An Experimental Security Analysis of an Industrial Robot Controller

Authors: Davide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea Maria Zanchettin, Stefano Zanero

May 2017

Proceedings of the 38th IEEE Symposium on Security and Privacy

Journal Article

Abstract

Industrial robots, automated manufacturing, and efficient logistics processes are at the heart of the upcoming fourth industrial revolution. While there are seminal studies on the vulnerabilities of cyber-physical systems in the industry, as of today there has been no systematic analysis of the security of industrial robot controllers. We examine the standard architecture of an industrial robot and analyze a concrete deployment from a systems security standpoint. Then, we propose an attacker model and confront it with the minimal set of requirements that industrial robots should honor: precision in sensing the environment, correctness in execution of control logic, and safety for human operators. Following an experimental and practical approach, we then show how our modeled attacker can subvert such requirements through the exploitation of software vulnerabilities, leading to severe consequences that are unique to the robotics domain. We conclude by discussing safety standards and security challenges in industrial robotics.

PDF Cite

@InProceedings{	  quarta_robosec_2017,
  abstract	= {Industrial robots, automated manufacturing, and efficient
		  logistics processes are at the heart of the upcoming fourth
		  industrial revolution. While there are seminal studies on
		  the vulnerabilities of cyber-physical systems in the
		  industry, as of today there has been no systematic analysis
		  of the security of industrial robot controllers. We examine
		  the standard architecture of an industrial robot and
		  analyze a concrete deployment from a systems security
		  standpoint. Then, we propose an attacker model and confront
		  it with the minimal set of requirements that industrial
		  robots should honor: precision in sensing the environment,
		  correctness in execution of control logic, and safety for
		  human operators. Following an experimental and practical
		  approach, we then show how our modeled attacker can subvert
		  such requirements through the exploitation of software
		  vulnerabilities, leading to severe consequences that are
		  unique to the robotics domain. We conclude by discussing
		  safety standards and security challenges in industrial
		  robotics.},
  author	= {Quarta, Davide and Pogliani, Marcello and Polino, Mario
		  and Maggi, Federico and Zanchettin, Andrea Maria and
		  Zanero, Stefano},
  booktitle	= {Proceedings of the 38th IEEE Symposium on Security and
		  Privacy},
  date		= {2017-05},
  doi		= {10.1109/SP.2017.20},
  file		= {files/papers/conference-papers/quarta_robosec_2017.pdf},
  location	= {San Jose, CA},
  publisher	= {ACM},
  series	= {S&P '17},
  shorttitle	= {RoboSec},
  title		= {An Experimental Security Analysis of an Industrial Robot
		  Controller}
}

Back to Publications