Robot Security Framework (RSF)

Aztarna, a footprinting tool for robots

Introducing Aztarna, a tool for ROS, SROS and industrial router footprinting. Search for connected robots on the internet.

Industry 4.0 is changing the commonly held assumption that robots are to be deployed in closed and isolated networks. When analyzed from a security point of view, the global picture is disheartening: robotics industry has not seriously allocated effort to follow good security practices in the robots produced. Instead, most manufacturers keep forwarding the problem to the end-users of these machines. As learned in previous technological revolutions, such as at the dawn of PCs or smartphones, action needs to be taken in time to avoid disastrous consequences. In an attempt to provide the robotics and security communities with the right tools to perform assessments, in this paper we present aztarna, a footprinting tool for robotics. We discuss how such tool can facilitate the process of identifying vestiges of different robots, while maintaining an extensible structure aimed for future fingerprinting extensions. With this contribution, we aim to raise awareness and interest of the robotics community, robot manufacturers and robot end-users on the need of starting global actions to embrace security. We open source the tool and disclose preliminary results that demonstrate the current insecurity landscape in industry. We argue that the robotic ecosystem is in need of generating a robot security community, conscious about good practices and empowered by the right tools.

Read original paper Github repository

Introduction

Robotics is claimed to be the next technological revolution, and an onset of a new era, dominated by intelligent entities that contribute to human development. Nowadays, robots are no longer only deployed in research oriented organizations, but increasingly handle big amounts of personal and industrial data, perform a variety of automated tasks in industrial scenarios or help humans handle the most hazardous activities. Lately, robot cybersecurity is under question, because recent research shown out the insecurity status of the state of the art in the robotics era and underlined how downstream implications of vulnerable robots are surpassing those of conventional Information Technologies . Some laudable efforts have pointed out an array of internet-exposed robots that are easily accessible for a remote user by searching for a specific pattern, namely a robot footprint.

The example provided by the authors is just a plain particular snapshot of the dooming stage of insecurity of robotics, down to more restrictive scenarios, such as industry, professional environments or simulations and gamification platforms . The authors in mention that the results were surprising for themselves. However, they do not provide additional details or resources to reproduce the method disclosed in the research paper, nor dig more on the nature of the findings and downstream implications.

Footprinting, also known as reconnaissance is the blueprinting of the security profile of a digital system and its organization, undertaken in a methodological manner. To get this information, typically, a security analyst might use various tools and technologies such as whois, nslookup, traceroute, enumerators or pinging. When applied to robotics, we define robot footprinting as the technique used for gathering information about robots and the entities they belong to. This information becomes very useful when performing security analysis over specific systems.

While footprinting is often understood as a mechanism to obtain network information about a digital system in a generalized manner and using common tools, fingerprinting implies fine tuning the networking requests to elicit a specific signature response from the target device. The procedure allows to obtain additional information such as the Operating System, its version, specific libraries deployed, etc. The boundary between both aspects, footprinting and fingerprinting, is often unclear for new digital systems since one requires the other and depends on the tools available. When looking at robotics, we notice that neither footprinting nor fingerpriting tools have been made available. The direct implication of this fact is that the security researcher, in all cases, needs to develop its own tools.

In an attempt to provide the robotics and security communities with the right tools to perform assessments, we discuss aztarna, a security tool that enables robot footprinting. We discuss how such tool can facilitate the process of identifying blueprints of different robots, while maintaining a extensible structure aimed for future fingerprinting extensions. Section prior will introduce some of the prior work and results available. Section aztarna will present the aztarna tool, discuss its structure, supported robotic technologies and demonstrate its capabilities through several examples. Section scan_results will describe the results obtained while experimenting with aztarna. Finally, section conclusion will provide some remarks and share a few pointers towards extensions of aztarna meant for robot fingerprinting.

Aztarna

In Basque language, aztarna means blueprint or mark, in its various forms and meanings. Those include footprint (aztarna in Basque) and fingerprint (hatz-aztarna). Even in such an ancient language, this same word may be used to name marks upon a given surface and also describe vestiges appertaining to a concrete organism or entity. Thus, the pre-romanic language was accurate at the time when defining a word that adheres very well to the definition of robot footprinting; which basically stands for the information gathering on the reconnaissance phase. Thereafter, particular identification deepens into each particular robot through a process that requires crafting specific requests. Such process, known as fingerprinting deepens into unique identifiers or features of a particular robot, e.g. OS, libraries, versions or particular communication middlewares signatures.

Motivated by the lack of dedicated tooling for security research in the field of robotics, we have developed aztarna, a tool aimed to help in the detection and scan of robots and robot technologies (including software components) on a network. The tool, developed in Python 3, helps to search for connected robots and gathers some information from those found.

Figure above illustrates the philosophy behind the aztarna tool. There are three well identified phases that may repeat for each target. For the purpose of this article, our work will focus on the first two phases -scanning and footprinting-, leaving fingerprinting for future work. The architecture of aztarna has been designed to favour its extension towards more and more robotic technologies. The structure of the files within the tool is illustrated in listing \ref{listing:aztarnafiles} where lines 14, 16 and 18 show three folders that contain robot technology-specific code for its footprinting, namely robot adapters. Further extensions can follow a similar pattern and implement the corresponding functions enabling additional robot technology.

aztarna has different work modes that allow to use the tool in different scenarios, and together with other tools. The robot footprinting tool provides flexibility when deciding on the hosts to scan, which can be loaded from an input file, determined by a network IP range, or even loaded from stdin as part of a pipe. This allows to use aztarna in conjunction with tools aimed for massive scans such as ZMap, to scan vast amounts of hosts, even the whole Internet network range. Regarding the ports to scan, the tool also allows to choose between a single port, a range of ports or a port list.

For large scan performance improvement, aztarna provides a basic and a extended mode of scan. With the same purpose, extensive usage of asynchronous development has been used, with the help of Python AsyncIO. This allows the application to handle a big number of concurrent connections without the usage of threads, and improves the performance substantially in comparison to them.

The results provided by aztarna can be exported to standard CSV files, containing all the data gathered from the nodes. This allows to employ results for future analysis. The output file contains a common structure including all the findings, that when exported to third party tools provide ways to filter the results by resource type, names, addresses, and therefore, by found robots. The usage of aztarna is straightforward, as all the different behaviours are defined by command line parameters, which are described when calling the tool with no parameters.

For more details about our work, read the full paper here.

Acknowledgements

This research has been partially funded by the Basque Government, throughout the Business Development Agency of the Basque Country (SPRI) through the Ekintzaile 2018 program. Special thanks to BIC Araba for the support provided.

Table of Contents

Cite our work

@ARTICLE{2018arXiv181209490V, author = {{Vilches}, V{\'\i}ctor Mayoral and {Mendia}, Gorka Olalde and {Baskaran}, Xabier Perez and {Cordero}, Alejandro Hern{\'a}ndez and {Juan}, Lander Usategui San and {Gil-Uriarte}, Endika and {de Urabain}, Odei Olalde Saez and {Kirschgens}, Laura Alzola}, title = "{Aztarna, a footprinting tool for robots}", journal = {arXiv e-prints}, keywords = {Computer Science - Cryptography and Security, Computer Science - Robotics}, year = 2018, month = Dec, eid = {arXiv:1812.09490}, pages = {arXiv:1812.09490}, archivePrefix = {arXiv}, eprint = {1812.09490}, primaryClass = {cs.CR}, adsurl = {https://ui.adsabs.harvard.edu/\#abs/2018arXiv181209490V}, adsnote = {Provided by the SAO/NASA Astrophysics Data System} }