Foundation models are reshaping robotics by enabling robots to interpret open-ended instructions, reason over multimodal contexts, and operate in complex, open-world environments. However, their integration also introduces security and privacy (S&P) risks that extend beyond the FMs themselves to embodied execution pipelines, supporting ecosystems, and broader governance impacts. Existing literature reviews provide valuable insights but often focus on specific FM types, risk categories, mitigation strategies, or trust boundaries. Consequently, the field lacks a unified structure for analyzing where risks originate, how they propagate across robotic systems, and where mitigations should intervene. To address this gap, we propose a progressive F-E-S-G structural boundary framework for analyzing the S&P of FM-powered robots. The framework comprises four layers: the Foundation model layer (F), Embodied system layer (E), Supporting ecosystem layer (S), and Governance impact layer (G). Building on this structure, we develop a multi-level taxonomy that organizes prior studies along three levels: F-E-S-G trust boundary, security-privacy concerns, and risk-mitigation perspectives. We further annotate each study using fine-grained coding attributes, including target, lifecycle stage, mechanism, system access, and effect. Guided by this framework and taxonomy, we systematize 96 papers. Our analysis uncovers multiple threat patterns, defense mismatches, and evaluation gaps that are difficult to identify from a single-boundary perspective. Based on these findings, we identify open challenges and future directions to provide a research agenda for developing secure, privacy-preserving, and responsibly governed FM-powered robotic systems.

翻译：基础模型正在重塑机器人技术，使其能够解析开放式指令、推理多模态上下文，并在复杂、开放的世界中运行。然而，这种集成也引入了安全与隐私风险，这些风险超越了基础模型本身，扩展至实体执行管道、支撑生态系统以及更广泛的治理影响。现有文献综述虽提供了宝贵见解，但往往侧重于特定的基础模型类型、风险类别、缓解策略或信任边界。因此，该领域缺乏一个统一的分析框架来审视风险来源、其在机器人系统中的传播路径以及缓解措施的介入点。为填补这一空白，我们提出了一个递进式的基础模型-实体系统-支撑生态系统-治理影响结构边界框架，用于分析基础模型驱动机器人的安全与隐私。该框架包含四个层次：基础模型层、实体系统层、支撑生态系统层和治理影响层。基于此结构，我们开发了一个多层次分类体系，沿三个维度组织现有研究：F-E-S-G信任边界、安全与隐私关注点以及风险与缓解视角。我们进一步通过细粒度的编码属性（包括目标、生命周期阶段、机制、系统访问权限和影响）对每项研究进行标注。在此框架和分类体系指导下，我们系统梳理了96篇论文。我们的分析揭示了多种威胁模式、防御错配以及评估缺口，这些难以从单一边界视角识别。基于这些发现，我们指出了开放挑战与未来方向，为开发安全、隐私保护且治理有方的基础模型驱动机器人系统提供了研究路线图。