Nowadays, more than ever, manufacturing systems rely on information technology and computer science to operate in multiple levels. Manufacturing systems are heavily dependent on computing devices that are present in multiple levels. From the smart sensors and PLCs, robotic controllers that operate on the machinery, to MES and ERP systems that are used by companies, programmable computing devices are used.
This diversity also means that a manufacturing system can be susceptible to different kind of cyberthreats. Especially, in a Human-Robot Collaborative system architecture, where computers and software are intensively used, cybersecurity needs to be considered at different levels.
As part of the threat analysis performed in the Sharework project, potential threads in Human-Robot Collaboration were identified and categorized for the management of appropriate security policies.
The present categorization aims to present an aspect of the rather technical and extensive topic of cybersecurity in a comprehensible and codified way, helping towards the identification of a potential threat source and next steps.
Hardware Level – Threats that require access to hardware
One could easily consider that heavily protected networks can be compromised if access to hardware is possible. However, hardware level security is an often-overlooked component of cyber security. An adversary able to access unattended hardware can steal or destroy sensitive data, tamper with hardware and even cause damages and denial of service.
Operating System Level – Threats that target or exploit the operating system
Adversaries can misuse the operating system services for purposes other than the ones intended or to deprive others of its services (denial of service). Common threats include viruses, malware, ransomware and account hacking. Adversaries can only steal or destroy information as well as computation resources and utilize them for other purposes. E.g. cryptocurrency mining or botnets.
Virtualization Level – Threats that exploit the usage of OS Virtualization
OS virtualization can increase security, as it adds a layer of isolation, but it also introduces some potential threats. Different virtualization technologies have different vulnerabilities that can be exploited by adversaries. For instance, malicious processes could use privilege escalation attacks to escape the isolation offered by the virtualization environment and migrate to the host system.
Network Level – Threats that exploit or target the network communication
A wide range of attacks can be performed on the network level. For instance, adversaries may utilize identity spoofing techniques to pretend they are someone else. Some known techniques are MAC Spoofing, IP Spoofing or ARP Poisoning. Another family of attacks are the Man in the Middle , in which adversaries intercept or falsify network traffic to steal information or cause disturbance. In an interconnected, networked manufacturing environment such a human-robot collaborative system serious tampering with data traffic could have a strong adverse impact on the process, equipment or persons involved.
Module Level – Threats that exploit or target specific software modules
Cybersecurity should be considered also during the development of software modules. Using dubious or security-ignorant third-party libraries could make a software module susceptible to exploitation. Also, modules should take measures to increase their security against known attack methods like injection attacks and buffer overflow attacks. Vetting and managing the module software dependencies in terms of cybersecurity is another good practice to increase the module’s security.
In order to defend against cybersecurity threats, such as the ones mentioned above, the Sharework project has developed Sharework Data Security, a well-rounded data security policy that aims to increase the data security in a Human-Robot Collaborative system deployed in the manufacturing sector.
Spyros Koukas – MEng, MBA. Senior Software Engineer – Technical Lead @ Netcompany-Intrasoft. Architecture, technical Lead, design, integration and development of distributed software systems. Experienced in applications for Robotics, Manufacturing, IoT, Simulation, Telecommunications and the Web. Diligently writing clean code since 2008.
Intrasoft international is a leading European IT solutions and services group offering innovative and added-value solutions of the highest quality to a wide range of international and national public and private organizations. The company is in charge of the software integration, architecture definition and implementation and lead the development of the data security in the project
