Cyber attacks on robots could threaten Industry 4.0

9th December 2020
Posted By : Lanna Deamer
Cyber attacks on robots could threaten Industry 4.0

Modern manufacturing relies on interconnected robots to make Industry 4.0 a reality. Here Neil Ballinger, Head of EMEA sales at EU Automation, explains how industrial robots could be hacked and what can be done to mitigate the threat of cyber crime.

In recent years, manufacturing companies have invested heavily in industrial automation. McKinsey, a consultancy firm, estimates that the market for industrial robots has been expanding at approximately 19% since 2012 and is now worth 16.2 billion dollars. As robots become more ubiquitous, their vulnerability to cyberattacks becomes a more pressing concern. 

The threat is real

Every year, hackers and IT professionals meet at the Black Hat cyber security conference. This year, Federico Maggi, a researcher at Trend Micro, and Marcello Pogliani, an information security researcher at Politecnico di Milano, presented a report entitled 'rogue automation' in which they presented new vulnerabilities in the software of industrial robots to cyber attacks.

The research reveals previously unknown ways of how an advanced hacker can perform targeted attacks on robots. What makes this possible is a lack of layered user authorisations in software. Once a perpetrator has gained access to the peripheral layers of the software, the entire operating system of the robot could potentially be hacked.

The two researchers believe that existing security mechanisms are not sufficient to protect robots because they have not been embedded in the programming language of the operating system.

Affected are industrial automation robots in sectors as diverse as automotive, avionics, military, pharmaceuticals, food and beverage. The authors of the report argue that if such robots were hacked, the consequences could range from down time of factory lines to physical or environmental harm.

Spotting loopholes

One of the challenges in mitigating these newly discovered software vulnerabilities is integrating different software from new machines with legacy technology. The programming language of industrial robots is often vendor specific.

On the factory floor, machines from different vendors, bought over a long timeframe are required to interact seamlessly with each other. However, some legacy equipment contains code that was written before the time of code checkers, which nowadays spot loopholes automatically.

What can be done to make industrial robots more secure? To reduce vulnerabilities, process engineers should segment networks and isolate machines that process data from outside. Moreover, networks and their endpoints should be protected. Changes to the software should be reviewed regularly and documented scrupulously.

Tackling the problem of cyber crime in industrial automation requires the close collaboration of installation engineers, maintenance technicians, IT service providers and parts suppliers. Industry 4.0 can only be made a reality if manufacturers are able to trust that their industrial automation equipment is safe from cyber attacks.

You must be logged in to comment

Write a comment

No comments

Sign up to view our publications

Sign up

Sign up to view our downloads

Sign up

IoT Solutions World Congress
31st January 2023
The Future of Digital Economy Through 5G
7th February 2023
Malasia Mandarin Oriental Hotel
8th February 2023
Malasia The Royale Chulan Hotel, Kuala Lumpur Malaysia
Cloud Expo Europe 2023
8th March 2023
United Kingdom ExCel, London
The Data Innovation Summit ANZ edition
16th March 2023
Australia Crown Conference Centre | Melbourne‎