The Robot Operating System (ROS) is a popular open-source platform for advanced robotics. Its flexibility and ease-of-use make it well-suited to a wide array of robotics applications – however, these robots are not always sufficiently protected against security threats.
Opportunistic attacks are by far the most prevalent, and robots with inadequate ROS security make tempting targets for bad actors. With that in mind, approaching robotics security proactively is crucial to preventing breaches and saving resources in the long run. Security starts with the underlying operating system, and building robots on Ubuntu unlocks a number of easy, yet effective, measures for maximising protection against the most dominant threats.
Using the Raspberry Pi based model of TurtleBot3 as an example, this whitepaper details practical steps for securing robots on Ubuntu, including:
- How to minimise the attack surface by installing the Ubuntu Server image, and by disabling USB, IPv6, core dump, and other functionalities that are not in use.
- Enabling unattended upgrades to keep automatically up-to-date with the latest security vulnerability patches.
- Mitigating brute force attacks through SSH hardening and firewall configuration.