While apparel manufacturing receives a high-tech facelift, the possibility of cyber attacks remains rampant for industrial robots worldwide.
As Industry 4.0 becomes more of a reality, retailers worldwide are beginning to incorporate technology, including industrial robots, to ramp up their clothing production process. According to research by Trend Micro’s Forward-Looking Threat Research (FTR) team and university Politecnico di Milani (POLIMI), the current ecosystem of industrial robots remains at high risk for cyber attacks, due to lack of industry awareness and outdated software.
Both parties conducted a comprehensive security analysis, where they tested a working industrial robot for cyber attack responsiveness. The robot in the case study represented today’s class of industrial robots in terms of architecture qualities and standards. From the testing, FTR and POLIMI discovered that most industrial robots possessed outdated software, since they were reliant on vulnerable and cryptographic libraries and weak authentication systems. What’s more, both parties found that thousands of industrial devices were situated on public IP (Internet Protocol) addresses, enabling attackers to easily access and damage them.
FTR and POLIMI determined four types of cyber attacks for industrial robots. By identifying cyber attack classes, retailers can take extra precautions and establish better safety measures with their industrial robots down the line.
Altering the controller’s parameters
Altering the controller’s parameters enables the attacker to make the robot move inaccurately or unexpectedly without the operator’s knowledge. Once a robot programmer uploads code or sends computer commands to an industrial robot, the attacker could remotely harm its control loop parameters, causing the robot to execute unmodified code. This type of attack may lead to defective products and decrease the accuracy of industrial robots.
Tampering with calibration parameters
When an attacker tampers with calibration parameters, also known as the robot’s positions, the robot may move in a wrong way and damage itself or cause micro defects in the products it works with.
Tampering with the production logic
During this type of malfunction, the attacker alters original code or commands for the robot, which could lead to defective products. Once the attacker manipulates the robot’s programming, there aren’t any code integrity checks in the process that prevent micro defects from repeatedly taking place.
Altering the user-perceived robot state
Humans control industrial robots for operational and safety measures. An attacker can come in and disrupt the robot without the operator’s knowledge by manipulating status information. This occurrence often leads to operator injuries and permanent robot damage.