Cybersecurity in robotics often boils down to: Should we be worried about autonomous cars being hacked? The answer to that is simple: Hell, yes! And it is not just autonomous cars that we should be worried about; remember the Iranian SCADA-controlled robotic centrifuges that were enriching uranium and then, thanks to the stuxnet worm, suddenly spun themselves to pieces?
Robots present many vectors for attack and objectives for the attack. The sensors can be hacked, either to see what the robot is seeing, to substitute different readings (like the bus camera video loop in Speed), or to distort or poison the sensor readings (which should then cause the robot to behave badly). GPS spoofing is a famous example. Another objective is to directly take control of the robot by taking over either the onboard control software or the software on the operator control unit. Signal jamming is another objective— cause the robot to do bad things or have to fail to a safe state (like a drone would return home) because it has lost communications (if it the software is distributed onboard and offboard).
This week we will focus on cybersecurity in robotics sci-fi. Here are five reads that have a pleasant bend of truth and, hopefully, fiction.
The Robots of Gotham, by Todd McAulty, is a mini-tutorial on tactical counter-autonomy as the protagonist has to evade drones, ground robots, and computer vision/machine learning algorithms from Venezuela while the US continues to lose ground trying to defend what’s left of the country with manned exoskeletons. The US had become technological obsolete because it had outlawed AI, while Venezuela took advantage of AI development being software, so it was relatively cheap and easy to enter the market (versus something requiring expensive precision manufacturing like stealth fighters). The author is a CV/ML professional and there are several interesting ideas on countering autonomy.
The protagonist’s tactical options to countering the bad robots are:
hack the labels of the output of CV/ML systems so that when it recognizes the protagonist, it applies the wrong label which it has upload in a software update
work in the time period before the larger AI system can learn to recognize the protagonist, can search its archives of surveillance cams, and can update the onboard systems of drones
Note that The Robots of Gotham correctly discusses how disguises may partially work- IF you understand the features learned for that person in the neural network. Then you can concentrate on disguising those features and thus reduce the confidence in recognition, so that a person may fall below the threshold for recognition and require additional evidence (such as observing the person perform a suspicious activity) before identification. Informed disguises can force the system to widen its search parameters, since it cannot get a high enough confidence label, and slow a search down, which can buy time. See the RTSF review here.
Robopocalypse by Daniel H. Wilson is a Studs Terkel version of the robot uprising and is one of my favorites. While a robot uprising is unlikely, the ways in which the evil Skynet-like computer starts taking over the world, especially what it can do once it hacks autonomous cars, is not. A good introduction to robotics in general. Also Wilson’s tongue-in-cheek How to Survive A Robot Uprising, written as he was finishing his PhD in robotics at CMU, is technically accurate and still applicable.
The award-winning Murderbot Diaries novella series by Martha Wells isn’t particularly realistic in terms of robotics and artificial intelligence, but it may be far too realistic with regards to the impact of poor software engineering and sloppy software updating on robotics. And it has the added bonus of being ROTL to read- think David Spade as a cynical security guard robot reluctantly protecting clueless scientists working for a dishonest mega-corporation like the one in the Aliens franchise. Start with All Systems Red, the first in the series, and then keep on with the others, especially the next in the series, Artificial Condition, with the robot transport ship ART. Notice how Murderbot exploits, or defends against, classic software vulnerabilities such insecure or buggy software updates and video spoofing. See or listen to the review here.
Almost Human, a one-season buddy robot-human cop TV series now streaming on Amazon, had some interesting ideas on counter-autonomy, especially spoofing sensors. One idea is that Bad Guys have a glitter-like spray for their faces that produces in surveillance and drone videos a bright glow with no features. Given that the entertainment industry is actively working on stopping illegal recordings of movies during theatrical runs and can currently interfere with CCD cameras, this seems a natural evolution. Another episode deals with cybersecurity and the Internet of Things. See or listen to the Robotics Through Science Fiction review here.
The cult classic Ubik, by Philip K. Dick, is a mishmash of ideas, with smart houses and Internet of Things. In PDK’s novel, houses, appliances, and even doors have become monetized and thwart the financially challenged protagonist. It is a great example of all the subtle things that can be automated, think Stuxnet, and thus hacked. See the RTSF review here and the Science Robots article on Smart Houses and Domotics.