROS 2 and argue that without usability, security in robotics will be greatly impaired.

Using multi-UAV systems to accomplish both civil and military missions is becoming a popular trend. With the development of software and hardware technologies, Unmanned aerial vehicles (UAVs) are now able to operate autonomously at edge. However, the remote control of manned systems, e.g., ground control station (GCS), remains essential to mission success, and the system's control and non-payload communication (CNPC) are facing severe cyber threats caused by smart attacks. To avoid hijacking, in this paper, we propose a secure mechanism that reduces such security risks for multi-UAV systems. We introduce friendly jamming from UAVs to block eavesdropping on the remote control channel. The trade-off between security and energy consumption is optimized by three approaches designed for UAV and GCS under algorithms of different complexities. Numerical results show the approach efficiency under different mission conditions and security demands, and demonstrate the features of the proposed mechanism for various scenarios.

Network security isolation technology is an important means to protect the internal information security of enterprises. Generally, isolation is achieved through traditional network devices, such as firewalls and gatekeepers. However, the security rules are relatively rigid and cannot better meet the flexible and changeable business needs. Through the double sandbox structure created for each user, each user in the virtual machine is isolated from each other and security is ensured. By creating a virtual disk in a virtual machine as a user storage sandbox, and encrypting the read and write of the disk, the shortcomings of traditional network isolation methods are discussed, and the application of cloud desktop network isolation technology based on VMwarer technology in universities is expounded.

To train new staff to be efficient and ready for the tasks assigned is vital. They must be equipped with knowledge and skills so that they can carry out their responsibility to ensure smooth daily working activities. As transitioning to IPv6 has taken place for more than a decade, it is understood that having a dual-stack network is common in any organization or enterprise. However, many Internet users may not realize the importance of IPv6 security due to a lack of awareness and knowledge of cyber and computer security. Therefore, this paper presents an approach to educating people by introducing a security mechanisms model that can be applied in handling security challenges via network sandboxing by setting up an isolated dual stack network testbed using GNS3 to perform network security analysis. The finding shows that applying security mechanisms such as access control lists (ACLs) and host-based firewalls can help counter the attacks. This proves that knowledge and skills to handle dual-stack security are crucial. In future, more kinds of attacks should be tested and also more types of security mechanisms can be applied on a dual-stack network to provide more information and to provide network engineers insights on how they can benefit from network sandboxing to sharpen their knowledge and skills.

In order to prevent malicious environment, more and more applications use anti-sandbox technology to detect the running environment. Malware often uses this technology against analysis, which brings great difficulties to the analysis of applications. Research on anti-sandbox countermeasure technology based on application virtualization can solve such problems, but there is no good solution for sensor simulation. In order to prevent detection, most detection systems can only use real device sensors, which brings great hidden dangers to users’ privacy. Aiming at this problem, this paper proposes and implements a sensor anti-sandbox countermeasure technology for Android system. This technology uses the CNN-LSTM model to identify the activity of the real machine sensor data, and according to the recognition results, the real machine sensor data is classified and stored, and then an automatic data simulation algorithm is designed according to the stored data, and finally the simulation data is sent back by using the Hook technology for the application under test. The experimental results show that the method can effectively simulate the data characteristics of the acceleration sensor and prevent the triggering of anti-sandbox behaviors.

This paper presents a definition of a secure system and design principles, which help govern security policies within an embedded system. By understanding a secure system, a common system on chip (SoC) architecture is evaluated and their vulnerabilities explored. This effort helped define requirements for a framework for a secure and isolated SoC architecture for users to develop in. Throughout this paper, a SoC architecture framework for isolated domains has been proposed and its robustness verified against different attack scenarios. To support different levels of criticality and complexity in developing user applications, three computing domains were proposed: security and safety critical (SSC) domain, high performance (HP) domain, and sandbox domain. These domains allow for complex applications to be realized with varying levels of security. Isolation between different computing domains is established using consumer off the shelf (COTS) techniques and architectural components provided by the Zynq Ultrascale+ (ZU+) multiprocessor SoC (MPSoC). To the best of our knowledge, this is the first work that implements a secure system design on the ZU+ platform. There have been many other implementations in hardware security to mitigate certain attack scenarios such as side channel attacks, temporal attacks, hardware trojans, etc. However, our work is different than others, as it establishes the framework for isolated computing domains for secure applications and also verifies system security by attacking one domain from the others.

Virtual machine (VM) based application sandboxes leverage strong isolation guarantees of virtualization techniques to address several security issues through effective containment of malware. Specifically, in end-user physical hosts, potentially vulnerable applications can be isolated from each other (and the host) using VM based sandboxes. However, sharing data across applications executing within different sandboxes is a non-trivial requirement for end-user systems because at the end of the day, all applications are used by the end-user owning the device. Existing file sharing techniques compromise the security or efficiency, especially considering lack of technical expertise of many end-users in the contemporary times. In this paper, we propose MicroBlind, a security hardened file sharing framework for virtualized sandboxes to support efficient data sharing across different application sandboxes. MicroBlind enables a simple file sharing management API for end users where the end user can orchestrate file sharing across different VM sandboxes in a secure manner. To demonstrate the efficacy of MicroBlind, we perform comprehensive empirical analysis against existing data sharing techniques (augmented for the sandboxing setup) and show that MicroBlind provides improved security and efficiency.

Mobile devices are an inseparable part of our lives. They have made it possible to access all the information and services anywhere at any time. Almost all of the organizations try to provide a mobile device-based solution to its users. However, this convenience has arisen the risk of losing personal information and has increased the threat to security. It has been observed recently that some of the mobile device manufacturers and mobile apps developers have lost the private information of their users to hackers. It has risen a great concern among mobile device users about their personal information. Android and iOS are the major operating systems for mobile devices and share over 99% of the mobile device market. This research aims to conduct a comparative analysis of the security of the components in the Android and iOS operating systems. It analyses the security from several perspectives such as memory randomization, application sandboxing, isolation, encryption, built-in antivirus, and data storage. From the analysis, it is evident that iOS is more secure than Android operating system. However, this security comes with a cost of losing the freedom.

Emails are widely used as a form of communication and sharing files in an organization. However, email is widely used by cybercriminals to spread malware and carrying out cyber-attacks. We implemented an open-source email gateway in conjunction with a security sandbox for securing emails against malicious attachments. The email gateway scans all incoming and outgoing emails and stops emails containing suspicious files. An automated python script would then send the suspected email to the sandboxing element through sandbox API for further analysis, while the script is used also for the prevention of duplicate results. Moreover, the mail server administrator receives notifications from the email gateway about suspicious attachments. If detected attachment is a true positive based on the sandbox analysis result, email is deleted, otherwise, the email is delivered to the recipient. The paper describes in an empirical way the steps followed during the implementation, results, and conclusions of our research.

Malicious software (malware) poses a significant threat to the security of our networks and users. In the ever-evolving malware landscape, Excel 4.0 Office macros (XL4) have recently become an important attack vector. These macros are often hidden within apparently legitimate documents and under several layers of obfuscation. As such, they are difficult to analyze using static analysis techniques. Moreover, the analysis in a dynamic analysis environment (a sandbox) is challenging because the macros execute correctly only under specific environmental conditions that are not always easy to create. This paper presents SYMBEXCEL, a novel solution that leverages symbolic execution to deobfuscate and analyze Excel 4.0 macros automatically. Our approach proceeds in three stages: (1) The malicious document is parsed and loaded in memory; (2) Our symbolic execution engine executes the XL4 formulas; and (3) Our Engine concretizes any symbolic values encountered during the symbolic exploration, therefore evaluating the execution of each macro under a broad range of (meaningful) environment configurations. SYMBEXCEL significantly outperforms existing deobfuscation tools, allowing us to reliably extract Indicators of Compromise (IoCs) and other critical forensics information. Our experiments demonstrate the effectiveness of our approach, especially in deobfuscating novel malicious documents that make heavy use of environment variables and are often not identified by commercial anti-virus software.

This paper describes a cybersecurity model for Supervisory Control and Data Acquisition system (SCADA) using techniques similar to those used in reliability systems modelling. Previously, cybersecurity events were considered a part of the reliability events of a cyber physical system [1] [2]. Our approach identifies and treats such events separately as unique class of events by itself. Our analyses shows that the hierarchical model described below has the potential for quantifying the cybersecurity posture of a SCADA system, which goes beyond the usual pass/fail metrics that are currently in use [3]. A range of Mean Time to Security Failure (MTTSF) values as shown in the sensitivity studies below can capture both peacetime and wartime cyber risk assessment of the system. While the Attack and Countermeasure Tree (ACT) constructed below could be taken as somewhat simplistic, more detailed security events can be readily introduced to the ACT tree to reflect a better depiction of a cyberattack. For example, the Common Processing Systems (CPS) systems themselves can be further resolved into constituent components that are vulnerable to cyberattacks. Separate models can also be developed for each of the individual failure events, i.e. confidentiality, integrity, and availability, instead of combining them into one failure event as done below. The methodology for computing the MTTSF metric can be extended to other similar cybersecurity metrics, such as those formulated by the Center for Internet Security (CIS) [3], e.g. mean time to restore to operational status, etc. Additional improvements to the model can be obtained with the incorporation of the repair and restore portion of the semi-Markov chain in Figure 3, which will likely require the use of more advance modeling packages.

Supervisory Control and Data Acquisition (SCADA) systems are used to control and monitor components within the energy grid, playing a significant role in the stability of the system. As a part of critical infrastructures, components in these systems have to fulfill a variety of different requirements regarding their dependability and must also undergo strict audit procedures in order to comply with all relevant standards. This results in a slow adoption of new functionalities. Due to the emerged threat of cyberattacks against critical infrastructures, extensive security measures are needed within these systems to protect them from adversaries and ensure a stable operation. In this work, a solution is proposed to integrate extensive security measures into current systems. By deploying additional security-gateways into the communication path between two nodes, security features can be integrated transparently for the existing components. The developed security-gateway is compliant to all regulatory requirements and features an internal architecture based on the separation-of-concerns principle to increase its security and longevity. The viability of the proposed solution has been verified in different scenarios, consisting of realistic field tests, security penetration tests and various performance evaluations.

SCADA systems are one of the critical infrastructures and face many security threats. Attackers can control SCADA systems through network attacks, destroying the normal operation of the power system. It is important to conduct a risk assessment of security threats on SCADA systems. However, existing models for risk assessment using attack trees mainly focus on describing possible intrusions rather than the interaction between threats and defenses. In this paper, we comprehensively consider intrusion likelihood and defense capability and propose a quantitative risk assessment model of security threats based on attack countermeasure tree (ACT). Each leaf node in ACT contains two attributes: exploitable vulnerabilities and defense countermeasures. An attack scenario can be constructed by means of traversing the leaf nodes. We set up six indicators to evaluate the impact of security threats in attack scenarios according to NISTIR 7628 standard. Experimental results show the attack probability of security threats and high-risk attack scenarios in SCADA systems. We can improve defense countermeasures to protect against security threats corresponding to high-risk scenarios. In addition, the model can continually update risk assessments based on the implementation of the system’s defensive countermeasures.

The world’s most important industrial economy is particularly vulnerable to both external and internal threats, such as the one uncovered in Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS). Upon those systems, the success criteria for security are quite dynamic. Security flaws in these automated SCADA systems have already been discovered by infiltrating the entire network in addition to reducing production line hazards. The objective of our review article is to show various potential future research voids that recent studies have, as well as how many methods are available to concentrate on specific aspects of risk assessment of manufactured systems. The state-of-the-art methods in cyber security risk assessment of SCADA systems are reviewed and compared in this research. Multiple contemporary risk assessment approaches developed for or deployed in the settings of a SCADA system are considered and examined in detail. We outline the approaches’ main points before analyzing them in terms of risk assessment, conventional analytical procedures, and research challenges. The paper also examines possible risk regions or locations where breaches in such automated SCADA systems can emerge, as well as solutions as to how to safeguard and eliminate the hazards when they arise during production manufacturing.

The aim of this paper is to examine noteworthy cyberattacks that have taken place against ICS and SCADA systems and to analyse them. This paper also proposes a new classification scheme based on the severity of the attack. Since the information revolution, computers and associated technologies have impacted almost all aspects of daily life, and this is especially true of the industrial sector where one of the leading trends is that of automation. This widespread proliferation of computers and computer networks has also made it easier for malicious actors to gain access to these systems and networks and carry out harmful activities.

The SCADA (Supervisory Control And Data Acquisition) has become ubiquitous in industrial control systems. However, it may be exposed to cyber attack threats when it accesses the Internet. We propose a three-layer IDS (Intrusion Detection System) model, which integrates three main functions: access control, flow detection and password authentication. We use the reliability test system IEEE RTS-79 to evaluate the reliability. The experimental results provide insights into the establishment of the power SCADA system reliability enhancement strategies.

Software-Defined Networking (SDN) technique is presented in this paper to manage the Naval Supervisory Control and Data Acquisition (SCADA) network for equipping the network with the function of reconfiguration and scalability. The programmable nature of SDN enables a programmable Modular Topology Generator (MTG), which provides an extensive control over the network’s internal connectivity and traffic control. Specifically, two functions of MTG are developed and examined in this paper, namely linkHosts and linkSwitches. These functions are able to place the network into three different states, i.e., fully connected, fully disconnected, and partially connected. Therefore, it provides extensive security benefits and allows network administrators to dynamically reconfigure the network and adjust settings according to the network’s needs. Extensive tests on Mininet have demonstrated the effectiveness of SDN for enabling the reconfigurable and scalable Naval SCADA network. Therefore, it provides a potent tool to enhance the resiliency/survivability, scalability/compatibility, and security of naval SCADA networks.

Supervisory control and data acquisition (SCADA) systems play pivotal role in the operation of modern critical infrastructures (CIs). Technological advancements, innovations, economic trends, etc. have continued to improve SCADA systems effectiveness and overall CIs’ throughput. However, the trends have also continued to expose SCADA systems to security menaces. Intrusions and attacks on SCADA systems can cause service disruptions, equipment damage or/and even fatalities. The use of conventional intrusion detection models have shown trends of ineffectiveness due to the complexity and sophistication of modern day SCADA attacks and intrusions. Also, SCADA characteristics and requirement necessitate exceptional security considerations with regards to intrusive events’ mitigations. This paper explores the viability of supervised learning algorithms in detecting intrusions specific to SCADA systems and their communication protocols. Specifically, we examine four supervised learning algorithms: Random Forest, Naïve Bayes, J48 Decision Tree and Sequential Minimal Optimization-Support Vector Machines (SMO-SVM) for evaluating SCADA datasets. Two SCADA datasets were used for evaluating the performances of our approach. To improve the classification performances, feature selection using principal component analysis was used to preprocess the datasets. Using prominent classification metrics, the SVM-SMO presented the best overall results with regards to the two datasets. In summary, results showed that supervised learning algorithms were able to classify intrusions targeted against SCADA systems with satisfactory performances.

Supervisory Control and Data Acquisition (SCADA) systems are utilized extensively in critical power grid infrastructures. Modern SCADA systems have been proven to be susceptible to cyber-security attacks and require improved security primitives in order to prevent unwanted influence from an adversarial party. One section of weakness in the SCADA system is the integrity of field level sensors providing essential data for control decisions at a master station. In this paper we propose a lightweight hardware scheme providing inferred authentication for SCADA sensors by combining an analog to digital converter and a permutation generator as a single integrated circuit. Through this method we encode critical sensor data at the time of sensing, so that unencoded data is never stored in memory, increasing the difficulty of software attacks. We show through experimentation how our design stops both software and hardware false data injection attacks occurring at the field level of SCADA systems.

With the advent of cloud storage services many users tend to store their data in the cloud to save storage cost. However, this has lead to many security concerns, and one of the most important ones is ensuring data integrity. Public verification schemes are able to employ a third party auditor to perform data auditing on behalf of the user. But most public verification schemes are vulnerable to procrastinating auditors who may not perform auditing on time. These schemes do not have fair arbitration also, i.e. they lack a way to punish the malicious Cloud Service Provider (CSP) and compensate user whose data has been corrupted. On the other hand, CSP might be storing redundant data that could increase the storage cost for the CSP and computational cost of data auditing for the user. In this paper, we propose a Blockchain-based public auditing and deduplication scheme with a fair arbitration system against procrastinating auditors. The key idea requires auditors to record each verification using smart contract and store the result into a Blockchain as a transaction. Our scheme can detect and punish the procrastinating auditors and compensate users in the case of any data loss. Additionally, our scheme can detect and delete duplicate data that improve storage utilization and reduce the computational cost of data verification. Experimental evaluation demonstrates that our scheme is provably secure and does not incur overhead compared to the existing public auditing techniques while offering an additional feature of verifying the auditor’s performance.