Ruffin White,Gianluca Caiazza,Henrik I. Christensen,Agostino Cortesi

DOI: https://doi.org/10.48550/arXiv.1810.08125

IF: 3.7

2018-10-18

Robotics

Abstract:Security of robotics systems, as well as of the related middleware infrastructures, is a critical issue for industrial and domestic IoT, and it needs to be continuously assessed throughout the whole development lifecycle. The next generation open source robotic software stack, ROS2, is now targeting support for Secure DDS, providing the community with valuable tools for secure real world robotic deployments. In this work, we introduce a framework for procedural provisioning access control policies for robotic software, as well as for verifying the compliance of generated transport artifacts and decision point implementations.

Yuxiang Cui,Longzhong Lin,Xiaolong Huang,Dongkun Zhang,Yunkai Wang,Wei Jing,Junbo Chen,Rong Xiong,Yue Wang

DOI: https://doi.org/10.1109/icra46639.2022.9811950

2022-01-01

Abstract:Safety is of great importance in multi-robot navigation problems. In this paper, we propose a control barrier function (CBF) based optimizer that ensures robot safety with both high probability and flexibility, using only sensor measurement. The optimizer takes action commands from the policy network as initial values and provides refinement to drive the potentially dangerous ones back into safe regions. With the help of a deep world model that predicts the evolution of surrounding dynamics and the consequences of different actions, the CBF module can guide the optimization within a reasonable time horizon. We also present a novel joint training framework that improves the cooperation between the Reinforcement Learning (RL) based policy and the CBF-based optimizer by utilizing reward feedback from the CBF module. We observe that our policy can achieve a higher success rate while maintaining the safety of multiple robots in significantly fewer episodes. Experiments are conducted in multiple scenarios both in simulation and the real world, the results demonstrate the effectiveness of our method in maintaining the safety of multiple robots. Code is available at https://github.com/YuxiangCui/MARL-OCBF.

Xiyuan Chen,Yang OUYang,Miaoliang Zhu,Yan He

DOI: https://doi.org/10.1109/ICYCS.2008.407

2008-01-01

Abstract:The emerging grid infrastructure presents many challenging security issues that demand new access approach due to its inherent heterogeneity, multidomain characteristic and highly dynamic nature. In order to protect the secure sharing and coordinated use of diverse resources in distributed "virtual organizations", fine-grained access control in grid computing is therefore very necessary and important. In this paper, a semantic-aware access conrtol(SAAC) extending the RBAC with the semantic specification is proposed. Supplying semantic specification by the implementation of semantic inference engine (SIE), the administration for the applicability of users' role memberships to particular permissions is much more easy and precise. The enforcement of the SAAC model for grid application is presented. An experimental evaluation of its overheads is also described.

Fenghua Li,Zifu Li,Weili Han,Ting Wu,Lihua Chen,Yunchuan Guo

DOI: https://doi.org/10.1109/dsc.2017.100

2017-01-01

Abstract:With the rapid development of information technologies, our daily life has become deeply dependent on cyberspace. The new technologies provide more facilities and enhancements to the existing Internet services as it allows users more flexibility in terms of exploring webpages, sending messages or publishing tweets via cell phones or laptops. However, there are many security issues such as security policy definition and security policy enforcement of current cyberspace. In this paper, we study information access problems in cyberspace where users leverage devices via the Internet to access sensitive objects with temporal and spatial limitations. We propose a Cyberspace-oriented Access Control model (CoAC) to ensure the security of the mentioned accesses in cyberspace. The proposed model consists of seven atomic operations, such as Read, Write, Store, Execute, Publish, Forward and Select, which can denote all operations by the combination of several atomic operations in cyberspace. For each atomic operation, we assemble a suite of security policies and demonstrate its flexibility. By that, a series of security policies are denfined for CoAC.

Tianhao Wang,Ke Chen,Zhaohua Zheng,Jiahao Guo,Xiying Zhao,Shenhui Zhang

DOI: https://doi.org/10.3390/s24103241

2024-05-20

Abstract:With the application of robotics in security monitoring, medical care, image analysis, and other high-privacy fields, vision sensor data in robotic operating systems (ROS) faces the challenge of enhancing secure storage and transmission. Recently, it has been proposed that the distributed advantages of blockchain be taken advantage of to improve the security of data in ROS. Still, it has limitations such as high latency and large resource consumption. To address these issues, this paper introduces PrivShieldROS, an extended robotic operating system developed by InterPlanetary File System (IPFS), blockchain, and HybridABEnc to enhance the confidentiality and security of vision sensor data in ROS. The system takes advantage of the decentralized nature of IPFS to enhance data availability and robustness while combining HybridABEnc for fine-grained access control. In addition, it ensures the security and confidentiality of the data distribution mechanism by using blockchain technology to store data content identifiers (CID) persistently. Finally, the effectiveness of this system is verified by three experiments. Compared with the state-of-the-art blockchain-extended ROS, PrivShieldROS shows improvements in key metrics. This paper has been partly submitted to IROS 2024.

XIE Dong-wen,LIU Min,WU Cheng

DOI: https://doi.org/10.3969/j.issn.1006-5911.2005.04.020

2005-01-01

Computer Integrated Manufacturing Systems

Abstract:To guarantee the information security in information acquisition and management in enterprises, an Policy-Based Access Control (PBAC) model was proposed. Definition and compositions of PBAC model were introduced. 9 kinds of rules of PBAC in enterprise information system were provided for enterprises to follow. In addition, a universal and extensible solution was advanced. The solution has been successfully applied in some large project management software. Application has indicated that the proposed solution can greatly lessen software development cycle and improve maintainability.

Wang Baoyi,Zhang Shaomin,Zhilei Zhang

DOI: https://doi.org/10.1109/ICIT.2008.4608609

2008-01-01

Abstract:Role-based Access Control (RBAC) policy separates user and privilege logically by importing the concept of role, which can simplify the management of privilege in electric power enterprise. As the development and sustaining change of electric power system, unattended substations become the new developing direction. Unattended substation automation system will realize centralized management and remote control, so the use of RBAC access control method will aggravate the burden of the access control server. What is more, it adds the complexity of management. RBAC could not meet the needs of the system. This paper designs Distributed RBAC access control model, according to the substation automation system structure stated in IEC61850. Users obtain their roles in centralized server, and obtain their privilege dispersedly. The efficiency is improved. Management is more convenient. In the end, a practical example is presented to prove that the designed model and algorithm have high security, feasibility and effectiveness in unattended substation automation system. Because the model and algorithm are designed according to the ITU-T X.509 and IEC61850 international standards, the design has high currency, adaptability and expansibility. ©2008 IEEE.

Yuan Xu,Yungang Bao,Sa Wang,Tianwei Zhang

DOI: https://doi.org/10.1109/tdsc.2023.3348772

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Robot apps are becoming more automated, complex and diverse. An app usually consists of many functions, interacting with each other and the environment. This allows robots to conduct various tasks. However, it also opens a new door for cyber attacks: adversaries can leverage these interactions to threaten the safety of robot operations. Unfortunately, this issue is rarely explored in past works. We present the first systematic investigation about the function interactions in common robot apps. First, we disclose the potential risks and damages caused by malicious interactions. We introduce a comprehensive graph to model the function interactions in robot apps by analyzing 3,100 packages from the Robot Operating System (ROS) platform. From this graph, we identify and categorize three types of interaction risks. Second, we propose novel methodologies to detect and mitigate these risks and protect the operations of robot apps. We introduce security policies for each type of risks, and design coordination nodes to enforce the policies and regulate the interactions. We conduct extensive experiments on 110 robot apps from the ROS platform and two complex apps (Baidu Apollo and Autoware) widely adopted in industry. Evaluation results showed our methodologies can correctly identify and mitigate all potential risks.

computer science, information systems, software engineering, hardware & architecture

袁平鹏,陈刚,董金祥

DOI: https://doi.org/10.3321/j.issn:1003-9775.2004.04.006

2004-01-01

Abstract:An access control paradigm composed of basic model and role model is proposed for collaborative applications. Basic model specifies the relationship among privileges and the way of ranking privileges. It relates privilege with operations on the objects, so the model appears more straightforward. Moreover, if Brokers' implementation permits, the model can support any grained access control. Role model re-defines the role concept of RBAC96, divides the permissions of role into public permissions, protect permissions and private permissions. It allows user to define roles more flexibly, prevents private permissions of roles from being inherited and reduces the definition of ancillary roles.

Lei Shi,Qichao Liu,Cheng Zhou,Xiong Li

2024-09-17

Abstract:This paper proposes a fair control framework for multi-robot systems, which integrates the newly introduced Alternative Authority Control (AAC) and Flexible Control Barrier Function (F-CBF). Control authority refers to a single robot which can plan its trajectory while considering others as moving obstacles, meaning the other robots do not have authority to plan their own paths. The AAC method dynamically distributes the control authority, enabling fair and coordinated movement across the system. This approach significantly improves computational efficiency, scalability, and robustness in complex environments. The proposed F-CBF extends traditional CBFs by incorporating obstacle shape, velocity, and orientation. F-CBF enhances safety by accurate dynamic obstacle avoidance. The framework is validated through simulations in multi-robot scenarios, demonstrating its safety, robustness and computational efficiency.

Robotics

Salma Salimi,Farhad Keramat,Tomi Westerlund,Jorge Peña Queralta

DOI: https://doi.org/10.48550/arXiv.2308.16482

2023-08-31

Abstract:As multi-robot systems continue to advance and become integral to various applications, managing conflicts and ensuring secure access control are critical challenges that need to be addressed. Access control is essential in multi-robot systems to ensure secure and authorized interactions among robots, protect sensitive data, and prevent unauthorized access to resources. This paper presents a novel framework for customizable conflict resolution and attribute-based access control in multi-robot systems for ROS 2 leveraging the Hyperledger Fabric blockchain. We introduce an attribute-based access control (ABAC) Fabric-ROS 2 bridge to enable secure communication and control between users and robots. By defining conflict resolution policies based on task priorities, robot capabilities, and user-defined constraints, our framework offers a flexible way to resolve conflicts. Additionally, it incorporates attribute-based access control, granting access rights based on user and robot attributes. ABAC offers a modular approach to control access compared to existing access control approaches in ROS 2, such as SROS2. Through this framework, multi-robot systems can be managed efficiently, securely, and adaptably, ensuring controlled access to resources and managing conflicts. Our experimental evaluation shows that our framework marginally improves latency and throughput over exiting Fabric and ROS 2 integration solutions. At higher network load, it is the only solution to operate reliably without a diverging transaction commitment latency. We also demonstrate how conflicts arising from simultaneous control or a robot by two users are resolved in real-time and motion distortion is effectively eliminated.

Robotics

Bernhard Dieber,Benjamin Breiling,Sebastian Taurer,Severin Kacianka,Stefan Rass,Peter Schartner

DOI: https://doi.org/10.1016/j.robot.2017.09.017

IF: 3.7

2017-12-01

Robotics and Autonomous Systems

Abstract:Future robotic systems will be situated in highly networked environments where they communicate with industrial control systems, cloud services or other systems at remote locations. In this trend of strong digitization of industrial systems (also sometimes referred to as Industry 4.0), cyber attacks are an increasing threat to the integrity of the robotic systems at the core of this new development. It is expected, that the Robot Operating System (ROS) will play an important role in robotics outside of pure research-oriented scenarios. ROS however has significant security issues which need to be addressed before such products should reach mass markets. In this paper we present the most common vulnerabilities of ROS, attack vectors to exploit those and several approaches to secure ROS and similar systems. We show how to secure ROS on an application level and describe a solution which is integrated directly into the ROS core. Our proposed solution has been implemented and tested with recent versions of ROS, and adds security to all communication channels without being invasive to the system kernel itself.

robotics,automation & control systems,computer science, artificial intelligence

Cheng Zang,Zhongdong Huang,Ke Chen,Jinxiang Dong

DOI: https://doi.org/10.1007/978-3-540-72863-4_64

2007-01-01

Abstract:Dynamic policy enables the system to adjust the policies according to the changing circumstance, and makes the system more flexible and adaptive. We have proposed a dynamic model and the idea is to dynamically change the policy according to a pair of states rather than one state, which provides more information for the policy decision making, thus makes policy more accurate. The dynamic policy architecture based on this model is built in this paper, and we describe the components and steps of detecting a change, deciding the pair of current and previous states and picking up the policy according to the change.

Diba Afroze,Yazhou Tu,Xiali Hei

DOI: https://doi.org/10.1007/978-3-031-51630-6_10

2024-09-16

Abstract:The integration of artificial intelligence, especially large language models in robotics, has led to rapid advancements in the field. We are now observing an unprecedented surge in the use of robots in our daily lives. The development and continual improvements of robots are moving at an astonishing pace. Although these remarkable improvements facilitate and enhance our lives, several security and privacy concerns have not been resolved yet. Therefore, it has become crucial to address the privacy and security threats of robotic systems while improving our experiences. In this paper, we aim to present existing applications and threats of robotics, anticipated future evolution, and the security and privacy issues they may imply. We present a series of open questions for researchers and practitioners to explore further.

Robotics,Human-Computer Interaction

Cui Zheyuan,Md Arafatur Rahman,Hai Tao,Yao Liu,Du Pengxuan,Zaher Mundher Yaseen

DOI: https://doi.org/10.3233/wor-203416

2021-01-01

Work

Abstract:BACKGROUND: The increasing use of robotics in the work of co-workers poses some new problems in terms of occupational safety and health. In the workplace, industrial robots are being used increasingly. During operations such as repairs, unmanageable, adjustment, and set-up, robots can cause serious and fatal injuries to workers. Collaborative robotics recently plays a rising role in the manufacturing filed, warehouses, mining agriculture, and much more in modern industrial environments. This development advances with many benefits, like higher efficiency, increased productivity, and new challenges like new hazards and risks from the elimination of human and robotic barriers. OBJECTIVES: In this paper, the Advanced Human-Robot Collaboration Model (AHRCM) approach is to enhance the risk assessment and to make the workplace involving security robots. The robots use perception cameras and generate scene diagrams for semantic depictions of their environment. Furthermore, Artificial Intelligence (AI) and Information and Communication Technology (ICT) have utilized to develop a highly protected security robot based risk management system in the workplace. RESULTS: The experimental results show that the proposed AHRCM method achieves high performance in human-robot mutual adaption and reduce the risk. CONCLUSION: Through an experiment in the field of human subjects, demonstrated that policies based on the proposed model improved the efficiency of the human-robot team significantly compared with policies assuming complete human-robot adaptation.

Huanchun Peng,Jun Gu,Xiaojun Ye

DOI: https://doi.org/10.1109/ispa.2008.80

2008-01-01

Abstract:This article presents a new approach for privacy preserving access control based on RBAC. The separation of authorization of access purpose from access decision improves the flexibility of private data control. A key feature of this approach is dynamic. The access purpose is determined in a dynamic manner, based on subject attributes, context attributes and authorization policies. Intended purposes are dynamically associated with the requested data object during the access decision. Finally, we give the algorithm to achieve the compliance computation between the access purpose and intended purposes.

Wang Zhenjiang,Liu Qiang

DOI: https://doi.org/10.3321/j.issn:1002-8331.2005.35.009

2005-01-01

Abstract:Authority Management is a most important aspect of Information Systems.A successful information system is always supported by a well-designed access control system.Role-based access control policy,which is the focus of access control study nowadays,is more flexible and less management burden.Based on Role-Based Access Control(RBAC) and Task-Role-based Access Control,this paper gives a flexible extended access contrl models,XRBAC,standing for Extended Role-Based Access Control,which extends the definition of role management and authority.

M Kokila,G Amalredge

DOI: https://doi.org/10.46632/daai/3/2/20

2023-02-01

Data Analytics and Artificial Intelligence

Abstract:The traditional robotic arm control method has strong dependence on the application scenario. To improve the reliability of the mobile robotic arm control when the scene is disturbed, this paper proposes a control method based on an improved proximal policy optimization algorithm. This study researches mobile robotic arms for opening doors. At first, the door handle position is obtained through an image-recognition method based on YOLOv5. Second, the simulation platform CoppeliaSim is used to realize the interaction between the robotic arm and the environment. Third, a control strategy based on a reward function is designed to train the robotic arm and applied to the opening-door task in the real environment. In this paper PPO algorithm is used to solve the result. The experimental results show that the proposed method can accelerate the convergence of the training process. Besides, our method can effectively reduce the jitter of the robotic arm and improve the stability of control.

LIANG Jinqian,GUAN Xiaohong

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.02.009

2007-01-01

Abstract:This paper introduces an access control mechanism called PBAC(process-based access control),which models from the active process,based on the access control model of current operating system,according to the role of process,the process privilege is assigned and managed in more detail.It enhances information confidentiality,integrity and controllability,and reduces the malicious code threat to the computer system.The basic concepts of PBAC are introduced and a formalization description is given,and the implementation in the Windows platform is discussed.

Michael Mintrom,Shanti Sumartojo,Dana Kulić,Leimin Tian,Pamela Carreno-Medrano,Aimee Allen

DOI: https://doi.org/10.1080/25741292.2021.1905342

2021-04-06

Policy Design and Practice

Abstract:<span>Rapid advances in digital technologies have allowed robots to become more autonomous and efficacious than ever before. Future developments in robotics hold the potential to transform human robot interactions. We can expect to see robots performing a variety of functions in public spaces. Possibilities exist for robots to greatly improve the quality of our lives and to contribute positively to the safety, creative potential, and atmosphere of public spaces. But as this trend develops, the risk emerges of robots transforming public spaces and social interactions in undesirable ways. By reviewing previous public policy approaches to harnessing and regulating disruptive technology, we consider how public policy could simultaneously enhance opportunities created by the presence of robots in public spaces and reduce the risks of undesirable outcomes. We summarize key insights into a policy design checklist to guide policies on robots in public spaces. These insights cover (1) safety, (2) privacy and ethics, (3) productivity, (4) esthetics, (5) co-creation, (6) equitable access, and (7) systemic innovation.</span>