Security Analysis of Software Updates for Industrial Robots

Chan, Chun-Fai; Chow, Kam-Pui; Tang, Tim

doi:10.1007/978-3-030-93511-5_11

Chun-Fai Chan¹⁷,
Kam-Pui Chow¹⁷ &
Tim Tang¹⁷

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 636))

Included in the following conference series:

International Conference on Critical Infrastructure Protection

385 Accesses
1 Citations

Abstract

Robots are widely deployed in industrial manufacturing environments. Cyber compromises of industrial robots pose threats to products and services, to the robots as well as to human workers. Previous security studies of robots have focused on network service vulnerabilities and privileged execution. However, research has not examined robot software updates and their security features. This chapter investigates the security features of software updates for a Universal Robots UR3 cobot, one of the most commonly-used collaborative industrial robots.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 79.99; Price excludes VAT (USA)

Softcover Book: USD 99.99; Price excludes VAT (USA)

Hardcover Book: USD 99.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

ABB, Download RobotStudio with RobotWare and PowerPacs, Zurich, Switzerland (new.abb.com/products/robotics/robotstudio/downloads), 2021.
Google Scholar
L. Apa, Exploiting Industrial Collaborative Robots, IOActive, Seattle, Washington (www.ioactive.com/exploiting-industrial-collaborative-robots), August 22, 2017.
Google Scholar
Eclypsium, Anatomy of a Firmware Attack, Portland, Oregon (eclypsium.com/wp-content/uploads/2020/09/Anatomy-of-a-Firmware-Attack-2020.pdf), 2020.
Google Scholar
emmanuel, A Standalone Java Decompiler (JD-GUI 1.6.6), GitHub (github.com/java-decompiler/jd-gui), 2019.d
Google Scholar
Y. Gong, K. Chow, Y. Mai, J. Zhang and C. Chan, Forensic investigation of a hacked industrial robot, in Critical Infrastructure Protection XIV, J. Staggs and S. Shenoi (Eds.), Springer, Cham, Switzerland, pp. 221–241, 2020.
Google Scholar
International Federation of Robotics, Record 2.7 million robots work in factories around the globe, Frankfurt, Germany (ifr.org/ifr-press-releases/news/record-2.7-million-robots-work-in-factories-around-the-globe), September 24, 2020.
Google Scholar
V. Mayoral Vilches, L. Usategui San Juan, B. Dieber, U. Ayucar Carbajo and E. Gil-Uriarte, Introducing the Robot Vulnerability Database (RVD), arXiv: 1912.11299 (arxiv.org/abs/1912.11299), 2020.
Google Scholar
I. Priyadarshini, Detecting and mitigating robotic cyber security risks, in Cyber Security Risks in Robotics, R. Kumar, P. Pattnaik and P. Pandey (Eds.), IGI Global, Hershey, Pennsylvania, pp. 333–348, 2017.
Google Scholar
D. Quarta, M. Pogliani, M. Polino, F. Maggi, A. Zanchettin and S. Zanero, An experimental security analysis of an industrial robot controller, Proceedings of the IEEE Symposium on Security and Privacy, pp. 268–286, 2017.
Google Scholar
J. Rieck, Attacks on Fitness Trackers Revisited: A Case Study on Unfit Firmware Security, arXiv: 1604.03313 (arxiv.org/abs/1604.03313), 2016.
Google Scholar
A. Sharma, Universal Robots continues to dominate cobot market but faces many challengers, Interact Analysis, Irthlingborough, United Kingdom (www.interactanalysis.com/universal-robots), November 6, 2018.
Google Scholar
J. Shim, K Lim, J. Jeong, S. Cho, M. Park and S. Han, A case study on vulnerability analysis and firmware modification attack on a wearable fitness tracker, IT Convergence Practice, vol. 5(4), pp. 25–33, 2017.
Google Scholar
Universal Robots, User Manual: UR3/CB3, Version 3.5.5, Odense, Denmark (s3-eu-west-1.amazonaws.com/ur-support-site/32340/UR3_User_Manual_en_Global-3.5.5.pdf), 2018.
Google Scholar
Universal Robots, About Universal Robots, Odense, Denmark (www.universal-robots.com/about-universal-robots), 2021.
Google Scholar
Universal Robots, Legacy Download Center, Odense, Denmark (www.universal-robots.com/articles/ur/documentation/legacy-download-center), 2021.
Google Scholar

Download references

Author information

Authors and Affiliations

Computer Science, the University of Hong Kong, Hong Kong, China
Chun-Fai Chan, Kam-Pui Chow & Tim Tang

Authors

Chun-Fai Chan
View author publications
You can also search for this author in PubMed Google Scholar
Kam-Pui Chow
View author publications
You can also search for this author in PubMed Google Scholar
Tim Tang
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kam-Pui Chow .

Editor information

Editors and Affiliations

University of Tulsa, Tulsa, OK, USA
Jason Staggs
University of Tulsa, Tulsa, OK, USA
Sujeet Shenoi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chan, CF., Chow, KP., Tang, T. (2022). Security Analysis of Software Updates for Industrial Robots. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XV. ICCIP 2021. IFIP Advances in Information and Communication Technology, vol 636. Springer, Cham. https://doi.org/10.1007/978-3-030-93511-5_11

Download citation

DOI: https://doi.org/10.1007/978-3-030-93511-5_11
Published: 04 January 2022
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-93510-8
Online ISBN: 978-3-030-93511-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

The International Federation for Information Processing (opens in a new tab)