Analyzing Security Vulnerability and Forensic Investigation of ROS2

What is it about?

With the growing future of robotics, it has been distinguished that robots are becoming more vulnerable in the present era. An enormous number of robots have been manufactured these days, most of which have been developed over middleware application ROS. However, many operating systems such as Windows, macOS and Linux do not support the ROS framework and have several security flaws. Some researchers working on robotic security have already found common vulnerabilities of the ROS middleware framework, like man-in-the-middle attacks, ARP poisoning, denial of service, etc. Like ROS, researchers have also identified some potential vulnerabilities in ROS2-based applications such as denial of service, buffer overflow, access control, authentication, authorization, etc. Compared to ROS, Linux, Windows, and macOS platforms better support the ROS2 middleware framework. One of the advanced features of ROS2 is that numerous nodes can be created in a procedure. The case study discussed in this article mainly focuses on the security flaws, anti-forensic techniques and forensic investigation of ROS2. The aim was to check whether any artifacts were acquired after attaching the malicious node to a bunch of multiple nodes working on a single process. If yes, it needs to verify the artifacts to identify evidence to prove the threat actor committed a crime in the case study. If not, it is required to build the forensic investigation framework to identify satisfactory evidence.

Featured Image

Photo by Possessed Photography on Unsplash

Photo by Possessed Photography on Unsplash

Why is it important?

Our case study focuses on the forensic investigation of ROS2-based applications and the internal security level of ROS2-based applications, which shows several vulnerabilities of ROS2, such as unauthorized access of the data, unauthorized injection of the data, and denial of service. The technique in this case study leads to compromised ROS2-based applications, and it seems that there is a lack of confidentiality, integrity and availability of the data of ROS2-based applications. However, ROS2 is the updated version, but it looks insecure in terms of commercial use. A forensic investigation was challenging to identify the cause of the crime on robots based on ROS2. There were no satisfactory artifacts or evidence captured in the forensic investigation. ROS2 is in its initial stage of development, so it is mandatory to work on the ROS2 security and forensic investigation challenges.

Perspectives