Today, visual sensor networks (VSNs) are pervasively used in smart environments such as intelligent homes, industrial automation or surveillance. A major concern in the use of sensor networks in general is their reliability in the presence of security threats and cyberattacks. Compared to traditional networks, sensor networks typically face numerous additional vulnerabilities due to the dynamic and distributed network topology, the resource constrained nodes, the potentially large network scale and the lack of global network knowledge. These vulnerabilities allow attackers to launch more severe and complicated attacks. Since the state-of-the-art is lacking studies on vulnerabilities in VSNs, a thorough investigation of attacks that can be launched against VSNs is required. This paper presents a general threat model for the attack surfaces of visual sensor network applications and their components. The outlined threats are classified by the STRIDE taxonomy and their weaknesses are classified using CWE, a common taxonomy for security weaknesses.

This paper discusses the need for a specialized vulnerability enumeration for robots and robot components and introduces the Robot Vulnerability Database (RVD)

In this paper, we describe a case study where we remotely disabled the safety subsystem of a MiR100 industrial mobile robot

ROS is the most popular framework in robotics research and it also grows in terms of industrial use. This makes ROS a worthwhile target for attackers especially since security is not addressed by the core framework itself. Its open architecture and flexibility are also the reasons why ROS suffers from security issues. For example, in ROS it is possible to isolate single nodes from the rest of the application without the ROS master, the other nodes or even the node itself (i.e., its business code) noticing it. This is true for publishers, subscribers and services alike. This makes attacks very difficult to spot at runtime. Penetration testing is the most common security testing practice. The goal is to test an application for possible security flaws. To better facilitate penetration testing for ROS, we introduce ROSPenTo and Roschaos, tools that make use of the vulnerabilities of ROS and demonstrate how ROS applications can be sabotaged by an attacker. In this tutorial you will learn about the ROS XML-RPC API, which is our main attack point. You will see, how API attacks on ROS work in depth. You will get to know Roschaos and ROSPentTo, two tools, which can be used to manipulate running ROS applications.

Today, camera networks are pervasively used in smart environments such as intelligent homes, industrial automa tion or surveillance. These applications often require cameras to be aware of their spatial neighbors or even to operate on a common ground plane. A major concern in the use of sensor networks in general is their robustness and reliability even in the presence of attackers. This paper addresses the challenge of detecting malicious nodes during the calibration phase of camera networks. Such a resilient calibration enables robust and reliable localization results and the elimination of attackers right after the network deployment. Specifically, we consider the problem of identifying subverted nodes which manipulate calibration data and can not be detected through standard cryptographic methods. The experiments in our network show that our self-calibration algorithm enables location-unknown cameras to successfully detect malicious nodes while autonomously calibrating the network.