Towards Robust and Secure Embodied AI: A Survey on Vulnerabilities and Attacks
Wenpeng Xing, Minghao Li, Mohan Li, Meng Han
TL;DR
This survey provides a comprehensive framework for understanding vulnerabilities in embodied AI, detailing exogenous, endogenous, and inter-dimensional risks and how they interact with LVLMs and LLMs. It systematically analyzes vulnerability sources, threat models, and attack taxonomies, including sensor spoofing, cybersecurity threats, and adversarial prompts across multimodal systems. The work surveys adversarial techniques, evaluation strategies, and mitigation approaches, emphasizing robust grounding, formal verification, Sim2Real testing, and safety-focused design. By integrating these dimensions, the paper offers concrete guidance for strengthening safety and reliability in embodied AI under real-world environmental and operational constraints. Overall, it establishes a roadmap for researchers and practitioners to identify, evaluate, and mitigate vulnerabilities in AI-enabled embodied systems across perception, decision-making, and control layers.
Abstract
Embodied AI systems, including robots and autonomous vehicles, are increasingly integrated into real-world applications, where they encounter a range of vulnerabilities stemming from both environmental and system-level factors. These vulnerabilities manifest through sensor spoofing, adversarial attacks, and failures in task and motion planning, posing significant challenges to robustness and safety. Despite the growing body of research, existing reviews rarely focus specifically on the unique safety and security challenges of embodied AI systems. Most prior work either addresses general AI vulnerabilities or focuses on isolated aspects, lacking a dedicated and unified framework tailored to embodied AI. This survey fills this critical gap by: (1) categorizing vulnerabilities specific to embodied AI into exogenous (e.g., physical attacks, cybersecurity threats) and endogenous (e.g., sensor failures, software flaws) origins; (2) systematically analyzing adversarial attack paradigms unique to embodied AI, with a focus on their impact on perception, decision-making, and embodied interaction; (3) investigating attack vectors targeting large vision-language models (LVLMs) and large language models (LLMs) within embodied systems, such as jailbreak attacks and instruction misinterpretation; (4) evaluating robustness challenges in algorithms for embodied perception, decision-making, and task planning; and (5) proposing targeted strategies to enhance the safety and reliability of embodied AI systems. By integrating these dimensions, we provide a comprehensive framework for understanding the interplay between vulnerabilities and safety in embodied AI.