Walking Targets: Securing Teleoperated Quadruped Robots

by

Author: Denis Avetisyan

As quadruped robots move from labs to real-world applications, understanding and mitigating their unique cybersecurity risks is becoming critically important.

A quadruped robot operating under teleoperation is vulnerable to attacks targeting its wireless communication channel, where an adversary could intercept, manipulate, or disrupt the flow of commands and feedback data.
A quadruped robot operating under teleoperation is vulnerable to attacks targeting its wireless communication channel, where an adversary could intercept, manipulate, or disrupt the flow of commands and feedback data.

This review systematically surveys vulnerabilities, threats, and defense gaps in teleoperated quadruped robots, focusing on the interplay between physical stability and cyber resilience.

Despite increasing deployment in critical applications, the cybersecurity of teleoperated quadruped robots remains a largely unaddressed challenge. This paper, ‘Cybersecurity of Teleoperated Quadruped Robots: A Systematic Survey of Vulnerabilities, Threats, and Open Defense Gaps’, presents a comprehensive analysis of potential attack vectors-spanning perception manipulation to network intrusion-and their consequences for these dynamic, physically impactful systems. Our survey reveals significant maturity gaps between established communication protections and nascent defenses for higher-level vulnerabilities, particularly those impacting operator cognition and real-time control. Given the growing reliance on these robots in safety-critical scenarios, how can we proactively bridge these defense gaps and ensure robust operational resilience?

Navigating the Attack Surface: Teleoperated Systems at Risk

The increasing prevalence of remotely operated quadruped robots introduces a novel attack surface for malicious actors, creating significant cybersecurity vulnerabilities. Unlike stationary systems, these robots operate in dynamic, often unpredictable, environments, relying heavily on wireless communication for control and perception data – both susceptible to interception and manipulation. This dependence elevates the risk of unauthorized access, allowing attackers to not only disrupt operation but also to potentially repurpose the robot for harmful activities. The physical mobility of these machines, combined with their growing integration into critical infrastructure like inspection, surveillance, and logistics, amplifies the potential consequences of a successful breach, making them particularly attractive targets for those seeking to cause disruption or gain illicit access.

Conventional cybersecurity protocols, designed to protect static systems and data, frequently prove inadequate when applied to the dynamic vulnerabilities of teleoperated robots. These robots rely on continuous data streams for perception – vision, lidar, and tactile sensing – and depend on reliable communication channels for control signals. Sophisticated attacks can exploit weaknesses in these systems, not by breaching firewalls, but by manipulating the very data the robot uses to understand its environment or by injecting malicious commands into the control stream. Such attacks can induce phantom obstacles, alter perceived terrain, or even hijack motor control, rendering the robot unpredictable and dangerous. This is particularly concerning because many existing security measures prioritize confidentiality and integrity of data at rest, rather than the real-time availability and authenticity crucial for safe robotic operation, leaving a significant gap in protection against actively disruptive attacks.

A teleoperated quadruped robot, once compromised, presents a spectrum of tangible dangers extending beyond data breaches. Malicious control could transform a helpful machine into a physical hazard, capable of causing damage to infrastructure, injuring personnel, or disrupting critical operations – consider, for example, a compromised delivery robot obstructing emergency services or a construction robot causing structural failures. Furthermore, operational risks arise from the potential for misinformation; a manipulated robot’s sensor data could mislead human operators, leading to flawed decision-making with severe consequences. Therefore, safeguarding these systems necessitates a multi-layered defense strategy encompassing secure communication channels, robust authentication protocols, and continuous monitoring of both robot actions and perceptual inputs, moving beyond conventional cybersecurity measures to address these unique physical vulnerabilities.

Commercial quadruped robots-including Boston Dynamics Spot, Unitree B2, and ANYbotics ANYmal-demonstrate a wide range of security implementations, from per-device cryptography to fleet-wide vulnerabilities and enterprise-level protection.
Commercial quadruped robots-including Boston Dynamics Spot, Unitree B2, and ANYbotics ANYmal-demonstrate a wide range of security implementations, from per-device cryptography to fleet-wide vulnerabilities and enterprise-level protection.

Architecting Resilience: Safety and Control Integration

Control Barrier Functions (CBF) provide guaranteed safety during robot operation by mathematically defining safe sets within the robot’s state space. These functions, typically expressed as h(x) \ge 0, where x represents the robot’s state, ensure that the system remains within predefined safe boundaries. During control design, the CBF is incorporated as a constraint, modifying the control input to prevent violations of the safety constraint, even in the presence of disturbances or model uncertainties. This is achieved by minimizing a modified cost function that penalizes deviations from the desired trajectory while simultaneously ensuring the CBF remains non-negative. The rate of change of the CBF itself can also be constrained to further enhance safety margins and provide robustness against fast, unexpected events.

A Switched System Framework enables a robot to transition between distinct locomotion modes – such as walking, trotting, or crawling – based on environmental conditions and internal state. This is achieved by defining a set of subsystems, each representing a specific locomotion strategy, and a switching logic that determines which subsystem is active at any given time. The switching logic utilizes sensor data and state estimation to assess stability and detect disturbances; for example, transitioning to a more stable gait during uneven terrain or activating a recovery mode following a slip. By dynamically selecting the most appropriate locomotion strategy, the framework enhances the robot’s ability to maintain balance, navigate challenging environments, and recover from unexpected events, improving overall robustness and operational capability.

Effective recovery control in legged robots necessitates precise gait phase awareness, as the optimal response to a disturbance is highly dependent on the current stance and swing leg configurations. Identifying the gait phase – whether a leg is in the stance, swing, or transition phase – allows the control system to apply corrective actions that align with the robot’s dynamic state. For example, a disturbance during single support phase requires different mitigation strategies than one occurring during double support. Accurate gait phase estimation, typically achieved through sensor fusion of joint angles, foot force data, and inertial measurement units, enables the robot to modulate joint torques and foot placements to maintain balance and prevent falls. Failure to account for gait phase can result in ineffective or even destabilizing recovery attempts, as applying corrective forces against an already overloaded or unstable leg can exacerbate the disturbance.

Fortifying the System: Communication and Perception Security

Frequency Hopping Spread Spectrum (FHSS) is a method of transmitting radio signals by rapidly switching between multiple frequency channels, utilizing a pseudorandom sequence known to both the transmitter and receiver. This technique mitigates the impact of both intentional jamming and unintentional interference by spreading the signal across a wider bandwidth and making it more difficult to disrupt communication. By constantly changing frequencies, FHSS reduces the effectiveness of narrowband jammers and minimizes the probability of interception, as an adversary must scan and potentially jam multiple frequencies simultaneously to successfully disrupt or capture the transmission. The robustness of FHSS is directly related to the number of available frequencies and the speed of frequency hopping, with faster hopping and a wider frequency range offering greater resilience.

Data Encryption and Authentication Systems are critical for securing robotic communication and control interfaces against unauthorized access and malicious manipulation. These systems employ cryptographic protocols to ensure confidentiality, integrity, and authenticity of data transmitted between robot components and external control stations. Commonly implemented baseline measures include Datagram Transport Layer Security (DTLS), which introduces a performance overhead ranging from 1 to 3 milliseconds. This overhead represents the computational cost of encryption, decryption, and authentication processes, and must be considered during system design to maintain real-time operational constraints. While essential for security, the added latency necessitates a careful balance between protection and performance, particularly in applications demanding low-latency response times.

An Intrusion Detection System (IDS) continuously monitors network communications to identify malicious activity targeting the robotic system. This proactive approach provides an early warning of potential cyberattacks, allowing for mitigation strategies to be implemented. Implementation of machine learning-based intrusion detection algorithms introduces a measurable performance cost; current implementations demonstrate an inference delay of 8 to 15 milliseconds per analysis and incur an 8% load on the system’s CPU during operation. These performance metrics are critical considerations when integrating an ML-based IDS into a real-time robotic control system.

Ensuring Stability: Robust Perception and Fall Mitigation

Robust robotic perception increasingly relies on sensor fusion, a technique that intelligently combines data streams from diverse sources – cameras, LiDAR, inertial measurement units, and more. This integration isn’t simply about redundancy; it’s about creating a more complete and reliable understanding of the environment. By cross-validating information, the system minimizes the impact of individual sensor limitations or failures, and crucially, defends against malicious attacks like LiDAR spoofing, where false data is injected to mislead the robot. The resulting perception system demonstrates significantly improved accuracy and resilience, ensuring continued safe operation even when confronted with compromised or imperfect sensory input. This approach moves beyond single-point failures to create a truly dependable foundation for autonomous navigation and manipulation.

Recent advancements in robotic perception prioritize resilience against malicious interference, notably through sophisticated LiDAR spoofing detection techniques. Systems like Shadow-Catcher achieve remarkably high accuracy in identifying compromised sensor data; evaluations demonstrate a 91.2% true positive rate, meaning the system correctly identifies spoofed LiDAR returns in the vast majority of cases. Complementing this, the system exhibits an 82.5% true negative rate, indicating a low incidence of false alarms-critical for maintaining operational reliability. This high degree of precision allows robots to confidently distinguish between genuine environmental data and deliberately misleading signals, bolstering robustness and preventing potential failures stemming from sensor manipulation.

Robotic systems designed for dynamic environments rely on continuous stability monitoring via sophisticated fall detection algorithms. These algorithms analyze data streams from inertial measurement units (IMUs) and, increasingly, visual sensors to assess the robot’s center of gravity, orientation, and velocity. When deviations from a stable posture are detected-indicating an impending loss of balance-protective measures are automatically triggered. These responses can range from subtle adjustments in gait and posture to preemptive bracing or controlled descent to a stable position. The speed and accuracy of these algorithms are critical, as they directly impact the robot’s ability to avoid falls, maintain operational uptime, and ensure safety in complex and unpredictable settings. Furthermore, advanced systems incorporate machine learning techniques to adapt to varying terrains and payloads, refining fall prediction and mitigation strategies over time.

Towards Autonomous Resilience: A Vision for the Future

A Digital Twin functions as a dynamic, virtual counterpart to a physical robot, continuously updated with real-time data from its sensors and operational history. This allows for comprehensive monitoring of the robot’s health, enabling predictive maintenance that anticipates potential failures before they occur. By simulating various operational scenarios and stresses within the virtual environment, engineers can proactively identify vulnerabilities and optimize performance without risking damage to the physical system. The Digital Twin isn’t merely a diagnostic tool; it’s a platform for experimentation, allowing for the testing of new software updates, control algorithms, and even hardware configurations in a safe, controlled manner – ultimately bolstering the robot’s resilience and extending its operational lifespan.

The development of truly resilient robotic systems hinges on the integration of autonomous operation capabilities, enabling a shift from reactive maintenance to proactive adaptation. This means equipping robots with the capacity to perceive changes in their environment – be it altered terrain, unexpected obstacles, or even internal component degradation – and subsequently adjust their behavior without requiring human direction. Such autonomy isn’t simply about avoiding collisions; it encompasses the ability to re-plan routes, redistribute workloads amongst redundant systems, and even diagnose and mitigate emerging faults. By fostering self-reliance, these robots minimize downtime, maintain operational effectiveness in dynamic settings, and ultimately reduce the need for constant, and potentially risky, human intervention – a crucial advancement for applications ranging from disaster response to long-duration space exploration.

Current assessments of critical defense mechanisms reveal a significant gap between conceptualization and practical implementation, with many technologies residing at low Technology Readiness Levels (TRL 1-5). This indicates that while foundational research exists, these systems are largely confined to laboratory settings and have not yet undergone substantial validation through prototyping or real-world testing. Consequently, substantial investment in applied research and development is crucial to elevate these technologies through the TRL scale, bridging the divide between theoretical potential and deployable resilience. Progress requires focused efforts on system integration, rigorous testing under diverse operational conditions, and the development of robust validation methodologies to ensure reliable performance in complex and unpredictable environments.

The systematic survey meticulously details vulnerabilities inherent in teleoperated quadruped robots, revealing a complex interplay between physical dynamics and cybersecurity. This echoes Robert Tarjan’s observation: “Structure dictates behavior.” The robot’s operational structure – encompassing communication channels, control algorithms, and physical articulation – fundamentally defines its susceptibility to attack and its behavioral response to intrusions. Understanding this structural dependency is paramount; a breach in one component doesn’t simply affect that system, but cascades through the entire cyber-physical architecture, impacting real-time performance and dynamic stability, a key concept explored within the survey’s analysis of potential threats.

Beyond Resilience: Charting a Course for Secure Quadrupedal Systems

This survey reveals not a landscape of merely ‘solved’ problems, but a complex interplay of vulnerabilities inherent to the very design of teleoperated quadrupedal robots. The focus, predictably, has been on patching breaches, on building walls around a fundamentally unstable core. But what are systems designers actually optimizing for? Is it simply the avoidance of compromise, or a graceful degradation of function under duress? True security isn’t about invulnerability, but about predictable, controlled failure – a concept too often lost in the pursuit of absolute defense.

Future work must move beyond reactive intrusion detection and towards proactive, behavior-based anomaly detection. The robot’s intended function should define the boundaries of acceptable operation, and any deviation-however slight-should be flagged not as a hostile act, but as a signal of systemic instability. This necessitates a shift from viewing the operator as an external agent to recognizing them as an integral part of the control loop-a vulnerability and a potential source of resilience.

Simplicity, however, remains paramount. The field risks entanglement in layers of complexity, mistaking elaborate defenses for genuine security. The challenge is not merely to add more features, but to distill the essential functionality, to create a system where the architecture itself enforces security through clarity and constraint. This isn’t minimalism; it’s the discipline of distinguishing the accidental from the essential-a lesson robotics, like all engineering, must perpetually relearn.

Original article: https://arxiv.org/pdf/2602.23404.pdf

Contact the author: https://www.linkedin.com/in/avetisyan/

See also:

2026-03-02 23:36