To start with, robotics research is mainly about what is feasible. System security is often neglected in the process. Jasmin Wachter, a doctoral student pursuing her doctoral degree in the Karl-Popper-Kolleg “Responsible Safe and Secure Robotic Systems Engineering, SEEROSE”, wants to find out what measures are required to ensure that security for robotics also pays off.
Jasmin Wachter understands her research topic from both an academic and a practical perspective. Following her Mathematics degree, she has been working at Joanneum Robotics in Klagenfurt’s Lakeside Park for one and a half years. Here, she tells us about two colliding paradigms when it comes to cybersecurity in robotics: “On the one hand, research represents a risk-free space. The idea is to find out what can be accomplished with which technical methods. However, system security is often disregarded in the field of robotics.” For instance, often there is no authentication when an additional robot is added to the network, or the communication between the individual devices is not encrypted. At the same time, the main responsibility for security is transferred to those who will ultimately deploy the robots, for example, in industry. “Naturally, this means that developers are less interested in system security than they really should be,” Jasmin Wachter concludes.
She goes on to explain that the (in-)security culture in robotics has scope for improvement, but that it is of vital importance: “In the case of software, the potential risks, such as data leaks, involve personal rights or financial matters. On the other hand, in the event that robots or drones are hacked, they can also cause physical damage.” So, are there too few technical systems to meet these challenges? “No, there are plenty. The problem lies in the involved security-economics”, Jasmin Wachter replies.
Security does not always pay off. Thus, cybersecurity is uncared-for, and there are practically no consequences for developers and manufacturers as others bear the greatest share of responsibility. To address this, Jasmin Wachter is investigating the effectiveness of mechanisms that could render the security aspects more economical. Using game theory, she assesses which bolts in the system need to be tightened in order to achieve an optimum level of security – be it in the form of penalties or other regulations. Her approach is largely interdisciplinary: To solve the problem at hand, Jasmin Wachter can make ideal use of her expertise in mathematics, system security and robotics. In the context of the Karl Popper College “Responsible Safe and Secure Robotic Systems Engineering, SEEROSE”, she is supervised by the computer scientist Stefan Rass.
Jasmin Wachter tells us that she is idealistic in her approach to her work. What she appreciates most about the academic environment is the freedom to pursue questions that are important to her. This is the case in the area of security, which can be a tricky issue: “Yes, I am security-conscious in my private life as well. We don’t have talking and listening speakers as roommates, and the webcams are usually covered. I don’t write down my passwords either.“ Even in private IT security matters, it is important to think economically: “A payment card is not unsafe compared to cash. It provides transparency about possible damage and liability issues. You have to weigh these things up when you use technical devices.”