CyLab Robotics Security and Privacy Workshop

July 28-29, 2025
Rangos Ballroom, Jared L. Cohon University Center
Carnegie Mellon University

About | Schedule | Research Challenges | Featured Participants | Speakers | Organizers | Sponsors

About

Securing the Future of Robotics and Autonomous Systems

Soon, robotics and autonomous systems will be ubiquitous within America's industrial infrastructure. But these systems are as susceptible — if not more — to privacy and security threats as existing online systems.

As robotics and autonomous systems technology becomes increasingly integrated into critical infrastructure sectors such as emergency services, defense, health and social care, and manufacturing, the need for a secure and private ecosystem is more urgent than ever. However, existing approaches to building robotic systems treat safety, security, and privacy as an afterthought. For example, the current landscape of robotics middleware, such as ROS, has limitations in real-time readiness, usability, and widespread implementation, leading to potential security and privacy vulnerabilities. AI and ML are foundational to the next generation of advanced autonomous robots, but pose novel difficulties in assuring their safety and robustness in physical environments.

The CyLab Robotics Security and Privacy Workshop will convene leading researchers and experts from across academia and industry to discuss strategic approaches to building trusted middleware and toolchains to foster a secure, privacy-preserving robotics ecosystem that is safe and trustworthy by design. We will bridge this gap by uniting experts in robotics, AI, cybersecurity, and privacy, collaborating with partners to meet the demands of industry, academia, and government.

Schedule

Please note: this is an invitation-only, in-person event. Please fill out this form if you are interested in attending.

This schedule is subject to change.

Day 1: Monday, July 28, 2025 (EDT)

8:15 a.m. - 9:00 a.m. – Continental Breakfast

9:00 a.m. - 9:10 a.m. – Welcome and Introductions from Hosts | Slides

9:10 a.m. - 10:30 a.m. – Round Robin Participant Introductions

10:30 a.m. - 10:45 a.m. – Break, Transition to Talks

10:45 a.m. - 12:15 p.m. – Technical Talks

10:45 a.m. - 11:15 a.m. – Philip Koopman - Autonomous Vehicle Safety | Slides
11:15 a.m. - 11:45 a.m. – Lujo Bauer - How Adversarial ML Can Impact Real Systems | Slides
11:45 a.m. - 12:15 p.m. – Kassem Fawaz - Exploring LLMs for Privacy-Aware Social Companion Robots | Slides

12:15 p.m. - 1:30 p.m. – Lunch and Networking

1:30 p.m. - 1:45 p.m. – Research Collaborations and Partnerships | Slides

1:45 p.m. - 3:15 p.m. – Breakout Session 1 – Research Challenges

Participants will engage in two focused small-group discussions - one from Part A and one from Part B - each centered on a distinct research challenge in robotics security and privacy.

1:45 p.m. - 2:25 p.m. – Part A Research Challenges

Policy Considerations
Safety x AI and Machine Learning
Supply Chain Security re: Software and Hardware
Systems Approaches to Security and Privacy in Robotics
Threat Models

2:25 p.m. - 2:35 p.m. – Transition

2:35 p.m. - 3:15 p.m. – Part B Research Challenges

Evaluation/Testing Frameworks
Human Factors
Privacy and Security in Robotics Software Ecosystems
Sensing and Hardware Privacy/Security

3:15 p.m. - 3:30 p.m. – Break and Synthesis

3:30 p.m. - 4:00 p.m. – Recap of Breakouts

4:00 p.m. - 4:15 p.m. – Group Photo

4:15 p.m. - 6:00 p.m. – Adjourn/Break before Dinner

6:00 p.m. - 8:00 p.m. – Dinner and Networking - Rangos Ballroom

Day 2: Tuesday, July 29, 2025 (EDT)

8:15 a.m. - 9:00 a.m. – Continental Breakfast

9:00 a.m. - 9:15 a.m.– Welcome and Introductions

9:15 a.m. - 10:35 a.m.– Technical Talks

9:15 a.m. - 9:45 a.m. – Ingo Lütkebohle - The Security and Privacy Context of Intralogistics Robots
9:45 a.m. - 10:15 a.m. – Andrea Bajcsy - Towards Open World Robot Safety
10:15 a.m. - 10:35 a.m. – Vivan Amin - Securing Emobodied Systems

10:35 a.m. - 10:45 a.m. – Break/Transition to Breakouts

10:45 a.m. - 12:15 p.m. – Breakout Session 2 – Directions on Research Challenges

For logistical purposes, please plan on participating in the same breakout session topic on day 2 in which you participated in day 1, provided your group has a quorum.

10:45 a.m. - 11:25 a.m. – Part A Research Challenges

Policy Considerations
Safety x AI and Machine Learning
Supply Chain Security re: Software and Hardware
Systems Approaches to Security and Privacy in Robotics
Threat Models

11:25 p.m. - 11:35 a.m. – Transition

11:35 a.m. - 12:15 p.m. – Part B Research Challenges

Evaluation/Testing Frameworks
Human Factors
Privacy and Security in Robotics Software Ecosystems
Sensing and Hardware Privacy/Security

12:15 p.m. - 1:30 p.m. – Lunch

1:30 p.m. - 2:00 p.m. – Recap, Synthesis of Breakouts, and Closing

2:00 p.m. - 4:00 p.m. – Lab Tours (optional)

Research Challenges

Evaluation/Testing Frameworks

This breakout session will discuss approaches for evaluating the security and privacy of robotic systems, and identify gaps and challenges in evaluation metrics, benchmarks, verification methods, and simulation-based and field testing.

Systems Approaches to Security & Privacy in Robotics

Robotic systems involve the integration of complex mechanical, electrical, and software components within dynamic and uncertain environments. These integrations can create emergent security and privacy challenges that cannot always be anticipated in advance. This breakout session will discuss those challenges and explore the role of system-wide strategies for improving security and privacy in robotics, including assurance cases, risk assessment methodologies, and security- and privacy-by-design principles.

Threat Models

In addition to attackers against traditional computing infrastructure, specialized threat models for robotics systems are needed because they frequently interact with the physical world and humans in the environment, and sometimes operate under real-time constraints. This breakout session discusses these specialized threat models

Privacy & Security in Robotics Software Ecosystems

Software frameworks, middlewares, and package ecosystems such as ROS 2 enable modular and reusable robotics development but also introduce security, privacy, and safety challenges. This breakout session will identify the safety, security, and privacy challenges that arise from robotics software and explore the space of potential solutions.

Policy Considerations

What regulations, certifications, standards, or policies should (or do) apply to security and privacy aspects of robotics? This breakout session seeks to answer this question in the context of existing regulations covering some aspects of robotics (e.g., in the US, FAA for flying robots and FCC for communication, FTC actions addressing unfair or deceptive practices resulting from poor security or privacy, or regulations governing medical devices and health data) — what issues do these address, and what other policy could address other issues in security and privacy of robotics?

Safety x AI and Machine Learning

Powerful AI technologies such as LLMs are increasingly being deployed in robotic systems, but they also introduce new, unique challenges for security, safety, and privacy. This breakout session will identify potential use cases and risks of using AI in robotic systems and discuss approaches for mitigating those risks.

Sensing and Hardware Privacy/Security

Undermining the security of a sensor or another component can render the data from that sensor useless or even undermine all downstream decisions from that component. On the flip side, the earlier in the pipeline privacy can be addressed, this can potentially aid confidentiality and security down the line. This breakout session examines attacks and defenses on security and privacy for sensors and other hardware components.

Supply Chain Security re: Software and Hardware

Robotics systems contain complex software components and hardware components, which may come from a large number of sources, leaving a large attack surface for attackers to modify the component, causing security, privacy, or safety issues. This breakout session discusses challenges and potential solutions to the supply chain security in the context of robotic systems.

Human Factors

Many an allegedly-secure system has broken down as a result of its failure to address the human element. This breakout session addresses the ways humans interact with robotics and AI that go beyond interactions with other automated systems, and seeks to identify key questions and answers regarding human factors in security and privacy of robotics.