Just like your desktop computer, we need security for robots and this needs to happen now, not later.
Let's review some recent events
- Military UAVs transmitting telemetry information unencrypted
- Privacy concerns as UAVs are now being used by law enforcement
- Stuxnet proved that targeted SCADA attacks are possible
- Researchers documented security and privacy issues with the Rovio
If someone is injured or killed by a robot it could be:
- An unavoidable accident
- Negligence on the part of the manufacturer
- Intentionally caused by an authorized user
The primary goal of robot security should be to prevent accidents, injury and deaths. When that isn't possible data should be logged so that the guilty parties can be identified and charged in civil or criminal courts.
Since the early days of the Internet we have learned some painful lessons. We have learned that actual security, as opposed to security theater and security through obscurity, can be divided into three main areas, authentication, authorization and accounting. These topics will be covered in the following parts.
Thanks to Bruce Sterling and those who have learned to encrypt their telemetry for inspiration. Ryan Calo also has some good ideas about robotics laws.