Version 1
: Received: 1 April 2024 / Approved: 1 April 2024 / Online: 2 April 2024 (16:12:24 CEST)
How to cite:
Yang, S.; Guo, J.; Rui, X. ROS2 Communication Security Vulnerability Detection Based on Formal Method. Preprints2024, 2024040143. https://doi.org/10.20944/preprints202404.0143.v1
Yang, S.; Guo, J.; Rui, X. ROS2 Communication Security Vulnerability Detection Based on Formal Method. Preprints 2024, 2024040143. https://doi.org/10.20944/preprints202404.0143.v1
Yang, S.; Guo, J.; Rui, X. ROS2 Communication Security Vulnerability Detection Based on Formal Method. Preprints2024, 2024040143. https://doi.org/10.20944/preprints202404.0143.v1
APA Style
Yang, S., Guo, J., & Rui, X. (2024). ROS2 Communication Security Vulnerability Detection Based on Formal Method. Preprints. https://doi.org/10.20944/preprints202404.0143.v1
Chicago/Turabian Style
Yang, S., Jian Guo and Xue Rui. 2024 "ROS2 Communication Security Vulnerability Detection Based on Formal Method" Preprints. https://doi.org/10.20944/preprints202404.0143.v1
Abstract
Robotic systems have been widely used in various industries, so the security of communication between robots and their components has become an issue that needs to be focused on. As a framework for developing robotic systems, the security of ROS2 can directly affect the security of the upper-level robotic systems. Therefore, it is a worthwhile research topic to detect and analyze the security of ROS2. In this paper, we adopt a formal approach to analyze the security of the communication mechanism of ROS2. First, we use a state transition system to model the potential vulnerabilities of ROS2 based on the ROS2 communication mechanism and the basic process of penetration testing. Secondly, we introduce the CIA model on the basis of the established vulnerability model and use LTL to define its security properties. Then, we design and implement a vulnerability detection tool for ROS2 applications based on the vulnerability model and security properties. Finally, we experimentally test some ROS2-based applications, and the results show that ROS2 has vulnerabilities without additional protection safeguards.
Keywords
Robotic System; ROS2; Communication mechanisms; Security and Safety Analysis; formal method
Subject
Computer Science and Mathematics, Computer Networks and Communications
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.