Often times, autonomous robots will have built-in kill switches that can be triggered remotely by the press of a
button. Such a kill switch is often necessary in case the robot malfunctions, and is not approachable anymore from
outside through the proper means. These kill switches are often linked to a particular, obfuscated protocol, so that
attackers cannot easily replicate this.
However, it is not impossible for an attacker to figure out what the protocol is, how the killswitch interacts with
the robot, and how to trigger it. This is effectively a variant on the "poweroff" technique, except in this
scenario, no initial access is required from the attacker, only the specifics of the kill switch protocol is.
Mitigations
The kill switch protocol needs to be sufficiently obfuscated. It would also help to encrypt the data sent by the
kill switch. Lastly, having variance in the protocol will help make kill switch exploits less consistent.
Detections
The robot itself powering off is fairly obvious. One could have a health check service that pings the robot
periodically to see if it is still available, and if not, it may have been powered off.
Ethical Considerations
Triggering a robot's safety measure can in some situations put others in danger or do damage to it's surroundings. When a safety measure is triggered using wireless techniques like BlueTooth, Wifi or specific radio frequencies, surrounding devices that use the same technology or protocol, could also be impacted. Before using this technique, one should consider the damage that could be done to the environment or people and when possible make sure that other devices can or will not be disturbed.
Documented incidents with autonomous robots
When using a device like a Flipperzero, one can record the signal that is generated by the provided kill switch
remote control from the Unitree.
When this signal is decoded and played back, the Unitree can also be shut down. This method will only work this easy
when the signal is not encrypted as is the case with the Unitree.
