Credential Masquerading and OpenSSL Spy: Exploring ROS 2 using DDS security

The trend toward autonomous robot deployments is on an upward growth curve. These robots are undertaking new tasks and are being integrated into society. Examples of this trend are autonomous vehicles, humanoids, and eldercare. The movement from factory floors to streets and homes has also increased the number of vulnerabilities that adversaries can utilize. To improve security, Robot Operating System (ROS) 2 has standardized on using Data Distributed Services (DDS) as the messaging layer, which supports a security standard for protecting messages between parties with access control enforcement. DDS security is dependent on the OpenSSL and a security configuration file that specifies sensitive data location. DSS Security assumes that the underlining Operating System (OS) is secure and that the dependencies are consistent, but ongoing integrity checks are not performed. This paper looks at two vulnerabilities that we exploit using an OpenSSL spy process and a security property file manipulation. An overview of each exploit is provided with an evaluation of mitigation technologies that may be employed in client computers, servers, and other areas. Since, ROS 2 and DDS run in user space, these processes are prone to vulnerabilities. We provide recommendations about mitigation technology, as currently autonomous platforms are being deployed without safe-guards for on or off-line threats. The Trust Platform Module (TPM) is new to robotic systems, but the standard usage model does not provide risk mitigation above the OS layer for the types of attacks we discuss.