2020-03-11

Securing ROS robotics platforms

Steps to maximise robotics security with Ubuntu

From manufacturing to agriculture, healthcare, logistics and beyond, robots are becoming an increasingly common sight, and an increasingly critical value driver across verticals. Industrial use cases alone account for more than 500,000 new robots each year, and that number is only growing. But despite this widespread adoption, using robots securely still presents a major challenge.

Modern robots are typically designed to be open, robust, and easy to operate and repair. However, many of these systems are not adequately secured against threats – particularly given that robots are often accessible via the internet for remote operation, creating a uniquely large attack surface.

There is no silver bullet when it comes to robotics security. Instead, the best approach is defense in depth (DiD), combining multiple layers of protection.

This whitepaper will address an essential security layer, whose key role is easily overlooked: your robot’s underlying operating system (OS). We’ll discuss the easy steps you can take to secure your robot by building on top of Ubuntu, and how Ubuntu Core provides you with enterprise-grade security for your robot out of the box.

Using the Raspberry Pi based model of TurtleBot3 as an example, this whitepaper details practical steps for securing robots on Ubuntu, including:

  • How to minimise the attack surface by disabling USB, IPv6, core dump, and other functionalities that are not in use.
  • Enabling unattended upgrades to keep automatically up-to-date with the latest security vulnerability patches.
  • Mitigating brute force attacks through SSH hardening and firewall configuration.
Contact information
  • In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.