Security of controlled manufacturing systems in the connected factory: the case of industrial robots

Authors: Marcello Pogliani, Davide Quarta, Mario Polino, Martino Vittone, Federico Maggi, Stefano Zanero

February 2019

Journal of Computer Virology and Hacking Techniques

Conference Paper

Abstract

In modern factories, ``controlled'' manufacturing systems, such as industrial robots, CNC machines, or 3D printers, are often connected in a control network, together with a plethora of heterogeneous control devices. Despite the obvious advantages in terms of production and ease of maintenance, this trend raises non-trivial cybersecurity concerns. Often, the devices employed are not designed for an interconnected world, but cannot be promptly replaced: In fact, they have essentially become legacy systems, embodying design patterns where components and networks are accounted as trusted elements. In this paper, we take a holistic view of the security issues (and challenges) that arise in designing and securely deploying controlled manufacturing systems, using industrial robots as a case study---indeed, robots are the most representative instance of a complex automatically controlled industrial device. Following up to our previous experimental analysis, we take a broad look at the deployment of industrial robots in a typical factory network and at the security challenges that arise from the interaction between operators and machines; then, we propose actionable points to secure industrial cyber-physical systems, and we discuss the limitations of the current standards in industrial robotics to account for active attackers.

PDF Cite

@Article{	  pogliani_article_2019,
  abstract	= {In modern factories, ``controlled'' manufacturing systems,
		  such as industrial robots, CNC machines, or 3D printers,
		  are often connected in a control network, together with a
		  plethora of heterogeneous control devices. Despite the
		  obvious advantages in terms of production and ease of
		  maintenance, this trend raises non-trivial cybersecurity
		  concerns. Often, the devices employed are not designed for
		  an interconnected world, but cannot be promptly replaced:
		  In fact, they have essentially become legacy systems,
		  embodying design patterns where components and networks are
		  accounted as trusted elements. In this paper, we take a
		  holistic view of the security issues (and challenges) that
		  arise in designing and securely deploying controlled
		  manufacturing systems, using industrial robots as a case
		  study---indeed, robots are the most representative instance
		  of a complex automatically controlled industrial device.
		  Following up to our previous experimental analysis, we take
		  a broad look at the deployment of industrial robots in a
		  typical factory network and at the security challenges that
		  arise from the interaction between operators and machines;
		  then, we propose actionable points to secure industrial
		  cyber-physical systems, and we discuss the limitations of
		  the current standards in industrial robotics to account for
		  active attackers.},
  author	= {Pogliani, Marcello and Quarta, Davide and Polino, Mario
		  and Vittone, Martino and Maggi, Federico and Zanero,
		  Stefano},
  day		= {13},
  doi		= {10.1007/s11416-019-00329-8},
  file		= {files/papers/journal-papers/pogliani_article_2019.pdf},
  issn		= {2263-8733},
  journal	= {Journal of Computer Virology and Hacking Techniques},
  month		= {Feb},
  title		= {Security of controlled manufacturing systems in the
		  connected factory: the case of industrial robots},
  year		= {2019}
}

Back to Publications