The government has announced that according to the GDP sector, this transit into the need to create a new industrial policy that offers tools such as automation or AI, after the impact of Covid- 19.
The Government has presented its Recovery Plan in which one of the key pieces is the industrialization model, the objective of which is to increase the country’s technological capital through this new industrial policy.
“Since its inception, the development of industrial robotics has not been accompanied by effective cybersecurity. Greater awareness is needed on the part of all the actors involved in the development of industrial robots, not only the plant operators, ”says Rubén Vega, Cybersecurity Expert at Excel technologies.
AI in the industrial sector
According to a McKinsey global survey of 800 executives, two-thirds said they were increasing somewhat or significantly their investments in automation or Artificial Intelligence.
This increased role of technological innovations in the industry is now accompanied by strong cybersecurity policies to protect industrial systems from malicious attacks.
Possible cyber attacks on robotics
Until now, the industrial sector was paying attention to physical security related to robotics without considering cybersecurity, but organizations must be aware that a simple cyberattack on a robot can cause serious losses.
And is that, some of the most common attacks that industrial robots can experience have to do with the alteration of the control parameters by modifying the values that control them, causing them to move unexpectedly or inaccurately.
Furthermore, these cyberattacks can modify calibration parameters, change production logic by altering a task or cause the robot to send erroneous signals to its management application, generating false alerts and stopping production.
How to avoid these attacks
To prevent these attacks, Excel Technologies experts detail how industrial machinery should be protected and what aspects should be taken into account for its securitization.
Human management: the organization must establish structures within the workforce with well-defined roles, responsibilities, and protocols.
Evaluate the security of the software and the product: periodic analyzes of the solutions implemented in the robotic systems should be carried out to identify possible failures. These checks consist of the scanning and detection of vulnerabilities, using dynamic checking or technologies such as fuzzing, which consists of a set of black-box tests that allow discovering errors in programs or protocols by introducing random, invalid data and malformed. At the same time, a vulnerability scan of the robotic platform used and threat modeling exercises should be carried out to determine technical weaknesses and security gaps. In addition, it is recommended to implement a component in the robots that work as a protection system to constantly analyze the orders or control software updates that the device receives and accept or reject them after consulting with a third party that collects all the rules of the process.
The industrial sector must present, not only attention to physical security related to robotics, but also to cybersecurity
Increase the processes of identification and digital access: implement the mandatory use of strong passwords at the start of robotic sessions and centralize the identity and robotic access of the management processes. In addition, access privileges must be managed to obtain a security matrix that authorizes robots to perform only the tasks assigned to them.
Protection and identification of data: evaluate compliance with data regulations to control the confidentiality of the same while monitoring sensitive data processed by robotics to verify compliance with use policies.
Vulnerability management: organizations must have direct communication with the manufacturer to be aware of the possible vulnerabilities that they have detected to check if there are computers in the installation that are affected. In addition, a computer update policy should be applied where it is specified how to update, change settings and create backup copies of computers.
Increase communication security: use encrypted protocols to ensure the integrity of messages and implement end-points on machines to detect possible infections. For this, it is necessary to collect the robot data and perform a network audit to find vulnerabilities in the robotic systems or connections and, in this way, being able to redefine the industrial network architecture to make it more secure.