Are industrial robots safe? This is the opening question of this analysis that Alias Robotics has worked on, together with TrendMicro, as part of an investigation into robotic security, in which researchers from the Alpen-Adria-Universität Klagenfurt in Austria have also participated. This analysis has resulted in a detailed report that includes new findings in the field of robotics threat and vulnerability research that warns of the serious risks of these OT industrial devices.
The research, which will be presented at the prestigious Black Hat 2021 cyber security event, includes a new methodology with a complementary offensive approach to protecting industrial robots in a feasible and timely manner.
Black Hat 2021
As mentioned above, this is one of the most respected and important events on the international cyber security scene, and this year it is being held in Las Vegas between 31 July and 5 August. The increased concern for the security of OT environments and the risks faced by the industrial sector has led the event organisers to select us as speakers, something that few companies in the world can say and which demonstrates how this startup is leading the field of cyber security for robots since 2018.
Much like Ford in the 1920s, many robot manufacturers engage in obsolescence practices by organising distributors and integrators into private networks, providing spare parts only to certain companies in an attempt to discourage repairs and eliminate competition.
The research uncovered more than 100 vulnerabilities affecting various manufacturers. Among the findings was a trend at Teradyne, where two of the robotics companies it owns (Universal Robots and Mobile Industrial Robots) had dozens of vulnerabilities. This is a particularly interesting case because their robots are advertised as collaborative, meaning that they augment human physical capabilities without causing harm.
The research results show that robot teardowns can help the robotics industry and the supply chain by significantly improving quality, safety and security, and, as mentioned above, there is evidence of planned obsolescence practices. We advocate the “right to repair” in robotics and encourage end-users to bring their safety needs to the attention of both their supply chains and manufacturers.