Secured Offline Authentication on Industrial Mobile Robots Using Biometric Data

The increased usage of mobile robots in the industrial context entails higher safety risks for employees on the production floor. To enable safety, the usage of security concepts on industrial mobile robots is essential. One step towards security is authentication that is necessary to prevent unauthorized people from manipulating an industrial mobile robot's software or configuration. Traditional authentication schemes that utilize username and password are not feasible for industrial mobile robots as either (a) a remote connection would be necessary to check the credentials or (b) the credentials need to be checked locally on the robot. Remote connections are problematic due to connectivity problems similar to them at RoboCup Logistics League competitions. If the credentials need to be checked on the robot, the usernames and passwords of all authorized people need to be stored and maintained there. As both possibilities are not feasible for industrial mobile robots, we propose an offline authentication approach that uses biometric data to authenticate a user on a mobile robot. The approach uses expiring passwords and a smart card to authenticate authorized people on the mobile robot. The smart card is equipped with a fingerprint reader to check that only authorized people are allowed to authenticate at a mobile robot. To show that the approach is able to provide secured authentication, a threat analysis is performed.