Researchers can take over domestic and industrial robots to spy and maim

This week at Singapore's Hack in the Box conference, researchers Lucas Apa and Cesar Cerrudo from the Argentinian security research company IOActive will present their findings on the defects in humanoid domestic robots from UBTech and Softbank and industrial robot arms from Universal Robots; they're building on research published in March in which they released incomplete findings in order to give vendors a chance to patch the vulnerabilities they discovered.

This week's disclosures reveal grave defects in Alpha2 (from UBTech), NAO (Softbank) and the robotic arms from Universal Robots.

The researchers use a combination of buffer overflows, unsigned code patching, man-in-the-middle attacks on unencrypted control protocols, and other traditional security attacks. Through these they are able to hijack Universal Robots' industrial robot arms and cause them to flail with bone-breaking force; they are able to hijack the AV streams from Alpha2 and NAO, and otherwise compromise the privacy, safety and integrity of the robots' owners.

The companies claim to have fixed these vulnerabilities; Apa and Cerrudo say they have seen no evidence of this.

In terms of actual, physical danger, the most serious of the three attacks Cerrudo and Apa developed affects Universal Robots' "collaborative" robots. These multi-jointed arms extend as far as four feet, can lift up to 22 pounds, and are work in industrial settings alongside humans. The two researchers found that the robots' software had no real authentication, and implemented only easily-cracked integrity checks meant to prevent a hacker from installing malicious updates. A live video demo shows that they could use a common security vulnerability called a "buffer overflow" to gain unauthorized access to the robot arm's operating system, and overwrite the "safety.conf" file that constrains the robot's movements with limits on its speed, the force it applies, and how it reacts when its infrared sensors detect someone nearby.

That could not only cause the robot to damage itself by overextending or overstressing its arm, but could also harm human workers within reach, they warn. "These robots have the force to cause actual bone fractures," Apa says. "Safety protections are the ultimate way they can avoid hurting the people around them. If they're hacked, the consequences could be catastrophic."


[Andy Greenberg/Wired]