Security firm Trend Micro, along with Italy's Politecnico Milano, have spent the last year and a half researching cyber security vulnerabilities in industrial robots. The results, which will be presented at the IEEE Security & Privacy conference, reveal multiple vulnerabilities in today's industrial robots.
While the vulnerabilities they found in an ABB IRB140 industrial robotic arm have since been fixed by ABB, the results of their research point to a broader need for tightened security for industrial robots.
What are the Consequences of Poor Cyber Security in Industrial Robotics?
In an effort to boost productivity, current industrial robots can be connected to the larger Internet of Things (IoT), and like all other IoT devices, this potentially leaves them vulnerable to hacks.
If a robotic arm is hacked, the hacker can take full control of the arm, with nearly limitless possibilities of what could come next. They could potentially cause the robot arm to extend past the limits of its reach, ultimately breaking it. A robot could be recalibrated by just a few millimeters without anyone ever noticing, leading to mass scale recalls. Small changes to the robots' programming could cause a loss of revenue all from a remote location.
Beyond productivity concerns, there are obvious safety concerns too, especially when you consider the use of robots in the medical field. There are potential dangers to technicians if a robotic arm is hacked and turned on while maintenance is being performed.
How Can Industrial Robot Users Ensure Proper Cyber Security?
It's not all doom and gloom for industrial robot users. In fact, quite the opposite. There will be 1.3 million more industrial robots deployed in 2018. Robots are continually becoming more productive and safer in the workplace.
For end users, ensuring sound cyber security for their industrial robots begins in the sourcing stage. It's best to align with a systems integrator who takes safety and security seriously. This provides benefits over and over again in the long-term, as most integrators perform ongoing service and maintenance - part of which may include cyber security measures.
In addition to this, Frederico Maggi, part of the Trend Micro research project, said that end users can't ignore software updates for their industrial robots. Often times, they are neglected in an attempt to minimize production downtime. But software updates include key cyber security updates, and failing to stay on top of the latest security measures can leave industrial robots vulnerable.
There are measures end users can take to ensure cyber security and ultimately find ROI and productivity through investment in robotics. Hacking is only a concern when cyber security is neglected.
For end users of industrial robots, cyber security needs to be a business priority not only to maintain productivity levels but to protect their employees and their investments in automation.
For more background on connected devices in manufacturing and how security risks play a role, read our tech paper on embedded devices and the cloud.