Common security threats against Robot Operating Systems (ROS)


Cyber attacks are increasing threats to the integrity and smooth functioning of all Robot Operating Systems (ROS) at the core. To ensure the efficacy of the ROS, all security issues must be addressed before the robotics solutions reach mass markets.

Consider this: a collaborative robot works alongside humans to perform a certain manipulation action. Whenever a human comes close to the robot, it is supposed to slow down or even stop if the human is too close. An attacker, who is aiming to cause harm to people near a robot to damage the company’s reputation, can inject false safety readings to pretend towards the robot that no person is nearby. To avoid detection in the ROS graph and achieve additional stealth goals, the attacker changes the system by replacing the ROS nodes with another node.

In ROS, nodes intercommunicate through an API via XMLRPC, a remote procedure call protocol using XML encoding, and message/service data exchanges using transport libraries such as ROSTCP or ROSUDP for serialization over IP sockets. A glaring deficiency in the traditional infrastructure is that all network traffic is transmitted in clear text.

Additionally, no integrity checking is performed on received packets other than basic message type continuity and API call validity, i.e., there are no means to verify payload information was unaltered in transit. ROS is a prime target for packet sniffing and man-in-the-middle attacks, resulting in the absence of native network confidentiality and data integrity.

Therefore, understanding the inherent vulnerabilities of ROS is essential to mitigate the challenges. This post will discuss some of the common key possible attack vectors on a ROS application, which include unauthorized publishing or injections, unauthorized data access, and denial of service (DoS) attacks on specific ROS nodes.

Unauthorized publishing (Injections)

A node in ROS may publish data for an arbitrary topic without prior authorization, leading to the misuse by an attacker to inject data or commands into an application to disturb its operation. For instance, a robot might receive fake movement commands causing unpredictable motion that may harm nearby persons or damage equipment. Also, false sensor data might be injected into the system, e.g., to fake a normal system state after manipulation or to provoke a certain reaction in the robot. This attack can also easily be extended to redundant sensor nodes where multiple ROS nodes run independently to provide safety information.

Unauthorized data access

Every node in ROS may subscribe to every topic within the application, after which it will receive any published data for this topic. This data can contain business-critical information or may be used to reverse-engineer a production process. The attack in the form of unauthorized data access is hard to discover since a node may have no outgoing ROS communication. In other words, a malicious node that may want to listen to the “safety/human detection” topic to be informed when a human is nearby to trigger a certain action shall not be visible in the ROS graph that there is an additional subscriber present.

Denial of service

DoS attacks can easily be launched in ROS by publishing a large number of fake data. The subscriber of this message type will be flooded with bogus messages, leading to a high processing load on all nodes and a potential inability to perform meaningful processing. Since there is no control over which node may publish what data, every node in the network may be used to publish data for a topic to which a target node is subscribed. Later, this can be used for a targeted DoS attack on that node.

In ROS, a node can be shut down using a simple XMLRPC call, but this would violate the attacker’s stealth goal since that node disappears from the ROS graph. A different approach is temporarily preventing that node from doing meaningful work by publishing a huge amount of data. An attacker cannot only inject false data but can also prevent the subscriber from receiving the real data. This also enables person-in-the-middle attacks since a malicious node may act as a subscriber to a publisher and as a publisher to a subscriber and transparently record and manipulate the data flow between those two nodes.

Common cyber attacks against ROS

Here is a summary of some common security threats against Robot Operating Systems (ROS).

  • Packet Sniffing – Information transmitted between ROS nodes is captured and analyzed
  • Man-in-the-Middle – Node message traffic is intercepted, modified, and passed on
  • Rogue Nodes – Nodes capable of disturbing system operations by injecting commands about arbitrary topics.
  • Denial of Service – Nodes publish large amounts of erroneous data, which increases processing times at other nodes.
  • Message Spoofing – Nodes publishing information to execute actions outside of the purview of the valid user(s)
  • Code Injection – Attackers that have gained access to the ROS network modifying the behavior of the system
  • Zero Day Exploits – Altering the ROS network permissions.