Access Control Requirements for Autonomous Robotic Fleets

2023-01-0104

04/11/2023

Features
Event
WCX SAE World Congress Experience
Authors Abstract
Content
Access control enforces security policies for controlling critical resources. For V2X (Vehicle to Everything) autonomous military vehicle fleets, network middleware systems such as ROS (Robotic Operating System) expose system resources through networked publisher/subscriber and client/server paradigms. Without proper access control, these systems are vulnerable to attacks from compromised network nodes, which may perform data poisoning attacks, flood packets on a network, or attempt to gain lateral control of other resources. Access control for robotic middleware systems has been investigated in both ROS1 and ROS2. Still, these implementations do not have mechanisms for evaluating a policy's consistency and completeness or writing expressive policies for distributed fleets. We explore an RBAC (Role-Based Access Control) mechanism layered onto ROS environments that uses local permission caches with precomputed truth tables for fast policy evaluation. To demonstrate the features, we will compare policy outputs against SROS (Secure ROS) policies and test our approach against simulated malicious adversaries with penetration testing and fuzzing techniques.
Meta TagsDetails
DOI
https://doi.org/10.4271/2023-01-0104
Pages
8
Citation
Tusing, N., and Brooks, R., "Access Control Requirements for Autonomous Robotic Fleets," SAE Technical Paper 2023-01-0104, 2023, https://doi.org/10.4271/2023-01-0104.
Additional Details
Publisher
Published
Apr 11, 2023
Product Code
2023-01-0104
Content Type
Technical Paper
Language
English