Scientists of the St. Petersburg Federal Research Center of the Russian Academy of Sciences (SPC RAS) have developed software to allow developers for selecting components as aimed at building smart devices and robots to ensure the security of strategic facilities. The received results are published in the scientific journal Sensors.
Nowadays, "smart" devices are undoubtedly becoming an integral part of human life. One of their important applications is the protection of the perimeter of closed facilities or strategic infrastructures deployed on large areas.
So, to protect perimeters additionally to people and individual sensors, mobile robots equipped with a great number of sensors are used and transmit information to a single operator console. In this regard, there arise the security threats to individual robots and their charging stations, as well as to the central server that manages the system operation. At that, many security aspects need to be accounted for already at the design stage.
"We have proposed software allowing for automatic offer a specialist who develops mobile robots to protect various objects (e.g., factories, closed institutions) and territories an effective security system with due regard to the tasks solved by the system and the requirements imposed by its security. The number of these parameters can be quite a few. Thanks to our development, all proposals can be easily accessible for the designer," says Andrey Chechulin, a Leading Researcher of the Laboratory of Computer Security Problems at SPC RAS.
At the core of the development, scientists laid the Security by Design approach; at its implementation, the security is accounted for and integrated into the system at each stage of the development lifecycle. For decisions on the design of the perimeter security system, many attack scenarios were considered, that count for features of devices and their components (e.g., bypassing detection sensor mechanisms, intercepting robot control, replacing key components), as well as various ways to disable them (e.g., attacks aimed at depletion of energy resources, interception and modification of messages, denial of service).
To arrange for a proper security level, the software of the PCR RAS researchers integrates security elements as an inseparable part of the whole system and each of its devices. In addition, recommendations are being formed to ensure the security of the system, including the expansion of the security policy and personnel training. This helps the developer to optimize the protection strategy of the system as a whole.
"Our software permits to account for many factors, thus, ensuring the security of smart devices. Forming the proposals for the devices component composition is based on considering complex dependencies between components: their compatibility, mutual requirements, emerging conflicts, resources provided and consumed. Though a system of mobile robots was designed as an experiment, the proposed approach is not limited to the above and can be applied to other physical security systems and to smart devices in general. We assume that the use of the developed solution will help to reduce a number of vulnerabilities and architectural defects in smart devices, thereby significantly reducing their susceptibility to attacks," adds Dmitry Levshun, a system developer, Junior Researcher of the Laboratory of Computer Security Problems at SPC RAS.
The source code of the solution developed by researchers along with the database dump is available online in the GitHub repository: https://github.com/levshun/PhD-mcbpss_design.