Safety cares about the possible damage a robot may cause in its environment, whilst security aims at ensuring that the environment does not disturb the robot operation. Safety and security are connected matters.
There's no safety without security.
Making security recommendations on robotic architectures demands proper understanding of such systems. Similarly, mitigating a vulnerability or a bug requires one to first reproduce the flaw. This can be extremely time consuming with robots, specially ensuring an appropiate enviroment for its analysis reproduction. Current robotic systems are of high complexity, a condition that in most cases leads to wide attack surfaces and a variety of potential attack vectors. This difficulties the mitigation process and the use of traditional security approaches. In-depth understanding of such systems (robots) is required and new mechanisms must be used.
Connected to the inherent complexity and time consumption is flaw prioritization. Patch management in robotics requires one to priorize first existing vulnerabilities. Existing scoring mechanisms such as CVSS have strong limitations when applied to robotics. Simply put, they fail to capture the interaction that robots may have with their environments and humans, leading to potential safety hazards. New scoring techniques in combination with knowhow is a must to maintain robotic systems secure.
Absolutely! Several groups are researching this actively. See [1] for one of such studies describing a variety of attacks.
Moreover, we ourselves in an attempt to raise awareness are continuously advocating on "how vulnerable" popular robotic platforms are read the article here or check our public archive of robot flaws, the Robot Vulnerability Database (RVD).
We encourage you to start caring about security at the design phase. Defining a proper architecture that takes security into account is key. Security can also be tackled at later phases but the more you delay it, the harder and more costly it'll be to ensure security.
By threat modeling. You should first understand what's your threat landscape. Theat modeling helps you understand better your security flaws by studying the dataflows and the trust boundaries that apply to your use case/s. Once you have a clear picture of which attack vectors you're subject to, you'll be in position to decide on what to invest.
Red teaming is a full-scope, holistic, multi-layered, and targeted (with specific goals) offensive attack simulation exercise designed to measure how well a company’s systems, people, networks, and physical security controls can withstand an attack. Penetration Testing (pentesting or PT) is an offensive activity that seeks to find as many vulnerabilities as possible to risk-assess them. Red teaming will also look for vulnerabilities but only for those that will maximize damage and meet the selected goals.
Summarizing, while a traditional penetration test is much more effective at providing a thorough list of vulnerabilities and improvements to be made (and should thereby be performed first), a red team assessment provides a more accurate measure of a given technology’s preparedness for remaining resilient against cyber-attacks.
Our team has past experience in robot and security related standarization committees and bodies. In particular, we are currently accumulating experience with MISRA C, FIPS-140, DO-178B and ISO 27001.