Access Control Requirements for Autonomous Robotic Fleets

Access control enforces security policies for controlling critical resources. For V2X (Vehicle to Everything) autonomous military vehicle fleets, network middleware systems such as ROS (Robotic Operating System) expose system resources through networked publisher/subscriber and client/server paradigms. Without proper access control, these systems are vulnerable to attacks from compromised network nodes, which may perform data poisoning attacks, flood packets on a network, or attempt to gain lateral control of other resources. Access control for robotic middleware systems has been investigated in both ROS1 and ROS2. Still, these implementations do not have mechanisms for evaluating a policy's consistency and completeness or writing expressive policies for distributed fleets. We explore an RBAC (Role-Based Access Control) mechanism layered onto ROS environments that uses local permission caches with precomputed truth tables for fast policy evaluation. To demonstrate the features, we will compare policy outputs against SROS (Secure ROS) policies and test our approach against simulated malicious adversaries with penetration testing and fuzzing techniques.

• Record URL:
  https://doi.org/10.4271/2023-01-0104
• Availability:
  • Find a library where document is available. Order URL: http://worldcat.org/issn/01487191
• Supplemental Notes:
  • Abstract reprinted with permission of SAE International.
• Authors:
  • Tusing, Nathan
  • Brooks, Richard
• Conference:
  • WCX SAE World Congress Experience
  • Location: Detroit Michigan, United States
  • Date: 2023-4-18 to 2023-4-20
• Publication Date: 2023-4-11

Language

• English

Media Info

• Media Type: Web
• Features: References;
• Serial:
  • SAE Technical Paper
  • Publisher: Society of Automotive Engineers (SAE)
  • ISSN: 0148-7191
  • EISSN: 2688-3627
  • Serial URL: http://papers.sae.org/

Subject/Index Terms

• TRT Terms: Autonomous vehicles; Computer security; Military vehicles; Robotics; Vehicle fleets
• Subject Areas: Highways; Vehicles and Equipment;

Filing Info

• Accession Number: 01879546
• Record Type: Publication
• Source Agency: SAE International
• Report/Paper Numbers: 2023-01-0104
• Files: TRIS, SAE
• Created Date: Apr 19 2023 4:34PM