2015年3月10日火曜日

Hacking Robotics



I did a presentation and the demo of the robot cyber security(hacking) in the Information Technology Promotion Agency Japan(IPA) Security Camp Forum 2015.

IPA security camp forum is a forum for the white hat hackers which participated in the IPA Security camp in the past 10 years. IPA Security Camp is a training camp for future top gun white hat hackers(ethical hackers) under 22 years old in Japan. The trainers in the Security Camp are the top gun white hat hackers in Japan, and some of the students in the IPA Security Camp have become top gun white hat hackers (famous bug hunters, pentesters, vulnerability reporters, the president of the pentesting company), other students have been famous in the ICT or other fields.
 I participated in the IPA Security Camp 2014 because I thought,
 a secure robot will be very important in the future.

This time I found some security problems in the world-famous robotics middleware(Robot Operating System), and found a way how to crack a robot. I have discovered a new field of robotics and security, hacking robotics. 
For the details of the robot cyber security, please check the slide.

I have met many engineer friends of the IPA Security Camp 2014 there, such as, embedded engineer @miettal, network specialist @core2f_ood, and the coolest trainers, Embed System OS/Linux Engineer at Fujitsu, Mr.Sakai, and the Cybozu Lab,Inc research Developer, Mr.Takesako.

There was many section in the IPA Security Camp. I participated in the Shipu-camp, Low layer Meetup, and the Kernel/VM Meetup.


iRobot Roomba

Shipu-camp is a hack-a-thon which future top gun ICT engineer participate. I made my iRobt Roomba move with keyboard teleoperation using ROS in One-hour-only hack-a-thon.

In the Low-layer meetup, there was a presentation of FORTRAN to C/C++ language translator and about original processor designing.(OoO Execution, FPGA, Original Instruction Set of Processors)

the Virtual Image of the softbank pepper Operating System(Gentoo Linux based OS)


And in the Kernel/VM meetup, I did the presentation and the demo of the robot cyber security.
I talked about the security problems(the ROS Packet is not encrypted and it broadcast packets all of the network) of the ROS(Robot Operating System) and the Reverse Engineering of Softbank Pepper Robot(Accessing the Pepper robot Operating System and customizing the OS). The other people did a presentation about the secure implementation of the multi-process Qt Application in the X environment using sandbox process, and the Dynamic Program Analysis of the malware using LLVM.

Now I'm developing a Intrusion Prevention System for the Robot Network System to secure robots. 
Check out for my updates about hacking robotics!