← Back to Library

Trust in LLM-controlled Robotics: a Survey of Security Threats, Defenses and Challenges

Authors: Xinyu Huang, Shyam Karthick V B, Taozhao Chen, Mitch Bryson, Thomas Chaffey, Huaming Chen, Kim-Kwang Raymond Choo, Ian R. Manchester

Published: 2025-12-17

arXiv ID: 2601.02377v1

Added to Library: 2026-01-07 10:10 UTC

Red Teaming

📄 Abstract

The integration of Large Language Models (LLMs) into robotics has revolutionized their ability to interpret complex human commands and execute sophisticated tasks. However, such paradigm shift introduces critical security vulnerabilities stemming from the ''embodiment gap'', a discord between the LLM's abstract reasoning and the physical, context-dependent nature of robotics. While security for text-based LLMs is an active area of research, existing solutions are often insufficient to address the unique threats for the embodied robotic agents, where malicious outputs manifest not merely as harmful text but as dangerous physical actions. In this work, we present a systematic survey, summarizing the emerging threat landscape and corresponding defense strategies for LLM-controlled robotics. Specifically, we discuss a comprehensive taxonomy of attack vectors, covering topics such as jailbreaking, backdoor attacks, and multi-modal prompt injection. In response, we analyze and categorize a range of defense mechanisms, from formal safety specifications and runtime enforcement to multi-LLM oversight and prompt hardening. Furthermore, we review key datasets and benchmarks used to evaluate the robustness of these embodied systems. By synthesizing current research, this work highlights the urgent need for context-aware security solutions and provides a foundational roadmap for the development of safe, secure, and reliable LLM-controlled robotics.

🔍 Key Points

  • Systematic survey on security challenges related to integrating Large Language Models (LLMs) in robotics, emphasizing the 'embodiment gap' which creates unique vulnerabilities.
  • Comprehensive taxonomy of attack vectors including jailbreaking, backdoor attacks, and prompt injection, highlighting how each can lead to real-world physical harm through LLM-controlled robotics.
  • Analysis and categorization of existing defense mechanisms, from formal safety specifications to runtime enforcement, showcasing their limitations in addressing the contextual complexities of embodied systems.
  • Identification of key datasets and benchmarks to evaluate the robustness of LLM-robotics systems under adversarial conditions, aiding future research and development in the field.
  • Proposed roadmap that outlines the need for context-aware security solutions and the integration of multi-modal LLMs to enhance the robustness of LLM-controlled robotics.

💡 Why This Paper Matters

This paper is significant as it thoroughly addresses the intersection of AI, security, and robotics by highlighting the unique challenges that arise when LLMs control physical agents. Its detailed analysis of attack vectors and defense mechanisms provides valuable insights into ensuring safety and security in deploying LLMs in robotics. By outlining current limitations and proposing a structured roadmap for future research, this work lays a crucial foundation for developing trusted and reliable intelligent robotic systems.

🎯 Why It's Interesting for AI Security Researchers

AI security researchers will find this paper particularly relevant as it focuses on the emerging threats posed by the integration of advanced language models in robotics, an area that is rapidly evolving but is still under-researched. The comprehensive review of attack strategies and the in-depth discussion of potential defenses against these threats provide critical insights that could inform the design of more secure AI systems. Furthermore, understanding the context-specific vulnerabilities introduced by the embodied nature of these systems is essential for developing future safeguards.

📚 Read the Full Paper

📄 View on arXiv 📎 Download PDF