Open AccessPosted Content
DevSecOps in Robotics.
TL;DR: DevSecOps in Robotics is introduced, a set of best practices designed to help roboticists implant security deep in the heart of their development and operations processes.
read more
Abstract: Quality in software is often understood as "execution according to design purpose" whereas security means that "software will not put data or computing systems at risk of unauthorized access." There seems to be a connection between these two aspects but, how do we integrate both of them in the robotics development cycle? In this article we introduce DevSecOps in Robotics, a set of best practices designed to help roboticists implant security deep in the heart of their development and operations processes. First, we briefly describe DevOps, introduce the value added with DevSecOps and describe and illustrate how these practices may be implemented in the robotics field. We finalize with a discussion on the relationship between security, quality and safety, open problems and future research questions.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Figures
Citations
•Posted Content
Automated Vulnerability Detection in Source Code Using Deep Representation Learning
R. Russell,Louis Kim,Lei Hamilton,Tomo Lazovich,Jacob Harer,Onur Ozdemir,Paul M. Ellingwood,Marc W. McConley +7 more
TL;DR: We developed a fast and scalable vulnerability detection tool based on deep feature representation learning that directly interprets lexed source code.
327
•Posted Content
Can ROS be used securely in industry? Red teaming ROS-Industrial.
TL;DR: Results do not favour the secure use of ROS in industry today, however, it is confirmed that the security of certain robotic endpoints hold and the authors remain optimistic about securing ROS industrial deployments.
11
•Posted Content
Adaptive Computing in Robotics, Leveraging ROS 2 to Enable Software-Defined Hardware for FPGAs.
TL;DR: In this article, the authors adopt a ROS 2 roboticist-centric view for adaptive computing and propose an architecture to include FPGAs as a first-class participant of the ROS 2 ecosystem.
7
•Posted Content
Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice
TL;DR: In this paper, the authors advocate quantitative methods of security management and design, covering vulnerability scoring systems tailored to robotic systems, and accounting for the highly distributed nature of robots as an interplay of potentially very many components.
7
•Posted Content
alurity, a toolbox for robot cybersecurity.
Victor Mayoral Vilches,Irati Abad-Fernández,Martin Pinzger,Stefan Rass,Bernhard Dieber,Alcino Cunha,Francisco Javier Rodríguez Lera,Giovanni Lacava,Angelica Marotta,Fabio Martinelli,Endika Gil-Uriarte +10 more
TL;DR: This work tackles the current lack of offensive cybersecurity research in robotics by presenting a toolbox and the results obtained with it through several use cases conducted over a year period, and proposes a modular and composable toolbox for robot cybersecurity: alurity.
References
Common Vulnerability Scoring System
Peter Mell,Karen A. Scarfone,Sasha Romanosky +2 more
- 01 Nov 2006
TL;DR: The Common Vulnerability Scoring System is a public initiative designed to address this issue by presenting a framework for assessing and quantifying the impact of software vulnerabilities.
Automated Vulnerability Detection in Source Code Using Deep Representation Learning
R. Russell,Louis Kim,Lei Hamilton,Tomo Lazovich,Jacob Harer,Onur Ozdemir,Paul M. Ellingwood,Marc W. McConley +7 more
- 11 Jul 2018
TL;DR: In this article, a deep feature representation learning based approach was proposed to detect vulnerabilities in C and C++ open-source code using machine learning techniques, and they evaluated their approach on code from real software packages and the NIST SATE IV benchmark dataset.
460
•Posted Content
Automated Vulnerability Detection in Source Code Using Deep Representation Learning
R. Russell,Louis Kim,Lei Hamilton,Tomo Lazovich,Jacob Harer,Onur Ozdemir,Paul M. Ellingwood,Marc W. McConley +7 more
TL;DR: We developed a fast and scalable vulnerability detection tool based on deep feature representation learning that directly interprets lexed source code.
327
DeepBugs: a learning approach to name-based bug detection
Michael Pradel,Koushik Sen +1 more
- 24 Oct 2018
TL;DR: DeepBugs is presented, a learning approach to name-based bug detection, which reasons about names based on a semantic representation and which automatically learns bug detectors instead of manually writing them.
325
•Book
Secure coding in C and C
Robert C. Seacord
- 09 Sep 2005
TL;DR: Although the flexibility and performance of C and C++ aren't in question, security has increasingly become an issue as mentioned in this paper, and the community has taken steps to improve security at all levels, including improved standards, compiler implementations, and static and runtime analysis tools.
143