-
Notifications
You must be signed in to change notification settings - Fork 47
/
bibliography.bib
4356 lines (3840 loc) · 169 KB
/
bibliography.bib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
@ARTICLE{2019arXiv190800722S,
author = {{Strudel}, Robin and {Pashevich}, Alexander and {Kalevatykh}, Igor and
{Laptev}, Ivan and {Sivic}, Josef and {Schmid}, Cordelia},
title = "{Combining learned skills and reinforcement learning for robotic manipulations}",
journal = {arXiv e-prints},
keywords = {Computer Science - Machine Learning, Computer Science - Artificial Intelligence, Computer Science - Computer Vision and Pattern Recognition, Statistics - Machine Learning},
year = "2019",
month = "Aug",
eid = {arXiv:1908.00722},
pages = {arXiv:1908.00722},
archivePrefix = {arXiv},
eprint = {1908.00722},
primaryClass = {cs.LG},
adsurl = {https://ui.adsabs.harvard.edu/abs/2019arXiv190800722S},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@inproceedings{walden2008integrating,
title={Integrating web application security into the IT curriculum},
author={Walden, James},
booktitle={Proceedings of the 9th ACM SIGITE conference on Information technology education},
pages={187--192},
year={2008},
organization={ACM}
}
@ARTICLE {badstore.netv2.1.2006,
author = "BadStore.net v2.1.",
title = "Hacking BadStore.netA hands-on approach to web application vulnerability discovery and exploitation",
year = "2006"
}
@article{meucci2014owasp,
title={Owasp testing guide},
author={Meucci, Matteo and Muller, A},
journal={v4. 0,//OWASP Foundation},
number={s 453},
year={2014}
}
@book{stuttard2011web,
title={The web application hacker's handbook: Finding and exploiting security flaws},
author={Stuttard, Dafydd and Pinto, Marcus},
year={2011},
publisher={John Wiley \& Sons}
}
@article{hrim,
title={An information model for modular robots: the Hardware Robot Information Model (HRIM)},
author={Zamalloa, Irati and Muguruza, Iñigo and Hernández, Alejandro and Kojcev, Risto and Mayoral, Víctor},
journal={arXiv preprint arXiv:1802.01459},
year={2018}
}
@ARTICLE{2016arXiv160805742Z,
author = {{Zamora}, I. and {Gonzalez Lopez}, N. and {Mayoral Vilches}, V. and
{Hernandez Cordero}, A.},
title = "{Extending the OpenAI Gym for robotics: a toolkit for reinforcement learning using ROS and Gazebo}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1608.05742},
primaryClass = "cs.RO",
keywords = {Computer Science - Robotics},
year = 2016,
month = aug,
adsurl = {http://adsabs.harvard.edu/abs/2016arXiv160805742Z},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@ARTICLE{2018arXiv180204082M,
author = {{Mayoral}, V. and {Kojcev}, R. and {Etxezarreta}, N. and {Hern{\'a}ndez}, A. and
{Zamalloa}, I.},
title = "{Towards self-adaptable robots: from programming to training machines}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1802.04082},
primaryClass = "cs.RO",
keywords = {Computer Science - Robotics},
year = 2018,
month = feb,
adsurl = {http://adsabs.harvard.edu/abs/2018arXiv180204082M},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@ARTICLE{2016arXiv160302199L,
author = {{Levine}, S. and {Pastor}, P. and {Krizhevsky}, A. and {Quillen}, D.
},
title = "{Learning Hand-Eye Coordination for Robotic Grasping with Deep Learning and Large-Scale Data Collection}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1603.02199},
primaryClass = "cs.LG",
keywords = {Computer Science - Learning, Computer Science - Artificial Intelligence, Computer Science - Computer Vision and Pattern Recognition, Computer Science - Robotics},
year = 2016,
month = mar,
adsurl = {http://adsabs.harvard.edu/abs/2016arXiv160302199L},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@misc{1606.01540,
Author = {Greg Brockman and Vicki Cheung and Ludwig Pettersson and Jonas Schneider and John Schulman and Jie Tang and Wojciech Zaremba},
Title = {OpenAI Gym},
Year = {2016},
Eprint = {arXiv:1606.01540},
}
@inproceedings{todorov2012mujoco,
title={Mujoco: A physics engine for model-based control},
author={Todorov, Emanuel and Erez, Tom and Tassa, Yuval},
booktitle={Intelligent Robots and Systems (IROS), 2012 IEEE/RSJ International Conference on},
pages={5026--5033},
year={2012},
organization={IEEE}
}
% Gazebo
@inproceedings{koenig2004design,
title={Design and use paradigms for gazebo, an open-source multi-robot simulator},
author={Koenig, Nathan and Howard, Andrew},
booktitle={Intelligent Robots and Systems, 2004.(IROS 2004). Proceedings. 2004 IEEE/RSJ International Conference on},
volume={3},
pages={2149--2154},
year={2004},
organization={IEEE}
}
@inproceedings{Quigley09,
author="Morgan Quigley and Brian Gerkey and Ken Conley and Josh Faust and
Tully Foote and Jeremy Leibs and Eric Berger and Rob Wheeler and Andrew Ng",
title="ROS: an open-source Robot Operating System",
booktitle="Proc. of the IEEE Intl. Conf. on Robotics and Automation (ICRA)
Workshop on Open Source Robotics",
month = may,
year=2009,
address="Kobe, Japan"
}
@article{stooke2018accelerated,
title={Accelerated Methods for Deep Reinforcement Learning},
author={Stooke, Adam and Abbeel, Pieter},
journal={arXiv preprint arXiv:1803.02811},
year={2018}
}
@ARTICLE{2017arXiv171209381L,
author = {{Liang}, E. and {Liaw}, R. and {Moritz}, P. and {Nishihara}, R. and
{Fox}, R. and {Goldberg}, K. and {Gonzalez}, J.~E. and {Jordan}, M.~I. and
{Stoica}, I.},
title = "{Ray RLlib: A Framework for Distributed Reinforcement Learning}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1712.09381},
primaryClass = "cs.AI",
keywords = {Computer Science - Artificial Intelligence, Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Learning},
year = 2017,
month = dec,
adsurl = {http://adsabs.harvard.edu/abs/2017arXiv171209381L},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@misc{pytorchrl,
author = {Kostrikov, Ilya},
title = {PyTorch Implementations of Reinforcement Learning Algorithms},
year = {2018},
publisher = {GitHub},
journal = {GitHub repository},
howpublished = {\url{https://github.com/ikostrikov/pytorch-a2c-ppo-acktr}},
}
@misc{baselines,
author = {Dhariwal, Prafulla and Hesse, Christopher and Klimov, Oleg and Nichol, Alex and Plappert, Matthias and Radford, Alec and Schulman, John and Sidor, Szymon and Wu, Yuhuai},
title = {OpenAI Baselines},
year = {2017},
publisher = {GitHub},
journal = {GitHub repository},
howpublished = {\url{https://github.com/openai/baselines}},
}
@ARTICLE{2017arXiv170902878H,
author = {{Hafner}, D. and {Davidson}, J. and {Vanhoucke}, V.},
title = "{TensorFlow Agents: Efficient Batched Reinforcement Learning in TensorFlow}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1709.02878},
primaryClass = "cs.LG",
keywords = {Computer Science - Learning, Computer Science - Artificial Intelligence},
year = 2017,
month = sep,
adsurl = {http://adsabs.harvard.edu/abs/2017arXiv170902878H},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@misc{caspi_itai_2017_1134899,
author = {Caspi, Itai and
Leibovich, Gal and
Novik, Gal},
title = {Reinforcement Learning Coach},
month = dec,
year = 2017,
doi = {10.5281/zenodo.1134899},
url = {https://doi.org/10.5281/zenodo.1134899}
}
@ARTICLE{2017arXiv171205889M,
author = {{Moritz}, P. and {Nishihara}, R. and {Wang}, S. and {Tumanov}, A. and
{Liaw}, R. and {Liang}, E. and {Paul}, W. and {Jordan}, M.~I. and
{Stoica}, I.},
title = "{Ray: A Distributed Framework for Emerging AI Applications}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1712.05889},
primaryClass = "cs.DC",
keywords = {Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Artificial Intelligence, Computer Science - Learning, Statistics - Machine Learning},
year = 2017,
month = dec,
adsurl = {http://adsabs.harvard.edu/abs/2017arXiv171205889M},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@inproceedings{brewer2015kubernetes,
title={Kubernetes and the path to cloud native},
author={Brewer, Eric A},
booktitle={Proceedings of the Sixth ACM Symposium on Cloud Computing},
pages={167--167},
year={2015},
organization={ACM}
}
@article{buyya1999high,
title={High performance cluster computing},
author={Buyya, Rajkumar},
journal={New Jersey: F’rentice},
year={1999}
}
@article{rosen2006bgp,
title={BGP/MPLS IP virtual private networks (VPNs)},
author={Rosen, Eric C and Rekhter, Yakov},
year={2006}
}
@INPROCEEDINGS{8046383,
author={V. Mayoral and A. Hernández and R. Kojcev and I. Muguruza and I. Zamalloa and A. Bilbao and L. Usategi},
booktitle={2017 NASA/ESA Conference on Adaptive Hardware and Systems (AHS)},
title={The shift in the robotics paradigm: The Hardware Robot Operating System (H-ROS); an infrastructure to create interoperable robot components},
year={2017},
volume={},
number={},
pages={229-236},
keywords={control engineering computing;operating systems (computers);robots;H-ROS;building robots;hardware robot operating system;internal representation model;robot components;robot hardware components;robotics paradigm;software infrastructure;Hardware;Robot kinematics;Robot sensing systems;Service robots;Software;Standards;ROS;hardware;real-time Ethernet;robotics;standard},
doi={10.1109/AHS.2017.8046383},
ISSN={},
month={July},}
@techreport{hackerreport2018,
author={Hackerone},
title={The 2018 hacker report},
year= {2018},
url={https://www.hackerone.com/sites/default/files/2018-01/2018_Hacker_Report.pdf}
}
@techreport{hackerreport2017,
title = {The hacker-powered security report},
author = {hackerone},
year = {2017},
url = {https://www.hackerone.com/sites/default/files/2017-06/The%20Hacker-Powered%20Security%20Report.pdf}
}
@mastersthesis{shyvakov2017developing,
title={Developing a security framework for robots},
author={Shyvakov, Oleksandr},
year={2017},
school={University of Twente}
}
@article{park2017security,
title={Security assessment framework for IoT service},
author={Park, Keon Chul and Shin, Dong-Hee},
journal={Telecommunication Systems},
volume={64},
number={1},
pages={193--209},
year={2017},
publisher={Springer}
}
@techreport{hackingbeforeskynet,
title = {Hacking Robots Before Skynet},
author = {Cerrudo, Cesar and Apa, Lucas},
year = {2017},
url = {https://ioactive.com/wp-content/uploads/2018/05/Hacking-Robots-Before-Skynet-Paper_Final.pdf}
}
@techreport{hackingbeforeskynet2,
title = {Hacking Robots Before Skynet: Technical Appendix},
author = {Cerrudo, Cesar and Apa, Lucas},
year = {2017},
url = {https://ioactive.com/pdfs/Hacking-Robots-Before-Skynet-Technical-Appendix.pdf}
}
@INPROCEEDINGS{SecurecomROS,
author={B. Breiling and B. Dieber and P. Schartner},
booktitle={2017 Annual IEEE International Systems Conference (SysCon)},
title={Secure communication for the robot operating system},
year={2017},
volume={},
number={},
pages={1-6},
keywords={message authentication;middleware;operating systems (computers);peer-to-peer computing;robot programming;ROS;authenticity;confidentiality;data loss;monetary damage;peer-to-peer basis;publishers-subscribers interaction;robot operating system;robotics software;robotics technologies;secure communication channel;Authentication;Authorization;Communication channels;Peer-to-peer computing;Service robots},
doi={10.1109/SYSCON.2017.7934755},
ISSN={},
month={April},}
}
@INPROCEEDINGS{ApplicationSecROS,
author={B. Dieber and S. Kacianka and S. Rass and P. Schartner},
booktitle={2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS)},
title={Application-level security for ROS-based applications},
year={2016},
volume={},
number={},
pages={4477-4482},
keywords={control engineering computing;cryptography;industrial robots;operating systems (computers);production control;production engineering computing;risk analysis;ROS;application-level security;cryptographic methods;industrial applications;production process;risk safety;robot operating system;Authentication;Cryptography;Digital signatures;Production;Service robots},
doi={10.1109/IROS.2016.7759659},
ISSN={},
month={Oct},}
}
@misc{usbhacks,
title = {Top 5 USB Hacks that PWN You},
author = {Singh, Tarandeep},
howpublished = {\url{http://geeknizer.com/top-usb-hacks-pwn/}},
note = {Accessed: 2018-05-18}
}
@misc{pepperdocs,
title = {Aldebaran Software 2.1.0.18 documentation},
author = {{Aldebaran Robotics}},
howpublished = {\url{http://doc.aldebaran.com/2-0/family/juliette_user_guide/webpage_access.html}},
note = {Accessed: 2018-05-18}
}
@misc{rethinkdocs,
title = {Baxter Research Robot Wiki},
author = {{Rethink Robotics}},
howpublished = {\url{http://sdk.rethinkrobotics.com/wiki/Robot_Hostname}},
note = {Accessed: 2018-05-18}
}
@article{articlefinger,
author = {Smart, Matthew and Robert Malan, G and Jahanian, Farnam},
year = {2000},
month = {01},
pages = {},
title = {Defeating TCP/IP stack fingerprinting}
}
@article{iso2017iec,
title={Systems and software engineering—Vocabulary ISO/IEC/IEEE 24765: 2017},
author={IEEE Standards Association and others},
journal={ISO/IEC/IEEE},
volume={24765},
year={2017}
}
@article{Dieber:2017:SRO:3165321.3165569,
author = {Dieber, Bernhard and Breiling, Benjamin and Taurer, Sebastian and Kacianka, Severin and Rass, Stefan and Schartner, Peter},
title = {Security for the Robot Operating System},
journal = {Robot. Auton. Syst.},
issue_date = {December 2017},
volume = {98},
number = {C},
month = dec,
year = {2017},
issn = {0921-8890},
pages = {192--203},
numpages = {12},
url = {https://doi.org/10.1016/j.robot.2017.09.017},
doi = {10.1016/j.robot.2017.09.017},
acmid = {3165569},
publisher = {North-Holland Publishing Co.},
address = {Amsterdam, The Netherlands, The Netherlands},
keywords = {68M14, 68N99, 68T40, 93C85, 94A60, 94A62, Industry 4.0, ROS, Robotics, Security},
}
@misc{threat0,
title = {Jan. 25, 1979: Robot kills human},
author={Kravets, David},
year={2010},
journal={Wired},
howpublished = {\url{https://www.wired.com/2010/01/0125robot-kills-worker/}},
url={https://www.wired.com/2010/01/0125robot-kills-worker/},
note = {Accessed: 2018-05-19}
}
@misc{threat1,
title = {Robot kills factory worker},
author={Whymant, Robert},
year={2014},
journal={TheGuardian},
url = {https://www.theguardian.com/theguardian/2014/dec/09/robot-kills-factory-worker},
note = {Accessed: 2018-05-19}
}
@misc{threat2,
title = {Robot kills man at Volkswagen plant in Germany},
author={Huggler, Justin},
year={2015},
journal={Telegraph},
url = {https://www.telegraph.co.uk/news/worldnews/europe/germany/11712513/Robot-kills-man-at-Volkswagen-plant-in-Germany},
note = {Accessed: 2018-05-19}
}
@misc{threat3,
title = {Mall security bot knocks down toddler, breaks Asimov first law of robotics},
author={Vincent, James},
year={2016},
journal={The Verge},
url = {https://www.theverge.com/2016/7/13/12170640/mall-security-robot-k5-knocks-down-toddler},
note = {Accessed: 2018-05-19}
}
@misc{threat4,
title = {Dallas deployment of robot bomb to kill suspect is “without precedent”},
author={Farivar, Cyrus},
year={2016},
journal={Ars Technica},
url = {https://arstechnica.com/tech-policy/2016/07/is-it-ok-to-send-a-police-robot-to-deliver-a-bomb-to-kill-an-active-shooter},
note = {Accessed: 2018-05-19}
}
@misc{threat5,
title = {Robotic surgery linked to 144 deaths in the US},
author={Unknown},
year={2015},
journal={BBC},
howpublished = {http://www.bbc.com/news/technology-33609495},
note = {Accessed: 2018-05-19}
}
@ARTICLE{2018arXiv180504101G,
author = {{Giaretta}, A. and {De Donno}, M. and {Dragoni}, N.},
title = "{Adding Salt to Pepper: A Structured Security Assessment over a Humanoid Robot}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1805.04101},
primaryClass = "cs.CR",
keywords = {Computer Science - Cryptography and Security},
year = 2018,
month = may,
adsurl = {http://adsabs.harvard.edu/abs/2018arXiv180504101G},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@techreport{IEC62443,
title={Industrial Communication Networks Network and System Security Part 1-1: Terminology, Concepts and Models, IEC},
author={International Electrotechnical Commission and others},
year={2009},
institution={TS 62443-1-1 ed1. 0, Geneva, Switzerland}
}
@techreport{sedgewick2014framework,
title={Framework for improving critical infrastructure cybersecurity, version 1.0},
author={Sedgewick, Adam},
year={2014}
}
@techreport{nistframework,
title={Framework for Improving Critical Infrastructure Cybersecurity},
author={National Institute of Standards and Technology},
institution={National Institute of Standards and Technology},
year={2016},
note={Version 1.1}
}
@article{white2016sros,
title={SROS: Securing ROS over the wire, in the graph, and through the kernel},
author={White, Ruffin and Christensen, Dr and Henrik, I and Quigley, Dr and others},
journal={arXiv preprint arXiv:1611.07060},
year={2016}
}
@inproceedings{mcclean2013preliminary,
title={A preliminary cyber-physical security assessment of the robot operating system (ros)},
author={McClean, Jarrod and Stull, Christopher and Farrar, Charles and Mascare{\~n}as, David},
booktitle={Unmanned Systems Technology XV},
volume={8741},
pages={874110},
year={2013},
organization={International Society for Optics and Photonics}
}
@article{dieber2017security,
title={Security for the Robot Operating System},
author={Dieber, Bernhard and Breiling, Benjamin and Taurer, Sebastian and Kacianka, Severin and Rass, Stefan and Schartner, Peter},
journal={Robotics and Autonomous Systems},
volume={98},
pages={192--203},
year={2017},
publisher={Elsevier}
}
@inproceedings{finnicum2011building,
title={Building Secure Robot Applications.},
author={Finnicum, Murph and King, Samuel T},
booktitle={HotSec},
year={2011}
}
@inproceedings{dieber2016application,
title={Application-level security for ROS-based applications},
author={Dieber, Bernhard and Kacianka, Severin and Rass, Stefan and Schartner, Peter},
booktitle={Intelligent Robots and Systems (IROS), 2016 IEEE/RSJ International Conference on},
pages={4477--4482},
year={2016},
organization={IEEE}
}
@inproceedings{jeong2017study,
title={A Study on ROS Vulnerabilities and Countermeasure},
author={Jeong, Se-Yeon and Choi, I-Ju and Kim, Yeong-Jin and Shin, Yong-Min and Han, Jeong-Hun and Jung, Goo-Hong and Kim, Kyoung-Gon},
booktitle={Proceedings of the Companion of the 2017 ACM/IEEE International Conference on Human-Robot Interaction},
pages={147--148},
year={2017},
organization={ACM}
}
@incollection{lera2017cybersecurity,
title={Cybersecurity of Robotics and Autonomous Systems: Privacy and Safety},
author={Lera, Francisco J Rodr{\'\i}guez and Llamas, Camino Fern{\'a}ndez and Guerrero, {\'A}ngel Manuel and Olivera, Vicente Matell{\'a}n},
booktitle={Robotics-Legal, Ethical and Socioeconomic Impacts},
year={2017},
publisher={InTech}
}
@article{martin2018quantitative,
title={Quantitative analysis of security in distributed robotic frameworks},
author={Mart{\'\i}n, Francisco and Soriano, Enrique and Ca{\~n}as, Jos{\'e} M},
journal={Robotics and Autonomous Systems},
volume={100},
pages={95--107},
year={2018},
publisher={Elsevier}
}
@article{lera2016cybersecurity,
title={Cybersecurity in Autonomous Systems: Evaluating the performance of hardening ROS},
author={Lera, Francisco Javier Rodr{\i}guez and Balsa, Jes{\'u}s and Casado, Fernando and Fern{\'a}ndez, Camino and Rico, Francisco Mart{\i}n and Matell{\'a}n, Vicente},
journal={M{\'a}laga, Spain},
pages={47},
year={2016}
}
@article{KHALID2018,
title = "Security framework for industrial collaborative robotic cyber-physical systems",
journal = "Computers in Industry",
volume = "97",
pages = "132 - 145",
year = "2018",
issn = "0166-3615",
doi = "https://doi.org/10.1016/j.compind.2018.02.009",
url = "http://www.sciencedirect.com/science/article/pii/S016636151730088X",
author = "Azfar Khalid and Pierre Kirisci and Zeashan Hameed Khan and Zied Ghrairi and Klaus-Dieter Thoben and Jürgen Pannek",
keywords = "Cyber physical production system, Cyber security, Human-robot collaboration"
}
@ARTICLE{RSF,
author = {{Mayoral-Vilches}, V. and {Alzola-Kirschgens}, L. and {Bilbao Calvo}, A. and
{Hernández Cordero}, A. and {Izquierdo Pisón}, R. and
{Mayoral Vilches}, D. and {Muñiz Rosas}, A. and {Olalde Mendia}, G. and
{Usategi San Juan}, L. and {Zamalloa Ugarte}, I. and {Gil-Uriarte}, E. and
{Tews}, E. and {Peter}, A.},
title = {Introducing the Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics},
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1806.04042},
primaryClass = "cs.CR",
keywords = {Computer Science - Cryptography and Security, Computer Science - Robotics},
year = 2018,
month = jun,
adsurl = {http://adsabs.harvard.edu/abs/2018arXiv180604042M},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@inproceedings{quigley2009ros,
title={ROS: an open-source Robot Operating System},
author={Quigley, Morgan and Conley, Ken and Gerkey, Brian and Faust, Josh and Foote, Tully and Leibs, Jeremy and Wheeler, Rob and Ng, Andrew Y},
booktitle={ICRA workshop on open source software},
volume={3},
number={3.2},
pages={5},
year={2009},
organization={Kobe, Japan}
}
@ARTICLE{2018arXiv180803322D,
author = {{DeMarinis}, N. and {Tellex}, S. and {Kemerlis}, V. and {Konidaris}, G. and
{Fonseca}, R.},
title = "{Scanning the Internet for ROS: A View of Security in Robotics Research}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1808.03322},
primaryClass = "cs.CR",
keywords = {Computer Science - Cryptography and Security, Computer Science - Robotics},
year = 2018,
month = jul,
adsurl = {http://adsabs.harvard.edu/abs/2018arXiv180803322D},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@techreport{eagle2004capture,
title={Capture-the-flag: Learning computer security under fire},
author={Eagle, Chris and Clark, John L},
year={2004},
institution={NAVAL POSTGRADUATE SCHOOL MONTEREY CA}
}
@inproceedings{cowan2003defcon,
title={Defcon capture the flag: Defending vulnerable code from intense attack},
author={Cowan, Crispin and Arnold, Seth and Beattie, Steve and Wright, Chris and Viega, John},
booktitle={DARPA Information Survivability Conference and Exposition, 2003. Proceedings},
volume={1},
pages={120--129},
year={2003},
organization={IEEE}
}
@article{vigna20112010,
title={The 2010 international capture the flag competition},
author={Vigna, Giovanni},
journal={IEEE Security \& Privacy},
volume={9},
number={1},
pages={12--14},
year={2011},
publisher={IEEE}
}
@article{darpa2014cyber,
title={Cyber grand challenge},
author={DARPA, DA},
journal={Retrieved June},
volume={6},
pages={2014},
year={2014}
}
@ARTICLE{RVSS,
author = {{Mayoral-Vilches}, V. and {Gil-Uriarte}, E. and {Zamalloa Ugarte}, I. and
{Olalde Mendia}, G. and {Izquierdo Pis{\'o}n}, R. and {Alzola Kirschgens}, L. and
{Bilbao Calvo}, A. and {Hern{\'a}ndez Cordero}, A. and {Apa}, L. and
{Cerrudo}, C.},
title = "{Towards an open standard for assessing the severity of robot security vulnerabilities, the Robot Vulnerability Scoring System (RVSS)}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1807.10357},
primaryClass = "cs.RO",
keywords = {Computer Science - Robotics, Computer Science - Cryptography and Security},
year = 2018,
month = jul,
adsurl = {http://adsabs.harvard.edu/abs/2018arXiv180710357M},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@INPROCEEDINGS{Koenig04designand,
author = {Nathan Koenig and Andrew Howard},
title = {Design and Use Paradigms for Gazebo, An Open-Source Multi-Robot Simulator},
booktitle = {In IEEE/RSJ International Conference on Intelligent Robots and Systems},
year = {2004},
pages = {2149--2154}
}
@article{White,
abstract = {SROS1 is a proposed addition to the ROS1 API and ecosystem to support modern cryptography and security measures. An overview of current progress will be presented, explaining each major advancement, including: over-the-wire cryptography for all data transport, namespaced access control enforcing graph poli-cies/restrictions, and finally process profiles using Linux Security Modules to harden a node's resource access. This chapter not only seeks to raise community awareness of the vulnerabilities in ROS1, but to provide clear instruction along designed patterns of development for using proposed solutions provided by SROS1 to advance the state of security for open source robotics subsystems.},
author = {White, Ruffin and Caiazza, Gianluca and Christensen, Henrik and Cortesi, Agostino},
doi = {10.1007/978-3-319-91590-6_11},
file = {:Users/gorka/Library/Application Support/Mendeley Desktop/Downloaded/White et al. - Unknown - SROS1 Using and Developing Secure ROS1 Systems(2).pdf:pdf},
keywords = {Access control,ROS,Robotics,Secure communications},
mendeley-groups = {CYBERSECURITY/ROS},
title = {{SROS1: Using and Developing Secure ROS1 Systems}},
url = {https://doi.org/10.1007/978-3-319-91590-6{\_}11}
}
@article{Durumeric2013,
abstract = {Internet-wide network scanning has numerous security applications, including exposing new vulnerabilities and tracking the adoption of defensive mechanisms, but prob- ing the entire public address space with existing tools is both difficult and slow. We introduce ZMap, a modular, open-source network scanner specifically architected to perform Internet-wide scans and capable of surveying the entire IPv4 address space in under 45 minutes from user space on a single machine, approaching the theo- retical maximum speed of gigabit Ethernet. We present the scanner architecture, experimentally characterize its performance and accuracy, and explore the security impli- cations of high speed Internet-scale network surveys, both offensive and defensive. We also discuss best practices for good Internet citizenship when performing Internet-wide surveys, informed by our own experiences conducting a long-term research survey over the past year. 1},
author = {Durumeric, Zakir and Wustrow, Eric and Halderman, J. Alex},
file = {:Users/gorka/Downloads/zmap.pdf:pdf},
isbn = {9781931971034},
journal = {Proceedings of the 22nd USENIX Security Symposium},
number = {August},
pages = {605--619},
title = {{ZMap: Fast Internet-wide Scanning and Its Security Applications}},
url = {https://zmap.io/paper.pdf},
year = {2013}
}
@misc{biondi, title={Scapy}, url={https://scapy.net/}, journal={Scapy}, author={Biondi, Philippe}}
@ARTICLE{rctf,
author = {{Olalde Mendia}, G. and {Usategui San Juan}, L. and {Perez Bascaran}, X. and
{Bilbao Calvo}, A. and {Hern{\'a}ndez Cordero}, A. and {Zamalloa Ugarte}, I. and
{Mu{\~n}iz Rosas}, A. and {Mayoral Vilches}, D. and {Ayucar Carbajo}, U. and
{Alzola Kirschgens}, L. and {Mayoral Vilches}, V. and {Gil-Uriarte}, E.
},
title = "{Robotics CTF (RCTF), a playground for robot hacking}",
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
eprint = {1810.02690},
primaryClass = "cs.CY",
keywords = {Computer Science - Computers and Society, Computer Science - Robotics},
year = 2018,
month = oct,
adsurl = {http://adsabs.harvard.edu/abs/2018arXiv181002690O},
adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}
@inproceedings{laperdrix:hal-01285470,
TITLE = {{Beauty and the Beast: Diverting modern web browsers to build unique browser fingerprints}},
AUTHOR = {Laperdrix, Pierre and Rudametkin, Walter and Baudry, Benoit},
URL = {https://hal.inria.fr/hal-01285470},
BOOKTITLE = {{37th IEEE Symposium on Security and Privacy (S\&P 2016)}},
ADDRESS = {San Jose, United States},
YEAR = {2016},
MONTH = May,
KEYWORDS = {browser fingerprinting ; privacy ; software diversity},
PDF = {https://hal.inria.fr/hal-01285470/file/beauty-sp16.pdf},
HAL_ID = {hal-01285470},
HAL_VERSION = {v2},
}
@techreport{McGreevy2001,
abstract = {Are you footprinting your systems? Or is an attacker doing it for you? Yes, footprinting can be good for you just like scanning. The process of footprinting is the first step in information gathering of hackers. To perform or thwart a successful attack, one needs to gather information. The hacker's intention is to learn about all aspects of the perspective organization's security posture, profile of their Intranet, remote access capabilities, and intranet/extranet presence (Scambray, McClure, and Kurtz 2001). Footprint...},
address = {Monterrey},
author = {McGreevy, James P.},
file = {:Users/gorka/Desktop/footprinting-it-it-why-62.pdf:pdf},
institution = {SANS Institute},
title = {{Footprinting: What Is It, Who Should Do It, and Why?}},
url = {https://www.sans.org/reading-room/whitepapers/auditing/footprinting-it-it-why-62},
year = {2002}
}
@article{DeMarinis2018,
abstract = {Because robots can directly perceive and affect the physical world, security issues take on particular importance. In this paper, we describe the results of our work on scanning the entire IPv4 address space of the Internet for instances of the Robot Operating System (ROS), a widely used robotics platform for research. Our results identified that a number of hosts supporting ROS are exposed to the public Internet, thereby allowing anyone to access robotic sensors and actuators. As a proof of concept, and with consent, we were able to read image sensor information and move the robot of a research group in a US university. This paper gives an overview of our findings, including the geographic distribution of publicly-accessible platforms, the sorts of sensor and actuator data that is available, as well as the different kinds of robots and sensors that our scan uncovered. Additionally, we offer recommendations on best practices to mitigate these security issues in the future.},
archivePrefix = {arXiv},
arxivId = {1808.03322},
author = {DeMarinis, Nicholas and Tellex, Stefanie and Kemerlis, Vasileios and Konidaris, George and Fonseca, Rodrigo},
eprint = {1808.03322},
file = {:Users/gorka/Downloads/1808.03322.pdf:pdf},
mendeley-groups = {CYBERSECURITY},
title = {{Scanning the Internet for ROS: A View of Security in Robotics Research}},
year = {2018}
}
@techreport{Maggi,
author = {Maggi, Federico and Quarta, Davide and Pogliani, Marcello and Polino, Mario and Zanchettin, Andrea M and Zanero, Stefano and {Di Milano}, Politecnico},
file = {:Users/gorka/Library/Application Support/Mendeley Desktop/Downloaded/Maggi et al. - Unknown - Rogue Robots Testing the Limits of an Industrial Robot's Security.pdf:pdf},
keywords = {ICS,industrial security,robot,routers},
mendeley-groups = {CYBERSECURITY/ROS},
title = {{Rogue Robots: Testing the Limits of an Industrial Robot's Security}}
}
@misc{shodan,
title={The search engine for the Internet of Things}, url={https://www.shodan.io/},
journal={Shodan}
}
@inproceedings{Mirian2016,
doi = {10.1109/pst.2016.7906943},
url = {https://doi.org/10.1109/pst.2016.7906943},
year = {2016},
month = {dec},
publisher = {{IEEE}},
author = {Ariana Mirian and Zane Ma and David Adrian and Matthew Tischer and Thasphon Chuenchujit and Tim Yardley and Robin Berthier and Joshua Mason and Zakir Durumeric and J. Alex Halderman and Michael Bailey},
title = {An Internet-wide view of {ICS} devices},
booktitle = {2016 14th Annual Conference on Privacy, Security and Trust ({PST})}
}
@article{Adrian2014,
author = {Adrian, David and Durumeric, Zakir and Singh, Gulshan and Halderman, J Alex},
file = {:Users/gorka/Downloads/woot14-adrian.pdf:pdf},
journal = {Usenix Woot},
number = {August},
pages = {8},
title = {{Zippier ZMap : Internet-Wide Scanning at 10 Gbps}},
url = {http://dl.acm.org/citation.cfm?id=2671293.2671301},
year = {2014}
}
@techreport{rfc5280,
url = {https://www.rfc-editor.org/rfc/rfc5280.txt},
author = {D. Cooper and S. Santesson and S. Farrell and S. Boeyen and R. Housley and W. Polk},
number = {5280},
howpublished = {Internet Requests for Comments},
title = {Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile},
issn = {},
year = {2008},
type = {RFC},
publisher = {RFC Editor},
institution = {RFC Editor},
month = {May}
}
@misc{dds,
title = {What is DDS?},
author={Object Management Group},
year={2018},
howpublished = {https://www.omgwiki.org/dds/what-is-dds-3/},
note = {Accessed: 2018-12-01}
}
@misc{robapi,
title = {API Reference},
author={ABB},
year={2016},
howpublished = {http://developercenter.robotstudio.com/webservice/api\_reference},
note = {Accessed: 2018-12-03}
}
@misc{scadastrangelove_2016, title={scadastrangelove/SCADAPASS}, url={https://github.com/scadastrangelove/SCADAPASS}, journal={GitHub}, author={Scadastrangelove}, year={2016}, month={Nov}}
@techreport{rose2019zero,
title={Zero Trust Architecture Draft, NIST Special Publication 800-207},
author={Rose, Scott and Borchert, Oliver and Mitchell, Stu and Connelly, Sean},
year={2019},
institution={National Institute of Standards and Technology},
journal={NIST Special publication},
volume={800},
number={207}
}
@techreport{rose2019zero_draft2,
title={Zero Trust Architecture Draft (2nd), NIST Special Publication 800-207},
author={Rose, Scott and Borchert, Oliver and Mitchell, Stu and Connelly, Sean},
year={2020},
institution={National Institute of Standards and Technology},
journal={NIST Special publication},
volume={800},
number={207}
}
@article{vilches2019introducing,
title={Introducing the robot vulnerability database (rvd)},
author={Mayoral-Vilches, V{\'\i}ctor and Juan, Lander Usategui San and Dieber, Bernhard and Carbajo, Unai Ayucar and Gil-Uriarte, Endika},
journal={arXiv preprint arXiv:1912.11299},
year={2019}
}
@misc{ztacloudgoogle,
title = {BeyondCorp: How Google Ditched VPNs for Remote Employee Access},
author={ Joab Jackson},
year={2018},
howpublished = {https://thenewstack.io/beyondcorp-google-ditched-virtual-private-networking-internal-applications/},
note = {Accessed: 2020-02-21}
}
@misc{ztabanks,
title = {Why banks are adopting a modern approach to cybersecurity—the Zero Trust model},
author={Diana Pallais},
year={2019},
howpublished = {https://www.microsoft.com/en-us/microsoft-365/blog/2019/09/18/why-banks-adopt-modern-cybersecurity-zero-trust-model/},
note = {Accessed: 2020-02-21}
}
@article{43231,
title = {BeyondCorp: A New Approach to Enterprise Security},
author = {Rory Ward and Betsy Beyer},
year = {2014},
journal = {;login:},
pages = {6--11},
volume = {Vol. 39, No. 6}
}
@techreport{actzero,
title={Zero Trust Cybersecurity Current Trends},
author={American Council for Technology},
year={2018},
institution={American Council for Technology-Industry Advisory Council (ACT-IAC)},
}
@article{wolfertsecurity,
title={Security Risks of Social Robots Used to Persuade and Manipulate: A Proof of Concept Study},
author={Wolfert, Pieter and Deschuyteneer, Jorre and Oetringer, Djamari and Robinson, Nicole and Belpaeme, Tony}
}
@unpublished{rasscs4r,
title= {Access Control Models, with Applications to Robotics},
author = {Stefan Rass},
year = {2020},
note= {European Robotics Forum 2020, Cybersecurity for Robotics Workshop, part II},
URL= {https://aliasrobotics.com/cs4r_2.php},
}
@techreport{grimes2007vision,
title={Information Grid Architectural Vision. Vision for a Net-Centric, Service Oriented DoD Enterprise},
author={Grimes, John G},
year={2007},
institution={DEPARTMENT OF DEFENSE WASHINGTON DC CHIEF INFORMATION OFFICER}
}
@techreport{grimes2007strategy,
title={Net-Centric Services Strategy. Strategy for a Net-Centric, Service Oriented DoD Enterprise},
author={Grimes, John G},
year={2007},
institution={DEPARTMENT OF DEFENSE WASHINGTON DC CHIEF INFORMATION OFFICER}
}
@misc{standard2005extensible,
title={extensible access control markup language (xacml) version 3.0},
author={Standard, OASIS},
journal={2011-09-24]. http://docs. oasis-open. org/xacml/2.0/access\_control-xacml-2.0-core-spec-os. pdf},
year={2005}
}
@article{lacava2020current,
title={Current Research Issues on Cyber security in Robotics},
author={Lacava, G and Marotta, A and Martinelli, F and Saracino, A and La Marra, A and Gil-Uriarte, E and Vilches, V Mayoral},
year={2020}
}
@techreport{canonicalros2020,
title={Securing ROS robotics platforms},
author={Canonical},
year={2020},
institution={Canonical}
}
@misc{rosmetrics,
title={ROS Community Metrics},
author={ROS community},
URL= {http://wiki.ros.org/Metrics},
year={2020}
}
@article{cousins2010ros,
title={Ros on the pr2 [ros topics]},
author={Cousins, Steve},
journal={IEEE Robotics \& Automation Magazine},
volume={17},
number={3},
pages={23--25},
year={2010},
publisher={IEEE}
}
@article{lera2016ciberseguridad,
title={Ciberseguridad en robots aut{\'o}nomos: An{\'a}lisis y evaluaci{\'o}n multiplataforma del bastionado ROS},
author={Lera, Francisco Javier Rodr{\i}guez and Matell{\'a}n, Vicente and Balsa, Jes{\'u}s and Casado, Fernando},
journal={Actas Jornadas Sarteco},
pages={571--578},
year={2016}
}
@incollection{dieber2020penetration,
title={Penetration testing {ROS}},
author={Dieber, Bernhard and White, Ruffin and Taurer, Sebastian and Breiling, Benjamin and Caiazza, Gianluca and Christensen, Henrik and Cortesi, Agostino},
booktitle={Robot Operating System (ROS)},
pages={183--225},
year={2020},
publisher={Springer}
}
@article{olssoniot,
title={IoT Offensive Security Penetration Testing},
author={Olsson, Theodor and Forsberg, Albin Larsson}
}
@inproceedings{rivera2019rosploit,
title={ROSploit: Cybersecurity tool for {ROS}},
author={Rivera, Sean and Lagraa, Sofiane and State, Radu},
booktitle={2019 Third IEEE International Conference on Robotic Computing (IRC)},
pages={415--416},
year={2019},
organization={IEEE}
}
@article{wilhoit2013scada,
title={The SCADA that didn’t cry wolf},
author={Wilhoit, Kyle},
journal={Trend Micro Inc., White Paper},
year={2013}
}
@article{stouffer2011guide,
title={Guide to industrial control systems (ICS) security},
author={Stouffer, Keith and Falco, Joe and Scarfone, Karen},
journal={NIST special publication},
volume={800},
number={82},
pages={16--16},
year={2011}
}
@misc{homelandicssec,