Accessibility Statement Skip Navigation
  • Resources
  • Blog
  • Journalists
  • +44 (0)20 7454 5110
  • Client Login
  • Send a Release
Return to PR Newswire homepage
  • News
  • Products
  • Contact
When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All Public Company News
      • All Multimedia News
      • View All News Releases

      • Regulatory News

      • D/A/CH Regulatory News
      • UK Regulatory News
      • View All Regulatory News

  • Business & Money
      • Auto & Transportation

      • Aerospace & Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads & Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking & Road Transportation
      • View All Auto & Transportation

      • Business Technology

      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • View All Business Technology

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film & Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Financial Services & Investing

      • Accounting News & Issues
      • Acquisitions, Mergers & Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalisation
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • View All Financial Services & Investing

      • General Business

      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls & Research
      • Trade Show News
      • View All General Business

  • Science & Tech
      • Consumer Technology

      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • View All Consumer Technology

      • Energy & Natural Resources

      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil & Gas Discoveries
      • Utilities
      • Water Utilities
      • View All Energy & Natural Resources

      • Environ­ment

      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • Aerospace & Defence
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation & Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking & Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • Carriers & Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • Animals & Pets
      • Beers, Wines & Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics & Personal Care
      • Fashion
      • Food & Beverages
      • Furniture & Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewellery
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film & Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Health

      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • View All Health

      • Sports

      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • View All Sports

      • Travel

      • Amusement Parks & Tourist Attractions
      • Gambling & Casinos
      • Hotels & Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • Animal Welfare
      • Corporate Social Responsibility
      • Economic News, Trends & Analysis
      • Education
      • Environmental
      • European Government
      • Labour & Union
      • Natural Disasters
      • Not For Profit
      • Public Safety
      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • View All People & Culture

  • Overview
  • Distribution
  • Paid Placement
  • Multimedia
  • Disclosure Services
  • SocialBoost
  • Rooms
    • MediaRoom
    • ESG Rooms
  • AI Tools
  • General Enquiries
  • Media Enquiries
  • Partnerships
  • Hamburger menu
  • Cision PR Newswire UK provides press release distribution, targeting, monitoring, and marketing services
  • Send a Release
    • Phone

    • +44 (0)20 7454 5110 from 8 AM - 5:30 PM GMT

    • ALL CONTACT INFO
    • Contact Us

      +44 (0)20 7454 5110
      from 8 AM - 5:30 PM GMT

  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • News in Focus
    • Browse News Releases
    • Regulatory News
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
    • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • Overview
  • Distribution
  • Paid Placement
  • Multimedia
  • Disclosure Services
  • Cision Communications Cloud®
  • AI Tools
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists
  • General Enquiries
  • Media Enquiries
  • Partnerships
  • Client Login
  • Send a Release
  • Resources
  • Blog
  • Journalists

Alias Robotics discovers numerous and dangerous vulnerabilities in the Robot Operating System's (ROS) communications that can have "devastating consequences"

This image opens in the lightbox

News provided by

Alias Robotics

30 Mar, 2022, 12:22 GMT

Share this article

Share toX

Share this article

Share toX

  • The robo cyber security firm from Vitoria-Gasteiz (Spain) is once again leading an investigation involving international experts on the importance of security in the Robot Operating System (ROS) and the DDS communications middlware
  • The participants in the study have discovered more than a dozen of  dangerous vulnerabilities present in more than 650 devices online today, very common in the Industrial field, the University, and even in Hospitals and Military Agencies
  • Alias Robotics' research has been cited and published by the United States Cybersecurity Infrastructure and Security Agency, which reflects the importance of the conclusions set forth.
  • To mitigate these vulnerabilities, Alias Robotics has contributed to SROS2, a series of developer tools to detect insecurities in ROS 2 and DDS

VITORIA, Spain, March 30, 2022 /PRNewswire/ -- A team of researchers led by the Spanish firm Alias Robotics - specialized in robotic cybersecurity - together with cybersecurity experts from several multinationals and cybersecurity professionals from various governments, have discovered about fifteen dangerous vulnerabilities, some critical, in the Robot Operating System (ROS) and the DDS communications protocols that affect industrial systems and robots that, if used by cybercriminals, could have "devastating consequences. In turn, they have detected that these vulnerabilities are present in almost 650 different devices exposed on the Internet and used not only in industry, but also in healthcare or in the military field.

Robotics and IT security professionals from the firm Alias Robotics in Spain have collaborated in recent months with security experts from around the world in the detection of security vulnerabilities in the Robot Operating System (ROS) and in the software communications middleware DDS ("Data Distribution Service"), present in many systems (autonomous cars, industrial robotic arms, aerospace systems, military equipment, critical infrastructure, …), as well as in industrial robots.

In particular, the vulnerabilities affect DDS, an 'intermediate software' (called middleware) that is the main communication bus between different robotic devices, that is, the core of ROS 2 (Robot Operating System ), which is used by the majority of robotics engineers for all types of present or future industrial robots, with applications in the business world, in the industrial field, but also in the world of health, as is the case of surgical robots. As per Victor Vilches studies suggests that the use of ROS will grow significantly over the next few years and that by 2024, 55% of commercialized robots will use ROS.

From Alias Robotics -specialized in robot cyber security- it is considered that "DDS is a middleware still largely insecure communications technology , used in areas where security is very important, so investment in cybersecurity is needed immediately". They also consider that the response times of the DDS manufacturers are too long, "which greatly exposes these systems to cyber-attacks," according to Víctor Mayoral-Vilches, a leading robot cybersecurity researcher from Alias Robotics and founder of the startup.

In his opinion, " cybercriminals could today use these vulnerabilities to paralyze robots and critical infrastructures all over the world leveraging DDS". The company from Vitoria warns that it is necessary for robotics and automation companies to invest in cybersecurity and cooperate "with qualified groups in robot cybersecurity".

Summary of results

The results of this research derive from the collaboration of several researchers including Víctor Mayoral-Vilches (Alias Robotics), Federico Maggi, Mars Cheng, Patrick Kuo , Chizuru Toyama, Rainer Vosseler, and Ta-Lun Yen (Trend Micro and TxOne) and Erik Boasson (ADLINK Labs).

Its impact in robotics has been led by Alias Robotics and a good part of these vulnerabilities "have not been patched or mitigated by the manufacturers serving robotics companies today".

The team of researchers has come to detect up to 13 security vulnerabilities (some classified as "critical" by cybersecurity experts), which could affect both workers and users who handle industrial robots that include this DDS software. Based on the security-immaturity of DDS, the appearance of new vulnerabilities affecting DDS in the coming months is not ruled out.

One of the conclusions is that these vulnerabilities are present in almost 650 different devices used in across areas of application around the world. From Alias Robotics they have detected devices affected by these vulnerabilities in organizations such as NASA, but also in global data centers (Huawei Cloud Service), large industrial multinationals (Siemens), as well as hospitals, banks and universities in 34 countries, affecting 100 organizations through 89 Internet Service Providers (ISPs).

Key vulnerability findings

These detected vulnerabilities could lead to the loss of control of the robotic device, its complete loss of security, the denial of services through brute force, the possibility of facilitating access to the device through the exploitation of remote services, problems in the supply chain or the fact that attackers abuse the security protocols themselves to create an efficient command and control channel.

The authors of the study, have found that many of these security vulnerabilities - some even with the source code (proprietary) exposed to the public - have been open "for a long time, even years, so today cybercriminals could use them to paralyze critical infrastructure around the world" , according to Víctor Mayoral-Vilches.

In his opinion, "many still robotic device manufacturers prioritize their business development and continue to ignore cybersecurity." Mayoral-Vilches emphasizes that many of the manufacturers refuse to solve the problems "because if they did they would not comply with the DDS standard/specification". This is a problem of magnitude" - emphasizes the founder of Alias Robotics - "since the revision of the DDS standard may take years to be properly revised".

The report, which has been recently cited and published by the United States Agency for Security and Cybersecurity Infrastructure, was presented during 2021 in various forums including 'Black Hat 2021' from Las Vegas, the world's largest annual cybersecurity forum - but also at the ROS-Industrial Conference 2021 and more recently at a session organized by the European Commission on safety, security and performance. His research will continue to be presented throughout 2022 at new conferences and industry forums.

Tools to identify ROS 2 and DDS vulnerabilities

In order to mitigate the threats found and train robotics engineers in security matters, the Alias Robotics team has led a second research effort that has contributed and released a series of extensions to tools under an open source license that allow detecting these vulnerabilities in ROS 2 and DDS.

The results of this effort have been summarized in the article "SROS2: Usable Cyber Security Tools for ROS 2" which has been sent to the International Conference on Robots and Systems (IROS 2022).

Aliases Robotics was founded in 2018 by Víctor Mayoral-Vilches and has become an international leader in cybersecurity solutions for robots. His team is the creator of the first Immune Robot System (RIS), an intelligent antivirus that protects bots from cybercriminals from the inside out. RIS is incorporated into robots to protect them as it evolves and adapts like the human immune system.

Alias Robotics is made up of renowned robotics engineers, scientists and security researchers with more than 10 years of experience. Its clients include large automation companies, government institutions and users of industrial robots www.aliasrobotics.com

● Communication inquiries:

Víctor Mayoral-Vilches                        

Phone : 616 151561

e-mail:   victor@aliasrobotics.com

Vitoria, Álava, Spain

Logo: https://mma.prnewswire.com/media/1776779/Alias_Robotics_Logo.jpg

Modal title

Contact PR Newswire

  • +44 (0)20 7454 5110
    from 8 AM - 5:30 PM GMT
  • General Enquiries
  • Media Enquiries
  • Partnerships

Products

  • Content Distribution
  • Multimedia Services
  • Disclosure Services
  • Cision Communications Cloud®

About

  • About PR Newswire
  • About Cision
  • Partnering Opportunities
  • Careers
  • APAC
  • APAC - Simplified Chinese
  • APAC - Traditional Chinese
  • Brazil
  • Canada
  • Czech
  • Denmark
  • Finland
  • France
  • Germany
  • India
  • Indonesia
  • Israel
  • Japan
  • Korea
  • Mexico
  • Middle East
  • Middle East - Arabic
  • Netherlands
  • Norway
  • Poland
  • Portugal
  • Russia
  • Slovakia
  • Spain
  • Sweden
  • United States
  • Vietnam

My Services

  • All News Releases
  • Customer Portal
  • Resources
  • Blog
  • Journalists
  • Data Privacy

Do not sell or share my personal information:

  • Submit via Privacy@cision.com 
  • Call Privacy toll-free: 877-297-8921

Contact PR Newswire

Products

About

My Services
  • All News Releases
  • Customer Portal
  • Resources
  • Blog
  • Journalists
+44 (0)20 7454 5110
from 8 AM - 5:30 PM GMT
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2025 PR Newswire Europe Limited. All Rights Reserved. A Cision company.