Hi, my name is Bernhard. I am heading the robot system technologies research group at ROBOTICS - the institute for robotics and mechatronics in Klagenfurt, Austria.
In addition, I am an advisor to ALIAS Robotics S.L. (https://aliasrobotics.com). Together, we are pushing to make future robots secure.
My current research interests include robotics and especially software and security for modern robots. During my PhD I have engaged myself in resource-awareness for visual sensor networks, smart cameras and computer vision.
My overall vision is to enable future robots to be a trustworthy part of our everyday life. To achieve this, I am working on making robots secure on the one hand and on the other hand, I am engaging in ethical issues revolving around robots and future technologies. Further, we are working on the quality (especially testing) of robot sofware.
PhD in Information Technology, 2013
Alpen-Adria Universität Klagenfurt, Austria
DI in Applied Informatics, 2008
Alpen-Adria Universität Klagenfurt, Austria
Today, visual sensor networks (VSNs) are pervasively used in smart environments such as intelligent homes, industrial automation or surveillance. A major concern in the use of sensor networks in general is their reliability in the presence of security threats and cyberattacks. Compared to traditional networks, sensor networks typically face numerous additional vulnerabilities due to the dynamic and distributed network topology, the resource constrained nodes, the potentially large network scale and the lack of global network knowledge. These vulnerabilities allow attackers to launch more severe and complicated attacks. Since the state-of-the-art is lacking studies on vulnerabilities in VSNs, a thorough investigation of attacks that can be launched against VSNs is required. This paper presents a general threat model for the attack surfaces of visual sensor network applications and their components. The outlined threats are classified by the STRIDE taxonomy and their weaknesses are classified using CWE, a common taxonomy for security weaknesses.
This paper discusses the need for a specialized vulnerability enumeration for robots and robot components and introduces the Robot Vulnerability Database (RVD)
In this paper, we describe a case study where we remotely disabled the safety subsystem of a MiR100 industrial mobile robot
ROS is the most popular framework in robotics research and it also grows in terms of industrial use. This makes ROS a worthwhile target for attackers especially since security is not addressed by the core framework itself. Its open architecture and flexibility are also the reasons why ROS suffers from security issues. For example, in ROS it is possible to isolate single nodes from the rest of the application without the ROS master, the other nodes or even the node itself (i.e., its business code) noticing it. This is true for publishers, subscribers and services alike. This makes attacks very difficult to spot at runtime. Penetration testing is the most common security testing practice. The goal is to test an application for possible security flaws. To better facilitate penetration testing for ROS, we introduce ROSPenTo and Roschaos, tools that make use of the vulnerabilities of ROS and demonstrate how ROS applications can be sabotaged by an attacker. In this tutorial you will learn about the ROS XML-RPC API, which is our main attack point. You will see, how API attacks on ROS work in depth. You will get to know Roschaos and ROSPentTo, two tools, which can be used to manipulate running ROS applications.
Today, camera networks are pervasively used in smart environments such as intelligent homes, industrial automa tion or surveillance. These applications often require cameras to be aware of their spatial neighbors or even to operate on a common ground plane. A major concern in the use of sensor networks in general is their robustness and reliability even in the presence of attackers. This paper addresses the challenge of detecting malicious nodes during the calibration phase of camera networks. Such a resilient calibration enables robust and reliable localization results and the elimination of attackers right after the network deployment. Specifically, we consider the problem of identifying subverted nodes which manipulate calibration data and can not be detected through standard cryptographic methods. The experiments in our network show that our self-calibration algorithm enables location-unknown cameras to successfully detect malicious nodes while autonomously calibrating the network.
Research project “Engineering proprioception in Computing Systems (EPICS)”
We are regularily providing software to the community as part of our work.
You can find an overview of our public projects at Github
The ROS Penetration Testing Tool can be used to explore the insecurity of the robot operating system (ROS).
Rosmap is a tool to scan dependencies and extract metrics from ROS repositories at large scale. This tool is described in our paper Can I depend on you? Mapping the dependency and quality landscape of ROS packages.
The ROS message parser is more of an internal project (however, read below). It is used to generate parsers for ROS message files and ROS message definitions from the wire protocol in .net core. The however: it contains a antlr grammar file that can be used to create corresponding parser in many other programm languages. This might be useful for some.
The Ella middleware was part of my work at the Alpen-Adria Universität. It is a publish-subscribe middleware written in native C#.
This is a software framework for evolutionary multi-objective optimization.
The goal of this project is to work on the technical fundamentals to make future robots credible (that is, perceivable trustworthy). We …
This project aims to increase the public awareness and discussion on robotics. We host different events to get in touch with the public …
In CollRob (Collaborative Robotics), we are working on new methods for human-robot collaboration.