The industrial robotics industry is set to sky rocket in the next five years, where it is expected that 4 million commercial robots will be installed in over 50,000 warehouses by 2025; 4,000 of those were deployed in 2018 alone. There’s every likelihood that more and more workplace colleagues will not be of the human kind, but of the robotic kind.
This is having a significant impact. Robots are becoming an integral part of Industry 4.0 and the Industrial Internet of Things (IIoT), helping to boost productivity and safety. Falling costs and common programming platforms are also helping to accelerate the proliferation of robots in all sectors.
But have manufacturers placed enough emphasis on the cybersecurity of their new workforce and how can we overcome the challenges associated with their integration in business-critical production environments?
The challenges with integrating industrial robots
As robots become increasingly connected, concerns are being raised regarding the impact of ineffective cybersecurity. Business owners who can utilise AI and machine learning to adapt robots’ behaviour based on real-time analytics from the production line can clearly use that to help a facility operate more efficiently, but does the benefit outweigh the risk?
There is a lot of industry attention currently on the physical safety of robots in the workplace, especially when they share the same space as human co-workers. A new standard is due to be published imminently governing when robots should shut down, if approached by a human for example, and when they are allowed to restart their process.
The cyber risk, however, has not had the same level of due diligence. Currently, there are no known cyberattacks on industrial robots. While this is of course positive, robots haven’t been an attractive proposition to hackers to date. It’s incredibly expensive to acquire examples to develop attacks, and there hasn’t been enough industrial robots being utilised to make it worthwhile.
But that is changing. Popularity of such technology is increasing as business owners begin to better understand the productivity and efficiency benefits that can be gained. More users and decreasing costs are making the technology a much more interesting target.
Researchers have also been able to show Proof of Concept (POC) attacks in which they have been able to take over widely-used robots and infect them with ransomware. The risk of such an attack in the real-world is catastrophic, ranging from costly business disruption to physical human harm.
Utilising industrial robots securely
Despite the concerns, the use of industrial robotics can bring great business value and therefore shouldn’t be hindered. The good news, as with most other products or technologies, is there are well known and proven processes that can significantly improve cybersecurity. Mitigation of risk is all about planning: the principles of “secure by design” mean ensuring security is addressed from the early stages of the design phase and continue as a key consideration at every stage of the development process to ensure a cyber resilient end product.
Those looking to procure robotics technology for industrial use must define clear security requirements as part of their purchasing language and conduct a thorough assessment of any new robots that they seek to deploy. With specialised experience in industrial IoT and industrial component testing, Applied Risk that can conduct tests to ensure robots and systems are appropriately hardened against attack before they are integrated, and that staff are appropriately trained to understand the risks that could be introduced into the environment by their behaviour.
Vendors, meanwhile, should adopt the “secure development life cycle” best practices, and ensure they are providing end users with cyber resilient products to be implemented in their business-critical production environments. Cybersecurity must be a priority when designing and building robots, and clear roadmaps for managing upgrades and patches should be well documented and regularly updated.
Industrial robots do promise to increase manufacturing productivity and reduce risk for many organisations. The key is to deploy them with cybersecurity at their core.
To learn more about ensuring the cyber resilience of your industrial IoT enabled production environments, visit: https://applied-risk.com/solutions/services/iot-security-assurance-services