Multi-robot systems deployed in real-world applications are exposed to the same issues that computer systems face. A cybersecurity attack on a robot has the consequences of an attack on a computer system, with the added risk that the robot could be controlled to take potentially damaging action.
Most planning algorithms in multi-robot systems rely on a voting procedure to determine a course of action. Each robot makes a recommendation based on its own limited local observations, and the recommendations are aggregated to yield a final decision. One way for a hacker to infiltrate a multi-robot system would be to impersonate a large number of robots on the network, and cast enough spurious votes to tip the collective decision — a technique called “spoofing.”
The new system analyzes the ways in which robots' wireless transmissions interact with the environment, and assigns each of them its own radio “fingerprint.” If the system identifies multiple votes as coming from the same transmitter, it can discount them as probably fraudulent.
Another problem is coverage, in which robots position themselves to distribute some service across a geographic area — communication links, monitoring, or the like. In this case, each robot's “vote” is simply its report of its position that the other robots use to determine their own. The researchers compared the results of a common coverage algorithm under normal circumstances, and the results produced when the new system is actively thwarting a spoofing attack. Even when 75 percent of the robots in the system have been infiltrated by such an attack, the robots' positions are within 3 centimeters of what they should be. To verify the theoretical predictions, the researchers also implemented their system using a number of distributed Wi-Fi transmitters and an autonomous helicopter.
The new system grew out of earlier work on the use of Wi-Fi signals to determine transmitters' locations and to repair ad-hoc communication networks. Typically, radio-based location determination requires an array of receiving antennas. A radio signal traveling through the air reaches each of the antennas at a slightly different time — a difference that shows up in the phase of the received signals, or the alignment of the crests and troughs of their electromagnetic waves. From this phase information, it's possible to determine the direction from which the signal arrived.
A bank of antennas, however, is too bulky for an autonomous helicopter to ferry around. The researchers found a way to make accurate location measurements using only two antennas spaced about 8" apart. Those antennas must move through space to simulate measurements from multiple antennas. That's a requirement that autonomous robots meet easily. In the researchers' experiments, the autonomous helicopter hovered in place and rotated around its axis in order to make its measurements.
When a Wi-Fi transmitter broadcasts a signal, some of it travels in a direct path toward the receiver, but much of it bounces off of obstacles in the environment, arriving at the receiver from different directions. For location determination, that's a problem, but for radio fingerprinting, it's an advantage — the different energies of signals arriving from different directions give each transmitter a distinctive profile.
There's still some room for error in the receiver's measurements, so the new system doesn't completely ignore probably fraudulent transmissions. Instead, it discounts them in proportion to its certainty that they have the same source. The team's analysis shows that, for a range of reasonable assumptions about measurement ambiguities, the system will thwart spoofing attacks without unduly punishing valid transmissions that happen to have similar fingerprints.