{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,9]],"date-time":"2026-02-09T18:56:24Z","timestamp":1770663384318,"version":"3.49.0"},"reference-count":58,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2018,5,21]],"date-time":"2018-05-21T00:00:00Z","timestamp":1526860800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Deanship of Scientific Research at the \tHashemite University, Zarqa, Jordan.","award":["-"],"award-info":[{"award-number":["-"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client\/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes\/arnlServer client\/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots\/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.<\/jats:p>","DOI":"10.3390\/s18051643","type":"journal-article","created":{"date-parts":[[2018,5,22]],"date-time":"2018-05-22T04:34:03Z","timestamp":1526963643000},"page":"1643","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":37,"title":["Analyzing Cyber-Physical Threats on Robotic Platforms"],"prefix":"10.3390","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0737-4107","authenticated-orcid":false,"given":"Khalil","family":"Ahmad Yousef","sequence":"first","affiliation":[{"name":"Department of Computer Engineering, The Hashemite University, Zarqa 13115, Jordan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4031-670X","authenticated-orcid":false,"given":"Anas","family":"AlMajali","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, The Hashemite University, Zarqa 13115, Jordan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1608-5988","authenticated-orcid":false,"given":"Salah","family":"Ghalyon","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, The Hashemite University, Zarqa 13115, Jordan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6109-7366","authenticated-orcid":false,"given":"Waleed","family":"Dweik","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, The University of Jordan, Amman 11942, Jordan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9805-1740","authenticated-orcid":false,"given":"Bassam","family":"Mohd","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, The Hashemite University, Zarqa 13115, Jordan"}]}],"member":"1968","published-online":{"date-parts":[[2018,5,21]]},"reference":[{"key":"ref_1","unstructured":"Shladover, S.E., and Nowakowski, C. (2017). Regulatory challenges for road vehicle automation: Lessons from the california experience. Transp. Res. Part A Policy Pract., in press."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Priyadarshini, I. (2017). Cyber Security Risks in Robotics. Detecting and Mitigating Robotic Cyber Security Risks, IGI Global.","DOI":"10.4018\/978-1-5225-2154-9.ch022"},{"key":"ref_3","unstructured":"Chu, J. (2018, May 03). Army Robotics in the Military. Available online: https:\/\/insights.sei.cmu.edu\/sei_blog\/2017\/06\/army-robotics-in-the-military.html."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"749","DOI":"10.1016\/j.robot.2013.04.016","article-title":"Building 3D visual maps of interior space with a new hierarchical sensor fusion architecture","volume":"61","author":"Kwon","year":"2013","journal-title":"Robot. Auton. Syst."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Lera, F.J.R., Llamas, C.F., Guerrero, \u00c1.M., and Olivera, V.M. (2017). Cybersecurity of Robotics and Autonomous Systems: Privacy and Safety. Robotics-Legal, Ethical and Socioeconomic Impacts, InTech.","DOI":"10.5772\/intechopen.69796"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1016\/j.robot.2017.10.020","article-title":"Cyber-security in robotics and autonomous systems","volume":"100","author":"Bonaci","year":"2018","journal-title":"Robot. Auton. Syst."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Chown, T., and Venaas, S. (2011). Rogue IPv6 Router Advertisement Problem Statement, Internet Engineering Task Force (IETF). RFC 6104.","DOI":"10.17487\/rfc6104"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"154","DOI":"10.1504\/IJSTM.2017.081884","article-title":"Comparing security vulnerability by operating system environment","volume":"23","author":"Seo","year":"2017","journal-title":"Int. J. Serv. Technol. Manag."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Gorbenko, A., Romanovsky, A., Tarasyuk, O., and Biloborodov, O. (2017, January 23\u201326). Experience Report: Study of Vulnerabilities of Enterprise Operating Systems. Proceedings of the 2017 IEEE 28th International Symposium on Software Reliability Engineering (ISSRE), Toulouse, France.","DOI":"10.1109\/ISSRE.2017.20"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Ahmad Yousef, K., AlMajali, A., Hasan, R., Dweik, W., and Mohd, B. (2017, January 21\u201323). Security risk assessment of the PeopleBot mobile robot research platform. Proceedings of the 2017 International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, UAE.","DOI":"10.1109\/ICECTA.2017.8251984"},{"key":"ref_11","unstructured":"Lera, F.J.R., Balsa, J., Casado, F., Fern\u00e1ndez, C., Rico, F.M., and Matell\u00e1n, V. (2016, January 16\u201317). Cybersecurity in Autonomous Systems: Evaluating the performance of hardening ROS. Proceedings of the WAF2016, M\u00e1laga, Spain."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Balsa-Comer\u00f3n, J., Guerrero-Higueras, \u00c1.M., Rodr\u00edguez-Lera, F.J., Fern\u00e1ndez-Llamas, C., and Matell\u00e1n-Olivera, V. (2017). Cybersecurity in Autonomous Systems: Hardening ROS Using Encrypted Communications and Semantic Rules. ROBOT 2017: Third Iberian Robotics Conference, Springer.","DOI":"10.1007\/978-3-319-70836-2_6"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Abeykoon, I., and Feng, X. (2017, January 21\u201323). A Forensic Investigation of the Robot Operating System. Proceedings of the 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Exeter, UK.","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData.2017.131"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Breiling, B., Dieber, B., and Schartner, P. (2017, January 24\u201327). Secure communication for the robot operating system. Proceedings of the 2017 Annual IEEE International Systems Conference (SysCon), Montreal, QC, Canada.","DOI":"10.1109\/SYSCON.2017.7934755"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Portugal, D., Pereira, S., and Couceiro, M.S. (September, January 28). The role of security in human-robot shared environments: A case study in ROS-based surveillance robots. Proceedings of the 2017 26th IEEE International Symposium on Robot and Human Interactive Communication (RO-MAN), Lisbon, Portugal.","DOI":"10.1109\/ROMAN.2017.8172422"},{"key":"ref_16","unstructured":"Gerkey, B. (2017). Why ROS 2.0?, Open Source Robotics Foundation, Inc.. Available online: https:\/\/design.ros2.org\/articles\/why_ros2.html."},{"key":"ref_17","unstructured":"(2018, May 03). PeopleBot. Available online: http:\/\/www.mobilerobots.com\/ResearchRobots\/PeopleBot.aspx."},{"key":"ref_18","unstructured":"(2018, May 03). MobileEyes. Available online: http:\/\/robots.mobilerobots.com\/MobileEyes\/README.txt."},{"key":"ref_19","unstructured":"Bonaci, T., Herron, J., Yusuf, T., Yan, J., Kohno, T., and Chizeck, H.J. (arXiv, 2015). To make a robot secure: An experimental analysis of cyber security threats against teleoperated surgical robots, arXiv."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1016\/j.robot.2017.11.002","article-title":"Quantitative analysis of security in distributed robotic frameworks","volume":"100","author":"Soriano","year":"2018","journal-title":"Robot. Auton. Syst."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"174","DOI":"10.1016\/j.robot.2017.09.018","article-title":"A comprehensive approach, and a case study, for conducting attack detection experiments in Cyber\u2013Physical Systems","volume":"98","author":"Sabaliauskaite","year":"2017","journal-title":"Robot. Auton. Syst."},{"key":"ref_22","unstructured":"(2018, May 03). SROS Project: Security Enhancements for ROS. Available online: http:\/\/wiki.ros.org\/SROS."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"192","DOI":"10.1016\/j.robot.2017.09.017","article-title":"Security for the Robot Operating System","volume":"98","author":"Dieber","year":"2017","journal-title":"Robot. Auton. Syst."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"75","DOI":"10.1016\/j.robot.2017.10.006","article-title":"Detection of Cyber-attacks to indoor real time localization systems for autonomous robots","volume":"99","year":"2018","journal-title":"Robot. Auton. Syst."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1016\/j.robot.2017.12.005","article-title":"Design and assessment of an Orthogonal Defense Mechanism for a water treatment facility","volume":"101","author":"Shrivastava","year":"2018","journal-title":"Robot. Auton. Syst."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Bezemskij, A., Loukas, G., Anthony, R.J., and Gan, D. (2016, January 14\u201316). Behaviour-based anomaly detection of cyber-physical attacks on a robotic vehicle. Proceedings of the International Conference on Ubiquitous Computing and Communications and 2016 International Symposium on Cyberspace and Security (IUCC-CSS), Granada, Spain.","DOI":"10.1109\/IUCC-CSS.2016.017"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Vuong, T.P., Loukas, G., Gan, D., and Bezemskij, A. (2015, January 16\u201319). Decision tree-based detection of denial of service and command injection attacks on robotic vehicles. Proceedings of the 2015 IEEE International Workshop on Information Forensics and Security (WIFS), Rome, Italy.","DOI":"10.1109\/WIFS.2015.7368559"},{"key":"ref_28","unstructured":"Vuong, T. (2017). Cyber-Physical Intrusion Detection for Robotic Vehicles. [Ph.D. Thesis, University of Greenwich]."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Jones, A., and Straub, J. (2017, January 1). Using deep learning to detect network intrusions and malware in autonomous robots. Proceedings of the Cyber Sensing 2017, Anaheim, CA, USA.","DOI":"10.1117\/12.2264072"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Javaid, A.Y., Sun, W., Devabhaktuni, V.K., and Alam, M. (2012, January 13\u201315). Cyber security threat analysis and modeling of an unmanned aerial vehicle system. Proceedings of the 2012 IEEE Conference on Technologies for Homeland Security (HST), Waltham, MA, USA.","DOI":"10.1109\/THS.2012.6459914"},{"key":"ref_31","unstructured":"Batson, L.T., and Wimmer, D.R. (2015). Unmanned Tactical Autonomous Control and Collaboration Threat and Vulnerability Assessment. [Ph.D. Thesis, Naval Postgraduate School]."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Quarta, D., Pogliani, M., Polino, M., Maggi, F., Zanchettin, A.M., and Zanero, S. (2017, January 22\u201326). An Experimental Security Analysis of an Industrial Robot Controller. Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA.","DOI":"10.1109\/SP.2017.20"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Bonaci, T., and Chizeck, H.J. (2012, January 5\u20138). On potential security threats against rescue robotic systems. Proceedings of the 2012 IEEE International Symposium on Safety, Security, and Rescue Robotics (SSRR), College Station, TX, USA.","DOI":"10.1109\/SSRR.2012.6523908"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Alemzadeh, H., Chen, D., Li, X., Kesavadas, T., Kalbarczyk, Z.T., and Iyer, R.K. (July, January 28). Targeted attacks on teleoperated surgical robots: Dynamic model-based detection and mitigation. Proceedings of the 2016 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), Toulouse, France.","DOI":"10.1109\/DSN.2016.43"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Chen, Y., Kar, S., and Moura, J.M. (2016, January 6\u20138). Cyber physical attacks constrained by control objectives. Proceedings of the 2016 American Control Conference (ACC), Boston, MA, USA.","DOI":"10.1109\/ACC.2016.7525078"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Clark, G.W., Doran, M.V., and Andel, T.R. (2017, January 27\u201331). Cybersecurity issues in robotics. Proceedings of the 2017 IEEE Conference on Cognitive and Computational Aspects of Situation Management (CogSIMA), Savannah, GA, USA.","DOI":"10.1109\/COGSIMA.2017.7929597"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"836","DOI":"10.4028\/www.scientific.net\/AMR.706-708.836","article-title":"Integrity Protection of the Intelligent Robot\u2019s Remote Information","volume":"706","author":"Deng","year":"2013","journal-title":"Adv. Mater. Res."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Guiochet, J., Martin-Guillerez, D., and Powell, D. (2010, January 3\u20134). Experience with model-based user-centered risk assessment for service robots. Proceedings of the 2010 IEEE 12th International Symposium on High-Assurance Systems Engineering (HASE), San Jose, CA, USA.","DOI":"10.1109\/HASE.2010.10"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Khalid, A., Kirisci, P., Ghrairi, Z., Pannek, J., and Thoben, K.D. (2017). Safety Requirements in Collaborative Human\u2014Robot Cyber-Physical System. Dynamics in Logistics, Springer.","DOI":"10.1007\/978-3-319-45117-6_4"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"132","DOI":"10.1016\/j.compind.2018.02.009","article-title":"Security framework for industrial collaborative robotic cyber-physical systems","volume":"97","author":"Khalid","year":"2018","journal-title":"Comput. Ind."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1016\/j.ress.2015.02.008","article-title":"A survey of approaches combining safety and security for industrial control systems","volume":"139","author":"Kriaa","year":"2015","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_42","unstructured":"McLean, I., Szymanski, B., and Bivens, A. (2003, January 18\u201320). Methodology of risk assessment in mobile agent system design. Proceedings of the IEEE Systems, Man and Cybernetics Society Information Assurance Workshop, West Point, NY, USA."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Vuong, T., Filippoupolitis, A., Loukas, G., and Gan, D. (2014, January 24\u201328). Physical indicators of cyber attacks against a rescue robot. Proceedings of the 2014 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), Budapest, Hungary.","DOI":"10.1109\/PerComW.2014.6815228"},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Wardzinski, A. (2008, January 18\u201321). Dynamic risk assessment in autonomous vehicles motion planning. Proceedings of the 2008 1st International Conference on Information Technology, Gdansk, Poland.","DOI":"10.1109\/INFTECH.2008.4621607"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Chowdhury, A., Karmakar, G., and Kamruzzaman, J. (2017). Survey of Recent Cyber Security Attacks on Robotic Systems and Their Mitigation Approaches. Detecting and Mitigating Robotic Cyber Security Risks, IGI Global.","DOI":"10.4018\/978-1-5225-2154-9.ch019"},{"key":"ref_46","unstructured":"Matellan, V., Rodriguez-Lera, F.J., and Balsa, J. (2018, May 03). Cybersecurity in Robotic Systems. Available online: https:\/\/ercim-news.ercim.eu\/en106\/special\/cybersecurity-in-robotic-systems."},{"key":"ref_47","unstructured":"(2018, May 03). Code for the RAT Tool. Available online: https:\/\/github.com\/salahghalyon\/RAT_tool."},{"key":"ref_48","unstructured":"(2018, May 03). Guide for Conducting Risk Assessments, Available online: https:\/\/csrc.nist.gov\/publications\/drafts\/800-30-rev1\/SP800-30-Rev1-ipd.pdf."},{"key":"ref_49","unstructured":"(2018, May 03). Software and Documentation for MobileRobots Research and Development Platforms. Available online: http:\/\/robots.mobilerobots.com\/wiki\/Software_Updates."},{"key":"ref_50","unstructured":"(2018, May 03). ArnlServer. Available online: http:\/\/robots.mobilerobots.com\/wiki\/ARNL,_SONARNL_and_MOGS."},{"key":"ref_51","unstructured":"(2018, May 03). ArNetworking or ARNL Server Login and Password. Available online: http:\/\/robots.mobilerobots.com\/wiki\/ArNetworking_or_ARNL_Server_Login_and_Password."},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Meng, N., Nagy, S., Yao, D., Zhuang, W., and Argoty, G.A. (arXiv, 2017). Secure Coding Practices in Java: Challenges and Vulnerabilities, arXiv.","DOI":"10.1145\/3180155.3180201"},{"key":"ref_53","first-page":"355","article-title":"Design, Release, Update, Repeat: The Basic Process of a Security Protocol\u015b Evolution","volume":"8","author":"Choi","year":"2017","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"ref_54","unstructured":"(2018, May 03). MobileSim. Available online: http:\/\/robots.mobilerobots.com\/MobileSim\/download\/current\/README.html."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"189","DOI":"10.1007\/s11721-008-0014-4","article-title":"Massively multi-robot simulation in stage","volume":"2","author":"Vaughan","year":"2008","journal-title":"Swarm Intell."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/JPROC.2017.2780172","article-title":"Wireless Communication and Security Issues for Cyber\u2013Physical Systems and the Internet-of-Things","volume":"106","author":"Burg","year":"2018","journal-title":"Proc. IEEE"},{"key":"ref_57","unstructured":"(2018, May 03). Scapy. Available online: http:\/\/www.secdev.org\/projects\/scapy\/."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1016\/j.jnca.2015.09.001","article-title":"A survey on lightweight block ciphers for low-resource devices: Comparative study and open issues","volume":"58","author":"Mohd","year":"2015","journal-title":"J. Netw. Comput. Appl."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/5\/1643\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:05:13Z","timestamp":1760195113000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/5\/1643"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,5,21]]},"references-count":58,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2018,5]]}},"alternative-id":["s18051643"],"URL":"https:\/\/doi.org\/10.3390\/s18051643","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,5,21]]}}}