Researchers from the University of British Columbia (Canada) said that hacking Mars rovers and drones could be quite easy. They discovered dangerous vulnerabilities in the software of robotic vehicles, the operation of which can cause a malfunction in their work.
Robotic vehicles (RVs) are cyber-physical systems that operate in the physical world under the control of software functions. They are increasing used in many industrial sectors. RVs relyon sensors and actuators for system operations and navigation.
“We propose automated algorithms for performing the attacks without requiring the attacker to apply significant efforts or know specific details of the RV, making the attacks applicable to a wide range of RVs.”, — said researchers.
Experts modeled three types of covert attacks on robotic vehicles, which led to a malfunction of devices or premature completion of tasks.
The first attack (False Data Injection) allows an attacker to transmit false indicators to gyro sensors, making the device unstable.
The second technique (Artificial Delay) is associated with the initiation of an artificial delay between certain actions or tasks during device operation, which affect key system functions.
The last method is called Switch Mode. It allows injecting malicious code that can cause a malfunction of the robotic vehicle during switching between operation modes.
The attacks were carried out on both real and simulated devices, and practically did not require human intervention. As experts noted, none of these attacks can be detected by popular protective equipment.
“We find that the control modelsare incapable of detecting our stealthy attacks, and that the attackscan have significant adverse impact on the RV’s mission (e.g., causethe RV to crash or deviate from its target significantly)”, — told researchers from the University of British Columbia.
Robotic vehicles use special algorithms to follow the course while driving and detect unusual behavior that signals about an attack. However, some degree of deviation from the course of the trip is usually allowed to take into account external factors, such as friction and wind, and these deviations can use attackers.
One described way to mitigate the attacks in this paper is to design adaptive thresholds and variable monitoring windows for the IDS (Intrusion Detection System) techniques. If the IDS uses an adaptive threshold, the leeway for injecting false values into sensor and actuator parameters will decrease, which in turn will reduce the impact of the FDI and switch mode attacks. If the attacker injects a fixed size delay , an IDS using a variable sized monitoring window may detect the attack.
User Review( votes)