Date of Award

8-2025

Document Type

Thesis

Degree Name

Master of Science in Engineering (MSE)

Department

Computer Engineering

Committee Chair/Advisor

Dr. Kuang-Ching Wang

Committee Member

Dr. Fatemeh Afghah

Committee Member

Dr. Linke Guo

Abstract

Robotic systems are becoming more and more prevalent in modern society, with Robot Operating System 2 (ROS 2) being the dominant operating system for these implementations. Its popularity can be attributed to its design, which is purpose-built for distributed systems and asynchronous communications. However, ROS 2 security is static and therefore less capable of responding to contemporary threats and network behavior. This becomes a greater issue when considering its applications in the military and defense sectors, where security is of the highest importance. In recent years, the U.S. Department of Defense (DoD) has implemented zero trust (ZT) security based on seven core tenets explained by the National Institute of Standards and Technology (NIST). The absence of dynamic security in ROS 2 reveals a gap between this concept of ZT and the ROS 2 applications being deployed. Given the intricacies of distributed ROS 2 system security, to research solutions, there has to be a simulation environment where each component can be modeled. Current studies use several promising methods for ROS 2 implementations such as Docker, Kubernetes, tools to simulate network and system faults, and AI/ML algorithms. However, there is not a framework that integrates all of these methods. In this thesis, we develop a novel framework for modeling realistic distributed systems. We then use it to integrate dynamic security that combines ZT principles with ROS 2. The framework will utilize four core components: Docker for standardizing the application environment, Kubernetes for life cycle management and scaling of deployed units, Chaos Mesh to mimic network and system behavior, and an autoencoder for monitoring and anomaly detection. The framework offers visibility into the system, network, and application planes. It allows real-time simulation of attacks and anomalous activity. And it continuously logs data, enabling a human collaborator to analyze threats and deploy policies to isolate them, thus ensuring continuity for essential operations. To illustrate the capabilities of the framework, we present a case study to detect anomalous activity at various levels in real-time. Three experiments are conducted to analyze network anomalies, system anomalies, and application-level attacks, respectively. From these experiments, we demonstrate that our framework detects 100% of the anomalies on all three levels, producing detailed logs to verify each detection and convey the root cause. Even with detection efficiency, some of the logs were unclear, especially for stealthy and slow-rate attacks, demonstrating the need for more insightful autoencoder input features.

Download

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.