Robotic safety recovery system and method based on physically unclonable function
By integrating PUF key generation and authentication units, the problems of key duplication and uncontrollability in robot recovery mechanisms are solved, achieving hardware-level secure recovery authentication and ensuring the safety and uniqueness of the robot when it encounters threats.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SHENZHEN BAIMAXUN NETWORK TECHNOLOGY CO LTD
- Filing Date
- 2026-05-13
- Publication Date
- 2026-07-10
AI Technical Summary
Existing robot recovery mechanisms rely on pre-stored keys, which present problems such as key copyability and uncontrollable recovery, leading to increased security threats.
An integrated secure recovery system based on Physically Unclonable Function (PUF) is provided, comprising a PUF key generation unit, a secure triggering unit, and a key verification unit. It dynamically generates a unique key by utilizing the differences in physical microstructure during the chip manufacturing process and performs rigorous recovery authentication through a secure authentication channel.
It achieves absolute key uniqueness, attack prevention capabilities, and strict authentication for recovery, ensuring the robot's security at the hardware level and avoiding software-level attack vulnerabilities.
Smart Images

Figure FT_1 
Figure FT_2
Abstract
Description
Technical Field
[0001] This invention belongs to the field of robot safety technology, specifically relating to a robot safety recovery system and method based on Physically Unclonable Function (PUF), which is used to achieve safe and reliable recovery of operation after a robot encounters a safety threat or abnormal interruption, preventing unauthorized access and secondary attacks. Background Technology
[0002] Currently, robots (especially service robots and industrial robots) face increasing safety threats during operation, such as: 1. Security attack: Hackers hijack control of the robot through malicious commands (such as injecting malicious code by exploiting vulnerabilities); 2. Hardware malfunction: Chip failure or power fluctuations cause the robot to be forcibly shut down; 3. Unauthorized recovery: The robot resumes operation after an interruption using a regular key (such as a preset password), which poses a risk of key leakage. In existing technologies, robot recovery mechanisms mostly rely on pre-stored keys or external authentication, which has two major drawbacks: Key reproducibility: Preset keys are easily reverse engineered or brute-forced (as shown in the 2022 study in IEEE Transactions on Information Forensics and Security, 78% of robot keys can be cracked). Uncontrollable recovery: The source of the recovery request was not verified, which may allow attackers to exploit the recovery function to conduct a second intrusion into the bot. Therefore, there is an urgent need for a recovery mechanism based on hardware-level security features to ensure key uniqueness, non-copyability, and strict authentication of recovery operations. Summary of the Invention
[0003] The core of this invention is a secure recovery system integrated into the robot's main control chip, comprising the following units: 1. PUF Key Generation Unit: A unique key is dynamically generated based on the differences in physical microstructure during the chip manufacturing process (such as transistor threshold voltage fluctuations and random distribution of interconnects). This key is uncopyable, unpredictable, and unextractable (generated only inside the chip, with no external storage). 2. Safety Trigger Unit: The PUF key generation unit is automatically activated when a forced interruption event (security attack, hardware malfunction, or user-initiated command) is detected. After an interruption event is triggered, the system enters an unavailable state (the robot stops running, and only the safe recovery channel is retained). 3. Key Verification Unit: Receive external input keys through secure authentication channels (such as biometric interfaces or encrypted wireless communication); The robot is allowed to exit the unavailable state and resume operation only if it matches the key generated by PUF. Beneficial effects 1. Absolute Key Uniqueness: PUF keys are derived from the physical characteristics of the chip, and each chip has a unique key, eliminating the risk of key sharing; 2. Anti-attack capability: The key is dynamically generated only after an interruption, and cannot be obtained or predicted externally; 3. Strict Authentication for Recovery: A secure authentication channel ensures that recovery operations originate from authorized entities (such as administrator biometrics / encrypted instructions); 4. Hardware-level security: All units are integrated into the main control chip, avoiding vulnerabilities that could be exploited at the software level. Attached Figure Description
[0004] Figure 1 : A schematic diagram of the system architecture of this invention (showing the integration relationship between the PUF unit, the security triggering unit, and the key verification unit); Figure 2 Security recovery flowchart (showing the complete logic of forced interruption → PUF key generation → key verification → resumption of operation). Detailed Implementation
[0005] The present invention will be further described below with reference to the accompanying drawings. System hardware integration (such as) Figure 1 ) The robot's main control chip (such as ARM Cortex-M7) is integrated internally: PUF Key Generation Unit: Based on random physical parameters in chip manufacturing (such as metal interconnect width deviation), it generates keys (e.g., 128-bit keys) in real time through hardware circuitry. The key generation process does not require external input. Security Trigger Unit: Connects to the chip anomaly detection module (such as a security monitor or hardware fault detector). When a security attack (such as an abnormal instruction), hardware anomaly (such as a voltage drop), or user instruction (such as an emergency recovery button) is detected, the PUF unit is triggered. Key verification unit: It interfaces with security authentication interfaces (such as fingerprint sensors or AES-encrypted Bluetooth modules), receives external keys, and compares them with the PUF key. Recovery process (e.g.) Figure 2 ) 1. Forced interruption occurs: Scenario 1: The robot detects a network attack (such as malicious command injection); Scenario 2: Abnormal temperature of the main control chip (>85℃); Scenario 3: The user presses the physical restore button (authorization required). → The system automatically enters an unavailable state (the robot stops moving, and only the safe recovery channel is retained). 2. PUF Key Activation: The security trigger unit activates the PUF key generation unit, and a new key is generated inside the chip (the key is only valid after this interrupt, and a new key will be generated at the next interrupt). 3. Key Verification and Recovery: Users enter keys via biometrics (such as fingerprints) or encrypted wireless terminals (such as administrator apps); The key verification unit compares the input key with the PUF-generated key; Consistent → The robot exits the unavailable state and resumes operation; Inconsistency → Recovery failed, system remains unavailable. Example verification Test environment: Industrial robot (model: ABB IRB 1200) integrated with this system; Attack test: Traditional solution: The preset key "123456" can be brute-forced (within 5 minutes); The solution of this invention: the PUF key cannot be extracted (failed in 1000 tests), and recovery only requires authorized biometric identification (average verification time 0.8 seconds).
Claims
1. A safety recovery system for a robot, characterized in that, This includes the following units integrated into the robot's main control chip: The PUF key generation unit is used to generate unique keys based on the hardware's physical non-clonable property. A security triggering unit is used to automatically activate the PUF key generation unit after a forced interruption event occurs in the robot; The key verification unit is used to receive the key input from the outside and compare it with the key output by the PUF key generation unit. Only when the two match can the robot exit the unavailable state and resume operation.
2. The secure recovery system according to claim 1, characterized in that, The forced interrupt is triggered by any of the following events: security attack detection, hardware anomaly, or user-initiated command.
3. The secure recovery system according to claim 1, characterized in that, The PUF key generation unit generates a key based on physical differences in the chip manufacturing process. This key is unique and difficult to copy, extract, or predict through external means.
4. The secure recovery system according to claim 1, characterized in that, The externally input key is received through a secure authentication channel, which includes, but is not limited to, a biometric interface or an encrypted wireless communication interface.