CIO Influence
CIO Influence News Robots

Alias Robotics discovers numerous and dangerous vulnerabilities in the Robot Operating System’s (ROS) communications that can have “devastating consequences”

Alias Robotics discovers numerous and dangerous vulnerabilities in the Robot Operating System's (ROS) communications that can have "devastating consequences"
The robo cyber security firm from Vitoria-Gasteiz (Spain) is once again leading an investigation involving international experts on the importance of security in the Robot Operating System (ROS) and the DDS communications middlware
The participants in the study have discovered more than a dozen of  dangerous vulnerabilities present in more than 650 devices online today, very common in the Industrial field, the University, and even in Hospitals and Military Agencies
Alias Robotics’ research has been cited and published by the United States Cybersecurity Infrastructure and Security Agency, which reflects the importance of the conclusions set forth.
To mitigate these vulnerabilities, Alias Robotics has contributed to SROS2, a series of developer tools to detect insecurities in ROS 2 and DDS

A team of researchers led by the Spanish firm Alias Robotics – specialized in robotic cybersecurity – together with cybersecurity experts from several multinationals and cybersecurity professionals from various governments, have discovered about fifteen dangerous vulnerabilities, some critical, in the Robot Operating System (ROS) and the DDS communications protocols that affect industrial systems and robots that, if used by cybercriminals, could have “devastating consequences. In turn, they have detected that these vulnerabilities are present in almost 650 different devices exposed on the Internet and used not only in industry, but also in healthcare or in the military field.

Top iTechnology SaaS News: Vulcan Cyber Joins Microsoft Intelligent Security Association, Integrates Microsoft Defender for Endpoint Threat and Vulnerability Management into Cyber Risk Management Platform

Robotics and IT security professionals from the firm Alias Robotics in Spain have collaborated in recent months with security experts from around the world in the detection of security vulnerabilities in the Robot Operating System (ROS) and in the software communications middleware DDS (“Data Distribution Service”), present in many systems (autonomous cars, industrial robotic arms, aerospace systems, military equipment, critical infrastructure, …), as well as in industrial robots.

In particular, the vulnerabilities affect DDS, an ‘intermediate software’ (called middleware) that is the main communication bus between different robotic devices, that is, the core of ROS 2 (Robot Operating System ), which is used by the majority of robotics engineers for all types of present or future industrial robots, with applications in the business world, in the industrial field, but also in the world of health, as is the case of surgical robots. As per Victor Vilches studies suggests that the use of ROS will grow significantly over the next few years and that by 2024, 55% of commercialized robots will use ROS.

Top iTechnology Cloud News: Aruba ESP Delivers Cloud-native Services to Automate and Accelerate the Deployment and Protection of Edge-to-Cloud Networks

From Alias Robotics -specialized in robot cyber security- it is considered that “DDS is a middleware still largely insecure communications technology , used in areas where security is very important, so investment in cybersecurity is needed immediately“. They also consider that the response times of the DDS manufacturers are too long, “which greatly exposes these systems to cyber-attacks,” according to Víctor Mayoral-Vilches, a leading robot cybersecurity researcher from Alias Robotics and founder of the startup.

In his opinion, ” cybercriminals could today use these vulnerabilities to paralyze robots and critical infrastructures all over the world leveraging DDS”. The company from Vitoria warns that it is necessary for robotics and automation companies to invest in cybersecurity and cooperate “with qualified groups in robot cybersecurity”.

Top iTechnology Analytics News: Millennium Corp Unlocks the Power of Infused Analytics With Sisense, Bolstering Accountability Across Its Businesses

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

New Pillsbury Report Explores the Benefits and Risks of AI in Cybersecurity

CIO Influence News Desk

XQ and Strategic Communications Announce their Partnership Designed to Bring XQ’s Breakthrough Zero Trust Solutions to the Public Sector

CIO Influence News Desk

Veeam Selected as Data Protection Provider Of Lenovo TruScale Platform

CIO Influence News Desk

Leave a Comment