![Page 1: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/1.jpg)
Stefano ZaneroAssociate Professor, Politecnico di Milano
Hacking RobotsLessons learned, current research and
new perspectives
Joint work with: Davide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea M. Zanchettin
![Page 2: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/2.jpg)
Industrial robots?
![Page 3: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/3.jpg)
Industrial Robot Architecture (Standards)
Controller
![Page 4: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/4.jpg)
![Page 5: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/5.jpg)
Flexibly programmable
![Page 6: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/6.jpg)
Screenshot of teach pendant + formatted code snippet on the side
![Page 7: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/7.jpg)
“Implicit” parameters
![Page 8: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/8.jpg)
“Implicit” parameters
![Page 9: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/9.jpg)
Connected(Part 1)
![Page 10: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/10.jpg)
They are already meant to be connected
![Page 11: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/11.jpg)
Attack surface
USB port
LAN
Radio
Services:Well-known (FTP) +
custom (RobAPI)
![Page 12: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/12.jpg)
Connected Robots: Why?
● Now: monitoring & maintenance ISO 10218-2:2011
● Near future: active production planning and control○ some vendors expose REST-like APIs○ … up to the use of mobile devices for commands
● Future: app/library stores○ “Industrial” version of robotappstore.com?
![Page 13: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/13.jpg)
We assess
attack impact byreasoning on
requirements
![Page 14: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/14.jpg)
Requirements: "Laws of Robotics"
Safety
Accuracy
Integrity
![Page 15: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/15.jpg)
Requirements: "Laws of Robotics"
Safety
Accuracy
IntegrityAcknowledgements T.U. Munich, YouTube -- Dart Throwing with a Robotic Manipulator
![Page 16: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/16.jpg)
Requirements: "Laws of Robotics"
Safety
Accuracy
Integrity
![Page 17: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/17.jpg)
violating any of these requirements
via a digital vector
Robot-Specific Attack
Safety
Accuracy
Integrity
![Page 18: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/18.jpg)
Control Loop Alteration
Safety
Integrity
Attack 1
Accuracy
![Page 19: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/19.jpg)
Control Loop Alteration
Safety
Integrity
Attack 1
Accuracy
![Page 20: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/20.jpg)
Control Loop Alteration
Safety
Integrity
Attack 1
Accuracy
![Page 22: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/22.jpg)
dr0wned - Cyber-Physical Attack with Additive ManufacturingSofia Belikovetsky, Mark Yampolskiy, Jinghui Toh, Yuval Elovici
Micro-defects in additive manufacturing
![Page 23: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/23.jpg)
Calibration Tampering
SafetyAccuracyIntegrity
Attack 2
![Page 24: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/24.jpg)
Calibration Tampering
SafetyAccuracyIntegrity
Attack 2
![Page 25: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/25.jpg)
Production Logic Tampering
SafetyAccuracyIntegrity
Attack 3
![Page 26: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/26.jpg)
Production Logic Tampering
SafetyAccuracyIntegrity
Attack 3
![Page 27: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/27.jpg)
Displayed or Actual State Alteration
SafetyAccuracyIntegrity
Attacks 4+5
![Page 28: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/28.jpg)
Displayed or Actual State Alteration
SafetyAccuracyIntegrity
Attacks 4+5
![Page 29: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/29.jpg)
Malicious DLL
Displayed State Alteration PoC
Teach Pendant
![Page 30: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/30.jpg)
Displayed State Alteration PoC
Teach Pendant
Malicious DLL
![Page 31: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/31.jpg)
Standards & Regulations vs. Real World
![Page 32: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/32.jpg)
Collaborative Robotics
![Page 33: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/33.jpg)
let’s compromisethe controller
![Page 34: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/34.jpg)
USB port
LAN
Radio
Services:Well-known (FTP) +
custom (RobAPI)
![Page 35: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/35.jpg)
VxWorks 5.x RTOS (x86)
VxWorks 5.x RTOS (PPC)
Windows CE (ARM) .NET >=3.5
FTP, RobAPI, ...
![Page 36: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/36.jpg)
Update problems
FlexPendant
Axis Computer
Microcontrollers
![Page 37: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/37.jpg)
Update problems
FlexPendant
Axis Computer
Microcontrollers
How? FTP at boot
.... plus, no code signing, nothing
![Page 38: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/38.jpg)
Update problems
FlexPendant
Axis Computer
Microcontrollers
FTP? Credentials? Any credential is OK during boot!
ABBVU-DMRO-124644
![Page 39: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/39.jpg)
Autoconfiguration is magic!
![Page 40: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/40.jpg)
Autoconfiguration is magic!
ABBVU-DMRO-124642
![Page 41: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/41.jpg)
FTP RETR /command/whatever read system infoFTP STOR /command/command execute “commands”
Enter /command
ABBVU-DMRO-124642
![Page 42: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/42.jpg)
FTP RETR /command/whatever read system infoFTP STOR /command/command execute “commands”
Enter /command
ABBVU-DMRO-124642
![Page 43: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/43.jpg)
FTP GET /command/whatever read, e.g., env. varsFTP PUT /command/command execute “commands”
shell reboot
shell uas_disable
+ hard-coded credentials? → remote command execution
Enter /command
ABBVU-DMRO-124642
![Page 44: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/44.jpg)
Let’s look at cmddev_execute_command:
shell → sprintf(buf, "%s", param)other commands → sprintf(buf, "cmddev_%s", arg)
overflow buf (on the stack) → remote code execution
Enter /command
ABBVU-DMRO-128238
![Page 45: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/45.jpg)
Ex. 1: RobAPI● Unauthenticated API endpoint● Unsanitized strcpy()→ remote code executionEx. 2: Flex Pendant (TpsStart.exe)● FTP write /command/timestampAAAAAAA…..AAAAAAA● file name > 512 bytes ~> Flex Pendant DoS
Other buffer overflows
ABBVU-DMRO-124641, ABBVU-DMRO-124645
![Page 46: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/46.jpg)
Takeaways
Some memory corruption
Mostly logical vulnerabilities
All the components blindly trust themain computer (lack of isolation)
![Page 47: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/47.jpg)
Complete attack chain (1)
![Page 48: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/48.jpg)
Complete attack chain (2)
![Page 49: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/49.jpg)
Complete attack chain (3)
![Page 50: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/50.jpg)
“Sensitive” files:● Users’ credentials and permissions● Sensitive configuration parameters (e.g., PID)● Industry secrets (e.g., workpiece parameters)
Obfuscation: bitwise XOR with a “random” key.Key is derived from the file name. Or from the content. Or …
File protection
![Page 51: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/51.jpg)
That’s how we implemented the attacks
![Page 52: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/52.jpg)
Attack Surface
?
![Page 53: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/53.jpg)
Network
Physical (but digital)
Programming Languages
Attack Surface
![Page 54: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/54.jpg)
Network
![Page 55: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/55.jpg)
Not so many...(yesterday I've just found 10 more)
Remote Exposure of Industrial Robots
Search Entries Country
ABB Robotics 5 DK, SE
FANUC FTP 9 US, KR, FR, TW
Yaskawa 9 CA, JP
Kawasaki E Controller 4 DE
Mitsubishi FTP 1 ID
Overall 28 10
![Page 56: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/56.jpg)
Remote Exposure of Industrial Routers
...way many more!
Unknown which routers are actually robot-connected
![Page 57: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/57.jpg)
Typical Issues
Trivially "Fingerprintable"● Verbose banners (beyond brand or model name)● Detailed technical material on vendor’s website
○ Technical manual: All vendors inspected○ Firmware: 7/12 vendors
![Page 58: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/58.jpg)
Typical Issues (1)
Outdated Software Components● Application software (e.g., DropBear SSH, BusyBox)● Libraries (including crypto libraries)● Compiler & kernel● Baseband firmware
![Page 59: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/59.jpg)
Typical Issues (2)
Insecure Web Interface● Poor input sanitization● E.g., code coming straight from a "beginners" blog
Cut & paste
![Page 60: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/60.jpg)
Physical Attack Surface
![Page 61: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/61.jpg)
Programming Languages Attack Surface
UNTRUSTED INPUT
ROBOT MOVEMENT
![Page 62: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/62.jpg)
Conclusions
![Page 63: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/63.jpg)
Robots are increasingly being connected
Industrial robot-specific class of attacks
Barrier to entry: quite high, budget-wise
Conclusions
![Page 64: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/64.jpg)
Some vendors are very responsive
As a community we really needto push hard for countermeasures
What should we do now?
![Page 65: Hacking Robots Lessons learned, current research and new … · 2018. 11. 2. · Hacking Robots Lessons learned, current research and new perspectives Joint work with: Davide Quarta,](https://reader035.vdocument.in/reader035/viewer/2022063019/5fe09feea0bfdc7ef53bd6ce/html5/thumbnails/65.jpg)
Hints on Countermeasures
Short termAttack detection and deployment hardening
Medium termSystem hardening
Long termNew standards, beyond safety issues