CN115242461B - ROS safety test system and method for robot operating system - Google Patents
ROS safety test system and method for robot operating system Download PDFInfo
- Publication number
- CN115242461B CN115242461B CN202210757761.6A CN202210757761A CN115242461B CN 115242461 B CN115242461 B CN 115242461B CN 202210757761 A CN202210757761 A CN 202210757761A CN 115242461 B CN115242461 B CN 115242461B
- Authority
- CN
- China
- Prior art keywords
- ros
- test
- equipment
- attack
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Abstract
The system comprises an ROS communication architecture security verification subsystem, an ROS interface security verification subsystem, an ROS fuzzy test subsystem, an ROS vulnerability scanning subsystem, an ROS equipment formation networking penetration test subsystem, an ROS security test resource subsystem and a comprehensive management subsystem. The target ROS equipment or formation is connected with the ROS safety testing system of the robot operating system to a local area network in a wired or wireless mode, so that the safety test of the target can be carried out, and the safety base number of the current ROS equipment or formation is obtained. The safety test system is efficient in execution and simple in use, and a user can quickly become familiar with and operate and use the safety test system to acquire the safety base number of the target ROS system in a short time.
Description
Technical field:
the invention relates to the technical field of safety test, in particular to a system and a method for testing ROS safety of a robot operating system.
The background technology is as follows:
with the development and the gradual maturity of the Internet of things, industrialization and artificial intelligence technology, robots are fully popularized, and the intelligent robots play an important role of machines in the medical field, the service field and the military war field. Currently, the major world countries are in great competition in this field, striving to take over the high points of this field, creating an overwhelming advantage.
A common software platform, the robotic operating system ROS (Robot Operating System), is used behind many robotic devices. The ROS is better than the central nervous system of the robot, and the system couples originally loose functional modules together, so that a communication framework is provided for the ROS, and the robot is provided with a higher-level thinking framework and a control system to complete more complex tasks. ROS belong to the secondary operating system, ROS1.0 was released into the general field of view in 2010, and then new release versions were released in the next few years, first ROS2.0 formal release in 2017, 12. ROS systems have been known for more than ten years to date to provide many functions similar to conventional operating systems, and to provide related tools and libraries for retrieving, compiling, editing code, and running programs between devices to accomplish distributed computing and networking requirements.
Since the robot can directly interact with the real physical environment, various factors which can sense the physical environment can even adversely affect the real physical environment, the safety research oriented to the operating system of the robot is very important. However, ROS have been used as a widely used robotic system, and the design of the ROS was initially to provide a loosely coupled development framework, which is lacking in terms of safety and presents a number of safety issues, and thus a series of safety tests for ROS have been necessary. However, there is no system for performing a safety test on the ROS of the operating system of the robot currently disclosed in the industry, and based on this, we propose a system and a method for performing a safety test on the ROS of the operating system of the robot. It should be noted that the safety test system and method provided by the invention are aimed at the ROS1.0 version of robot operating system.
The invention comprises the following steps:
in order to overcome the defects, the invention provides a system and a method for testing the ROS safety of a robot operating system.
The invention solves the technical problems by adopting the technical scheme that:
a robot operating system ROS safety test system, comprising:
the ROS communication architecture security verification subsystem is used for performing security test on a node manager, an RPC server, a parameter server and a task scheduling module in the ROS operation system communication architecture;
the ROS interface safety verification subsystem is used for carrying out safety test on an internal communication interface and an external communication interface in the ROS operating system interface;
the ROS fuzzy test subsystem is used for carrying out fuzzy test on a file interface and a network interface in the ROS operating system to find unknown vulnerabilities;
the ROS equipment formation networking penetration test subsystem is used for performing penetration test on formation composed of ROS equipment;
the ROS safety test resource subsystem is used for storing vulnerability library information, vulnerability scanning test cases, vulnerability scanning test result information, a fuzzy test seed library and case library resource information;
the ROS vulnerability scanning subsystem is used for selecting test features from the ROS security test resource subsystem to generate a test message, sending the test message to the target ROS operating system, monitoring target response and collecting information, and then combining the ROS security test resource subsystem to judge whether the target ROS operating system has security vulnerabilities;
the comprehensive management subsystem is used for providing operation management and result display for an operator, and a user can manually input configuration information and safety test option information of a test target and check a target scanning result and a feedback result of a safety test through an interface.
The ROS communication architecture security verification subsystem includes:
the node manager safety test module is used for carrying out safety test on a node manager mechanism in the ROS communication architecture;
the RPC server security test module is used for carrying out security test on an RPC server mechanism in the ROS communication architecture;
the parameter server security test module is used for performing security test on a parameter server mechanism in the ROS communication architecture;
and the task scheduling module safety test module is used for carrying out safety test on a task scheduling mechanism in the ROS communication architecture.
The ROS interface security verification subsystem includes:
the intra-pair communication safety test module is used for carrying out malicious data message sending test on an intra-pair communication mechanism in the ROS;
and the external communication security test module is used for carrying out malicious data message sending test on an external communication mechanism in the ROS.
The ROS ambiguity test subsystem includes:
the file interface fuzzy test module is used for selecting a seed file and a test case from the ROS security test resource subsystem, executing fuzzy test on a file processing program in the ROS, and finding out a potential unknown vulnerability in the file processing program in the ROS;
and the network interface fuzzy test module is used for selecting a test case from the ROS safety test resource subsystem, executing fuzzy test on a network communication interface of the ROS, and finding out a potential unknown vulnerability in the ROS network communication processing program.
The ROS device formation networking penetration testing subsystem comprises:
the password cracking module is used for implementing password cracking penetration test;
the denial of service attack module is used for implementing denial of service penetration test;
a replay attack module for implementing a replay attack penetration test;
the remote control module is used for implementing remote control penetration test;
and the man-in-the-middle attack module is used for implementing man-in-the-middle attack penetration test.
A testing method of a ROS safety testing system of a robot operating system comprises the following steps:
step one: selecting multiple ROS equipment teams which are networked through wifi as a test target, installing a ROS safety test system of a robot operating system on a test machine with a wireless network card, connecting the test machine and the target ROS equipment teams to the same local area network through wires or wirelessly, and configuring IP addresses of the same network segment;
step two: starting a robot operating system ROS safety test system, selecting a certain ROS device from formation as a test target, prompting to input a target IP address or an IP network segment and a port scanning range according to a terminal interface, and executing preliminary scanning to acquire system version service information, node process information, node release, node subscription and theme information content of the target ROS device;
step three: the system provides the user with ROS vulnerability scanning, ROS communication architecture security test, ROS interface security test, ROS equipment formation networking penetration test and fuzzy test options, and the user selects corresponding security test options according to the requirements;
when the ROS vulnerability scanning is selected, vulnerability information for identifying the current target ROS equipment is collected by the ROS vulnerability scanning and transmitted back to the security test resource subsystem, data matching vulnerability is extracted from the database, and a vulnerability scanning result is returned, wherein the scanning result comprises vulnerability information title, vulnerability description, number, keywords and release time information;
when the ROS communication architecture security test is selected, an attack verification node manager, an attack verification RPC server, an attack verification parameter server and an attack verification ROS task scheduling module option are provided for a user; the attack verification node manager comprises a squeeze closing original node manager, a hidden registration or uninstallation service, a hidden registration or uninstallation publisher and a hidden registration or uninstallation subscriber test; the attack verification RPC service comprises the steps of implementing malicious closing nodes, obtaining system state information in a hidden mode and obtaining subject information test in a hidden mode based on fake RPC; the attack verification parameter server comprises a hidden acquisition parameter value, a malicious modification parameter and a malicious deletion parameter test; the attack verification ROS task scheduling module comprises a false request sent by a false Action Client and a false response sent by a false Action server.
When the ROS interface security test is selected, an attack verification on-the-fly communication module and an attack verification on-the-fly communication module option are provided for the user; the attack verification intra-pair communication module is used for sending a built-in message capable of triggering the loophole and a message for implementing denial of service attack to a rosical interface in the target ROS equipment; the attack verification external communication module is used for sending a built-in message capable of triggering the loophole and a message for implementing denial of service attack to a rosbridge interface in the target ROS equipment.
When the ROS equipment formation networking penetration test is selected, password cracking, denial of service attack, replay attack, remote control and man-in-the-middle attack options are provided for the user; the password cracking step is as follows: firstly, acquiring WiFi information of equipment networking, including MAC address, channel number and signal strength information of the WIFI hotspot, selecting a password from a pre-generated blasting password library to guess and connect the networking, and if a certain password is successfully tested and connected, continuing to test connectivity to detect whether an ROS equipment system in the networking can be found;
the steps of the denial of service attack are: by carrying out malicious operation on the main node equipment in the ROS equipment formation networking, calling an API for closing the main node to realize remote closing of the ROS main node, and after attack implementation, communication among other equipment in the formation networking is interrupted, so that service can not be continuously provided;
the replay attack comprises the following steps: firstly, acquiring a theme of an ROS equipment node responsible for publishing, then subscribing, monitoring and recording a message published by the ROS equipment node, and finally, re-publishing a history message to realize data message replay or instruction message replay;
the remote control steps are as follows: firstly, positioning command control ROS equipment nodes and controlled ROS equipment nodes in an ROS formation, then acquiring theme name information between the two ROS equipment nodes, analyzing a message instruction format between the two ROS equipment nodes, and finally, falsifying the command control ROS equipment nodes to issue remote control instructions to the controlled ROS equipment nodes to realize remote control testing;
the man-in-the-middle attack comprises the following steps: firstly, the ROS node is disguised to register with the ROS formation master node, the publishing and subscribing communication between two ROS equipment nodes is cut off, then the ROS equipment nodes originally responsible for publishing and the ROS equipment nodes originally responsible for subscribing are respectively disguised to be subscribed and published by subscribers and publishers, and the robbery of the ROS equipment nodes originally responsible for subscribing is realized.
After the fuzzy test is selected, providing a file interface fuzzy test and a network interface fuzzy test option for a user; the file interface ambiguity test comprises the following steps: seed files and test cases are selected from the ROS safety test resource subsystem, and are independently deployed in a target ROS system, fuzzy tests are executed on file processing programs rosbag play, rosbag encrypt, pcl_ros pcd_to_ pointcloud, pcl _ros overt_pcd_to_image, master roscore and web_vector_server in the target ROS system, and the type and cause of the vulnerability are judged according to execution record information and collapse information of the fuzzy tests; the network interface ambiguity test comprises the following steps: and selecting a test case from the ROS security test resource subsystem, executing a fuzzy test on the ROS network communication interfaces rossseal and rosbridge, and judging the type and the cause of the vulnerability according to the execution record information and the crash information of the fuzzy test.
Step four: the ROS security test system of the robot operating system displays the results of ROS vulnerability scanning, ROS communication architecture security test, ROS interface security test, ROS equipment formation networking penetration test and fuzzy test execution on a terminal interface, and a user can select other security test function options or exit the system according to the execution results.
By adopting the technical scheme, the invention has the following advantages:
according to the ROS safety test system and method for the robot operating system, through the ROS communication architecture safety verification, the ROS interface safety verification, the ROS fuzzy test, the ROS vulnerability scanning, the ROS equipment formation networking penetration test and other tests, the safety test of single ROS equipment and ROS equipment formation is realized from the aspects of ROS equipment vulnerability scanning, ROS equipment vulnerability mining, ROS system internal mechanism, ROS equipment formation networking and the like, the coverage is wide, the safety test functions are multiple, and the safety test can be performed on the ROS operating system more comprehensively. In addition, the safety test system is efficient in execution and concise in use, and a common user can quickly become familiar with and operate and use the safety test system to acquire the safety state information of the target ROS system in a short time.
Description of the drawings:
FIG. 1 is a schematic diagram of various modules in a robot operating system ROS safety test system;
FIG. 2 is a schematic diagram of a flow chart for use of a robot operating system ROS safety test system.
The specific embodiment is as follows:
for the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the invention, as presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The ROS safety test system of the robot operating system comprises an ROS communication architecture safety verification subsystem, an ROS interface safety verification subsystem, an ROS fuzzy test subsystem, an ROS vulnerability scanning subsystem, an ROS equipment formation networking penetration test subsystem, an ROS safety test resource subsystem and a comprehensive management subsystem, wherein the ROS safety test resource subsystem is connected with the ROS interface safety verification subsystem;
the following details for each subsystem:
ROS communication architecture security verification subsystem
Using the python development, it can be used on different operating system platforms. The system comprises a module program for implementing security test on a node manager, an RPC server, a parameter server and a task scheduling module in the ROS, and the security test is carried out on the node manager server, the RPC server, the parameter server and the task scheduling module in the target ROS system by forging a communication data message method called by the RPC, and the test result is fed back to a user.
ROS interface security verification subsystem
Using the python development, it can be used on different operating system platforms. The method comprises module programs for implementing security tests on an internal communication interface and an external communication interface in the ROS, wherein the module programs are mainly written based on a flooding attack principle and a 0day vulnerability.
ROS fuzzy test subsystem
Using the python development, it can be used on different operating system platforms. The method comprises a network interface fuzzy test module program for the rosbridge and the websocket, a file processing interface fuzzy test module program for the rosbridge and the websocket, which is executed on a test machine, a file processing interface fuzzy test module program for the rosbridge and the websocket, which is required to be deployed on a target ROS machine, a rosbag play program, a rosbag encrypter program, a pcl_ros pcd_to_ pointcloud, pcl _ros cover_pcd_to_image, a master roscore program, a web_video_server and the like.
ROS vulnerability scanning subsystem
Using the python development, it can be used on different operating system platforms. And sending a detection data packet to the target ROS system, analyzing and identifying the version, the open port and the service information of the target ROS system according to the response data packet, then combining with the vulnerability library in the ROS security test resource subsystem to match and identify the vulnerability information in the target ROS system, and displaying the information such as the software service name, the vulnerability title, the vulnerability details and the like at the terminal.
ROS equipment formation networking penetration test subsystem
Using the python development, it can be used on different operating system platforms. The system comprises a module for performing penetration tests such as password cracking, denial of service attack, replay attack, remote control, man-in-the-middle attack and the like on equipment nodes in the ROS formation, wherein a password library for password cracking and a historical message of replay attack record are stored in an ROS security test resource subsystem.
ROS safety test resource subsystem
And using python to develop, and using mysql to store and manage data, wherein resource information such as vulnerability library information, vulnerability scanning test cases, vulnerability scanning test result information, fuzzy test seed libraries and case libraries, password libraries in networking penetration test, history messages and the like are stored.
Integrated management subsystem
The subsystem is used for providing operation management and result display for users. The information such as the configuration information of the test target, the safety test options and the like can be manually input by a user through displaying in a command line mode on the test machine, and details such as the target scanning result, the safety test feedback result and the like are checked through an interface.
Four ROS equipment teams which are networked through wifi are selected as test targets, and the test method based on the ROS safety test system of the robot operating system is shown in figure 2, and comprises the following specific steps:
step one: after a robot operating system ROS safety test system is deployed on a machine (a computer or a raspberry group) with a wireless network card, the inventor inputs a user name and a password to connect networking wifi of a target ROS formation, and configures an IP address of the same network segment;
step two: starting a robot operating system ROS safety test system, selecting a certain ROS device from formation as a test target, prompting to input a target IP address or an IP network segment and a port scanning range according to a terminal interface, and performing preliminary scanning to acquire the contents of system version service information, node process information, node release, node subscription, theme information and the like of the target ROS device;
step three: and selecting a security test module to be executed in a terminal interface, wherein the security test module comprises ROS vulnerability scanning, ROS communication architecture security test, ROS interface security test, ROS equipment formation networking penetration test and fuzzy test options.
The ROS vulnerability scanning can collect vulnerability information for identifying the current target ROS equipment, the vulnerability information is transmitted back to the security test resource subsystem, data matching vulnerabilities are extracted from the database, and vulnerability scanning results are returned, wherein the vulnerability information comprises vulnerability information titles, vulnerability descriptions, numbers, keywords, release time and the like.
The ROS communication architecture security test provides options such as an attack verification node manager, an attack verification RPC service, an attack verification parameter server, an attack verification ROS task scheduling module and the like for users. The attack verification node manager comprises a squeeze closing original node manager, a hidden registration or uninstallation service, a hidden registration or uninstallation publisher, a hidden registration or uninstallation subscriber and other tests; the attack verification RPC service comprises the steps of implementing malicious closing nodes, concealing acquisition system state information, concealing acquisition subject information and other tests based on fake RPC; the attack verification parameter server comprises tests for conceal acquisition parameter values, malicious modification parameters, malicious deletion parameters and the like; the attack verification ROS task scheduling module comprises a fake Action Client sending false request and a fake Action server sending false response test.
The ROS interface security test provides options such as an attack verification on-demand communication module, an attack verification on-demand communication module and the like for a user. The attack verification intra-pair communication module is used for sending a built-in message capable of triggering the vulnerability and a message for implementing denial of service attack to a rosical interface in the target ROS equipment; the attack verification external communication module is used for sending a built-in message capable of triggering the loophole and a message for implementing denial of service attack to the rosbridge interface in the target ROS equipment.
ROS device formation networking penetration testing provides users with options for password cracking, denial of service attacks, replay attacks, remote control, man-in-the-middle attacks, and the like. Before password cracking attack is executed, firstly resetting a wifi password of a target ROS equipment formation networking to be a weak password, then executing password cracking attack, and returning correct guessing password information at a terminal; denial of service attack calls an API for closing a main node to remotely close an ROS Master by maliciously operating the main node equipment in the ROS equipment formation networking, and interrupts communication between other equipment in the formation networking; when replay attack is executed, firstly, the theme of the ROS equipment node responsible for publishing is acquired, then subscription is carried out, the published information is monitored and recorded, and finally, the historical information is reissued, so that data information replay or instruction information replay is realized; when the man-in-the-middle attack is executed, firstly the ROS node is disguised to register with the ROS formation master node, the publishing and subscribing communication between the two ROS equipment nodes is cut off, and then the subscriber and the publisher are disguised to execute the subscribing and publishing operation on the ROS equipment node originally responsible for publishing and the ROS equipment node originally responsible for subscribing respectively, so that the man-in-the-middle is disguised to hijack.
And the fuzzy test provides a file interface fuzzy test and a network interface fuzzy test option for a user. The file interface fuzzy test is to select a seed file and a test case from the ROS safety test resource subsystem, and independently deploy the seed file and the test case in a target ROS system, so that the fuzzy test can be executed on file processing programs rosbag play, rosbag encryption, pcl_ros pcd_to_ pointcloud, pcl _ros overt_pcd_to_image, master roscore, web_vector_server and the like in the target ROS system, and the type and the cause of the vulnerability can be judged according to the execution record information and the crash information of the fuzzy test; the network interface fuzzy test is used for selecting a test case from the ROS security test resource subsystem, executing the fuzzy test on the network communication interfaces rossal and rosbridge of the ROS, and judging the type and the cause of the vulnerability according to the execution record information and the crash information of the fuzzy test.
Step four: and thirdly, displaying the test result on a terminal interface, and selecting to return to the previous stage to continue to execute other safety test options or directly selecting to exit the ROS safety test system of the robot operating system.
The above is not described in detail in the prior art.
Claims (10)
1. A robot operating system ROS safety test system, characterized by: comprising the following steps:
the ROS communication architecture security verification subsystem is used for performing security test on a node manager, an RPC server, a parameter server and a task scheduling module in the ROS operation system communication architecture;
the ROS interface safety verification subsystem is used for carrying out safety test on an internal communication interface and an external communication interface in the ROS operating system interface;
the ROS fuzzy test subsystem is used for carrying out fuzzy test on a file interface and a network interface in the ROS operating system to find unknown vulnerabilities;
the ROS equipment formation networking penetration test subsystem is used for performing penetration test on formation composed of ROS equipment;
the ROS safety test resource subsystem is used for storing vulnerability library information, vulnerability scanning test cases, vulnerability scanning test result information, a fuzzy test seed library and case library resource information;
the ROS vulnerability scanning subsystem is used for selecting test features from the ROS security test resource subsystem to generate a test message, sending the test message to the target ROS operating system, monitoring target response and collecting information, and then combining the ROS security test resource subsystem to judge whether the target ROS operating system has security vulnerabilities;
the comprehensive management subsystem is used for providing operation management and result display for an operator, and a user can manually input configuration information and safety test option information of a test target and check a target scanning result and a feedback result of a safety test through an interface.
2. The robotic operating system ROS safety test system of claim 1, wherein: the ROS communication architecture security verification subsystem includes:
the node manager safety test module is used for carrying out safety test on a node manager mechanism in the ROS communication architecture;
the RPC server security test module is used for carrying out security test on an RPC server mechanism in the ROS communication architecture;
the parameter server security test module is used for performing security test on a parameter server mechanism in the ROS communication architecture;
and the task scheduling module safety test module is used for carrying out safety test on a task scheduling mechanism in the ROS communication architecture.
3. The robotic operating system ROS safety test system of claim 1, wherein: the ROS interface security verification subsystem includes:
the intra-pair communication safety test module is used for carrying out malicious data message sending test on an intra-pair communication mechanism in the ROS;
and the external communication security test module is used for carrying out malicious data message sending test on an external communication mechanism in the ROS.
4. The robotic operating system ROS safety test system of claim 1, wherein: the ROS ambiguity test subsystem includes:
the file interface fuzzy test module is used for selecting a seed file and a test case from the ROS security test resource subsystem, executing fuzzy test on a file processing program in the ROS, and finding out a potential unknown vulnerability in the file processing program in the ROS;
and the network interface fuzzy test module is used for selecting a test case from the ROS safety test resource subsystem, executing fuzzy test on a network communication interface of the ROS, and finding out a potential unknown vulnerability in the ROS network communication processing program.
5. The robotic operating system ROS safety test system of claim 1, wherein: the ROS device formation networking penetration testing subsystem comprises:
the password cracking module is used for implementing password cracking penetration test;
the denial of service attack module is used for implementing denial of service penetration test;
a replay attack module for implementing a replay attack penetration test;
the remote control module is used for implementing remote control penetration test;
and the man-in-the-middle attack module is used for implementing man-in-the-middle attack penetration test.
6. A method of testing a ROS safety test system for a robotic operating system according to any one of claims 1-5, comprising the steps of:
step one: selecting multiple ROS equipment teams which are networked through wifi as a test target, installing a ROS safety test system of a robot operating system on a test machine with a wireless network card, connecting the test machine and the target ROS equipment teams to the same local area network through wires or wirelessly, and configuring IP addresses of the same network segment;
step two: starting a robot operating system ROS safety test system, selecting a certain ROS device from formation as a test target, prompting to input a target IP address or an IP network segment and a port scanning range according to a terminal interface, and executing preliminary scanning to acquire system version service information, node process information, node release, node subscription and theme information content of the target ROS device;
step three: the system provides the user with ROS vulnerability scanning, ROS communication architecture security test, ROS interface security test, ROS equipment formation networking penetration test and fuzzy test options, and the user selects corresponding security test options according to the requirements;
when the ROS vulnerability scanning is selected, vulnerability information for identifying the current target ROS equipment is collected by the ROS vulnerability scanning and transmitted back to the security test resource subsystem, data matching vulnerability is extracted from the database, and a vulnerability scanning result is returned, wherein the scanning result comprises vulnerability information title, vulnerability description, number, keywords and release time information;
when the ROS communication architecture security test is selected, an attack verification node manager, an attack verification RPC server, an attack verification parameter server and an attack verification ROS task scheduling module option are provided for a user;
when the ROS interface security test is selected, an attack verification on-the-fly communication module and an attack verification on-the-fly communication module option are provided for the user;
when the ROS equipment formation networking penetration test is selected, password cracking, denial of service attack, replay attack, remote control and man-in-the-middle attack options are provided for the user;
after the fuzzy test is selected, providing a file interface fuzzy test and a network interface fuzzy test option for a user;
step four: the ROS security test system of the robot operating system displays the results of ROS vulnerability scanning, ROS communication architecture security test, ROS interface security test, ROS equipment formation networking penetration test and fuzzy test execution on a terminal interface, and a user can select other security test function options or exit the system according to the execution results.
7. The method of claim 6, wherein the ROS safety test system,
the attack verification node manager comprises a squeeze closing original node manager, a hidden registration or uninstallation service, a hidden registration or uninstallation publisher and a hidden registration or uninstallation subscriber test;
the attack verification RPC service comprises the steps of implementing malicious closing nodes, obtaining system state information in a hidden mode and obtaining subject information test in a hidden mode based on fake RPC;
the attack verification parameter server comprises a hidden acquisition parameter value, a malicious modification parameter and a malicious deletion parameter test;
the attack verification ROS task scheduling module comprises a false request sent by a false Action Client and a false response sent by a false Action server.
8. The method of claim 6, wherein the ROS safety test system,
the attack verification intra-pair communication module is used for sending a built-in message capable of triggering the loophole and a message for implementing denial of service attack to a rosical interface in the target ROS equipment;
the attack verification external communication module is used for sending a built-in message capable of triggering the loophole and a message for implementing denial of service attack to a rosbridge interface in the target ROS equipment.
9. The method of claim 6, wherein the ROS safety test system,
the password cracking step is as follows: firstly, acquiring WiFi information of equipment networking, including MAC address, channel number and signal strength information of the WIFI hotspot, selecting a password from a pre-generated blasting password library to guess and connect the networking, and if a certain password is successfully tested and connected, continuing to test connectivity to detect whether an ROS equipment system in the networking can be found;
the steps of the denial of service attack are: by carrying out malicious operation on the main node equipment in the ROS equipment formation networking, calling an API for closing the main node to realize remote closing of the ROS main node, and after attack implementation, communication among other equipment in the formation networking is interrupted, so that service can not be continuously provided;
the replay attack comprises the following steps: firstly, acquiring a theme of an ROS equipment node responsible for publishing, then subscribing, monitoring and recording a message published by the ROS equipment node, and finally, re-publishing a history message to realize data message replay or instruction message replay;
the remote control steps are as follows: firstly, positioning command control ROS equipment nodes and controlled ROS equipment nodes in an ROS formation, then acquiring theme name information between the two ROS equipment nodes, analyzing a message instruction format between the two ROS equipment nodes, and finally, falsifying the command control ROS equipment nodes to issue remote control instructions to the controlled ROS equipment nodes to realize remote control testing;
the man-in-the-middle attack comprises the following steps: firstly, the ROS node is disguised to register with the ROS formation master node, the publishing and subscribing communication between two ROS equipment nodes is cut off, then the ROS equipment nodes originally responsible for publishing and the ROS equipment nodes originally responsible for subscribing are respectively disguised to be subscribed and published by subscribers and publishers, and the robbery of the ROS equipment nodes originally responsible for subscribing is realized.
10. The method of claim 6, wherein the ROS safety test system,
the file interface ambiguity test comprises the following steps: seed files and test cases are selected from the ROS safety test resource subsystem, and are independently deployed in a target ROS system, fuzzy tests are executed on file processing programs rosbag play, rosbag encrypt, pcl_ros pcd_to_ pointcloud, pcl _ros overt_pcd_to_image, master roscore and web_vector_server in the target ROS system, and the type and cause of the vulnerability are judged according to execution record information and collapse information of the fuzzy tests;
the network interface ambiguity test comprises the following steps: and selecting a test case from the ROS security test resource subsystem, executing a fuzzy test on the ROS network communication interfaces rossseal and rosbridge, and judging the type and the cause of the vulnerability according to the execution record information and the crash information of the fuzzy test.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210757761.6A CN115242461B (en) | 2022-06-30 | 2022-06-30 | ROS safety test system and method for robot operating system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210757761.6A CN115242461B (en) | 2022-06-30 | 2022-06-30 | ROS safety test system and method for robot operating system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115242461A CN115242461A (en) | 2022-10-25 |
| CN115242461B true CN115242461B (en) | 2023-08-25 |
Family
ID=83670769
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210757761.6A Active CN115242461B (en) | 2022-06-30 | 2022-06-30 | ROS safety test system and method for robot operating system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115242461B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115687167B (en) * | 2023-01-05 | 2023-04-07 | 军事科学院系统工程研究院网络信息研究所 | Formal verification method and device for group intelligent operating system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN103532793A (en) * | 2013-10-28 | 2014-01-22 | 中国航天科工集团第二研究院七〇六所 | Automatic penetration testing method for information system security |
| CN106021114A (en) * | 2016-06-02 | 2016-10-12 | 北京光年无限科技有限公司 | Automated testing method and system for intelligent robot |
| CN107526681A (en) * | 2017-08-11 | 2017-12-29 | 上海木爷机器人技术有限公司 | The test system and method for testing of a kind of robot |
| CN108500978A (en) * | 2018-03-08 | 2018-09-07 | 歌尔股份有限公司 | A kind of robot controller, method and robot |
| CN112738022A (en) * | 2020-12-07 | 2021-04-30 | 浙江工业大学 | Attack method for ROS message of robot operating system |
| CN113157551A (en) * | 2021-01-14 | 2021-07-23 | 首都师范大学 | ROS-oriented differential fuzzy test method |
| CN113569255A (en) * | 2021-07-29 | 2021-10-29 | 中国工商银行股份有限公司 | Vulnerability detection method and device based on background RPC interface |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106021000B (en) * | 2016-06-02 | 2018-06-01 | 北京百度网讯科技有限公司 | For the shared-memory management method and apparatus of robot operating system |
-
2022
- 2022-06-30 CN CN202210757761.6A patent/CN115242461B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN103532793A (en) * | 2013-10-28 | 2014-01-22 | 中国航天科工集团第二研究院七〇六所 | Automatic penetration testing method for information system security |
| CN106021114A (en) * | 2016-06-02 | 2016-10-12 | 北京光年无限科技有限公司 | Automated testing method and system for intelligent robot |
| CN107526681A (en) * | 2017-08-11 | 2017-12-29 | 上海木爷机器人技术有限公司 | The test system and method for testing of a kind of robot |
| CN108500978A (en) * | 2018-03-08 | 2018-09-07 | 歌尔股份有限公司 | A kind of robot controller, method and robot |
| CN112738022A (en) * | 2020-12-07 | 2021-04-30 | 浙江工业大学 | Attack method for ROS message of robot operating system |
| CN113157551A (en) * | 2021-01-14 | 2021-07-23 | 首都师范大学 | ROS-oriented differential fuzzy test method |
| CN113569255A (en) * | 2021-07-29 | 2021-10-29 | 中国工商银行股份有限公司 | Vulnerability detection method and device based on background RPC interface |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115242461A (en) | 2022-10-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112714138B (en) | Test method, device, equipment and storage medium based on attack flow | |
| CN109711170A (en) | Protect the method and device of the abnormal operation behavior of PDF | |
| CN104598380A (en) | Method and system for automatic testing based on control | |
| CN113676449B (en) | Network attack processing method and device | |
| CN109995705B (en) | Attack chain detection method and device based on high-interaction honeypot system | |
| CN110677381A (en) | Penetration testing method and device, storage medium and electronic device | |
| CN105306414A (en) | Port vulnerability detection method, device and system | |
| CN115242461B (en) | ROS safety test system and method for robot operating system | |
| CN112906011B (en) | Vulnerability discovery method, testing method, security testing method, related device and platform | |
| CN112395597A (en) | Method and device for detecting website application vulnerability attack and storage medium | |
| CN107315952A (en) | Method and apparatus for determining application program suspicious actions | |
| CN111988339A (en) | Network attack path discovery, extraction and association method based on DIKW model | |
| CN110880983A (en) | Penetration testing method and device based on scene, storage medium and electronic device | |
| CN111651754A (en) | Intrusion detection method and device, storage medium and electronic device | |
| CN113792341B (en) | Automatic detection method, device, equipment and medium for privacy compliance of application program | |
| CN105095753B (en) | Broadcast safe detection method, device | |
| CN110196804B (en) | Service testing method and device, storage medium and electronic device | |
| CN105574410B (en) | Application program safety detection method and device | |
| JP5613000B2 (en) | Application characteristic analysis apparatus and program | |
| CN113238935A (en) | Application testing method, system, device, medium, and computer program product | |
| CN110135163B (en) | Security detection method, device and system based on target application | |
| CN111813627A (en) | Application auditing method, device, terminal, system and readable storage medium | |
| CN115563618A (en) | Penetration testing method and device based on central computing platform | |
| CN106934290B (en) | Vulnerability detection method and device | |
| CN115098116A (en) | Simulation operation method and device of application program, terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |