A research team in the US has called for the development of safety measures to protect teleoperated robots – such as surgical robotic systems – from the threat of cyber attacks.
Teleoperated robots are becoming increasingly widely used – particularly by the medical profession – thanks both to their high levels of precision and ability to access dangerous or hard to reach areas.
However, according to engineers from the University of Washington such systems are potentially susceptible to malicious hijacking that could undermine confidence in the technology and potentially put lives at risk.
To put its fears to the test the group hacked into Raven II, a teleoperated robotic system produced by UW spin-out Seattle-based Applied Dexterity Inc and disrupted it with a series of relatively common cyberattacks.
By mounting “man in the middle” attacks, which alter the commands flowing between the operator and robot, the team was able to maliciously disrupt a wide range of the robot’s functions – making it hard to grasp objects with the robot’s arms – and even to completely override command inputs. During denial-of-service attacks, in which the attacking machine flooded the system with useless data, the robots became jerky and harder to use.
In situations where precise movements can mean the difference between life and death – such as surgery or a search and rescue extrication – such attacks could have serious consequences.
Whilst existing surgical robots don’t typically rely on public networks, the researchers believe that, as their use expands to applications in, for instance, disaster areas, they will occasionally have no choice but to use unprotected communication channels.
“In an ideal world, you’d always have a private network and everything could be controlled, said Howard Chizeck, UW professor of electrical engineering and co-director of the UW BioRobotics Lab. ‘But that’s not always going to be the case. We need to design for and test additional security measures now, before the next generation of telerobots are deployed.”
Potential solutions to this problem include new approaches to data encryption, and the concept of “operator signatures,” which track the forces and torques that a particular operator applies to the console instruments, and are able to use this information to validate the user’s identity. “Just as everyone signs something a little bit differently and you can identify people from the way they write different letters, different surgeons move the robotic system differently,” Chizeck said. “This would allow us to detect and raise the alarm if all of a sudden someone who doesn’t seem to be operator A is maliciously controlling or interfering with the procedure.”