If Hollywood is to be believed, we will all one day be living in a future filled with robots, or less likely, zombies. Robots are everywhere in our predicted future. A common theme on the silver screen is the artificial intelligence mastermind attempting to take over the world. Another is of robots transforming into alternate shapes or robots with the ability to self-repair. Sadly, we are not yet at the stage where cars can transform into fighting robots while doing a front flip in slow motion to a heavy rock soundtrack, but we are getting closer. Researchers at MIT recently presented their exciting new creations, M-Blocks, signalling a new stage of self assembling robots.
The MIT modular robot cubes can rearrange themselves using internal flywheels, which generate impulse movements used to propel the units in the desired direction, and use magnets for alignment. The bots can even generate enough energy to create a strong enough momentum to enable them to jump from once place to another. The cubes can be assembled into rudimentary shapes, but alas cannot transform into a giant fighting robot as this is not the intended goal. The researchers’ wish for the future is to have each module act autonomously – the current prototypes are controlled externally, receiving their commands through radio transmissions.
For me, as a security researcher, this obviously raises questions surrounding the security implications of such modular robots. Don’t worry; I’m not talking about a Skynet taking over the world scenario here. Since they’re only prototypes at the moment, thinking about what could and could not be done with future versions would be purely speculative. However, one of the challenges I see is ensuring that rogue modules can be identified. Just imagine if you have a malicious robot block that, once introduced to the hive, confuses all the others and causes any structure that they were building before to disintegrate. Building up trust in a network of untrusted nodes is a difficult problem to solve. On the other hand, you might need to introduce new cubes, which ideally would get integrated seamlessly.
Current versions of the self-assembling modular robots, where you have a central control unit that transmits and receives commands, can be compared to the Internet of Things (IoT). The IoT, which you could simplify as a group of non-traditional devices connected to the Internet, is an interesting area with huge potential. One of the most tangible areas of the IoT is smart household devices, some of which are already sold today. The vacuum cleaning robots available in stores today may not be self-assembling but nevertheless they are robots.
There has already been quite a lot of interest from the security industry in the IoT. More and more security conferences start to feature talks on the topic. For example, Daniel Buentello presented at this year’s DerbyCon on how he completely took over a remote controlled power switch. While switching the lights on and off might not seem very scary, opening up windows and doors is more alarming. And this is only the tip of the iceberg of possibility. Fridge appliances doing portscans or mood lights that infect other lamps with malware are all realistic scenarios. Someday your neighbour may be able to compromise your toaster remotely in order to tell your HiFi system to switch off the music. Having malicious code running on such home devices can be difficult to detect and difficult to remove, as most devices are not built with high security in mind.
We at Symantec are following the development in this area closely to ensure that everyone stays secure in the future connected world. Of course, we hope that we won’t see scenarios where your fridge teams up with your coffee machine to DDoS your toaster any time in the immediate future, because that would really be a bad start to anyone’s day.