The modern world relies heavily on industrial robots. But is the current robotics ecosystem secure enough to withstand a cyber attack?
Industrial robots have replaced humans in a lot of large-scale production and manufacturing activities because of their efficiency, accuracy, and safety. These mechanical, programmable devices can now be seen in practically all industrial sectors―making cars, fabricating airplane parts, assembling food products, and even providing critical public services.
Soon enough, robots will become a ubiquitous feature of modern factories that we must ask now whether the current ecosystem of industrial robots is secure enough to withstand a cyber attack. This is the question we—the Forward-looking Threat Research (FTR) team and our collaborators from the Politecnico di Milano (POLIMI)—had in mind when we started examining the attack surface of today’s industrial robots. More importantly, we wanted to demonstrate whether it is actually possible to compromise them.
This attack demonstration, which we documented in the following video, was done in a laboratory setting on an actual working industrial robot. Due to the architectural commonalities of most modern industrial robots and the existence of strict standards, the robot chosen for our case study is representative of a large class of industrial robots.
An industrial robot is an “automatically controlled, reprogrammable, multipurpose manipulator programmable in three or more axes, which can be either fixed in place or mobile for use in industrial automation applications.
What Robot-Specific Attacks Are Possible?
Operating an industrial robot requires several parts working together properly. A programmer or operator typically controls it by issuing high-level commands through the network (via a remote access interface like a teach pendant) to a controller. The controller, which is nothing but a computer, then translates the commands into low-level inputs for the different components of the robotic arm to interpret and execute.
Industrial robots are expected to perform with a high degree of safety, accuracy, and integrity. Any violation of these operational requirements, if initiated through a digital attack, can allow a cyber attacker to take control of a robot. We were able to determine five classes of attacks that are possible once an attacker is able to exploit any of the several weaknesses that we found in industrial robot architectures and implementations.
In our comprehensive security analysis, we found that the software running on industrial robots is outdated; based on vulnerable OSs and libraries, sometimes relying on obsolete or cryptographic libraries; and have weak authentication systems with default, unchangeable credentials. Additionally, the Trend Micro FTR Team found tens of thousands industrial devices residing on public IP addresses, which could include exposed industrial robots, further increasing risks that an attacker can access and compromise them. The vendors, with whom we are working closely, have taken our results very responsibly, showing a positive attitude toward securing the current and future generation of industrial robots…Click HERE to read full article.