With headline-grabbing security breaches happening all the time, cybersecurity is a concern for most businesses. Cobots aren't immune to security breaches and the outcome of a hack could be devastating… or even fatal.

All security breaches can be damaging to a company's reputation and bottom line.

The Collection #1 data breach which happened earlier this year has been called the world's biggest data dump of hacked passwords, with around 6.5 billion user accounts being compromised on 340 websites.

However, this mega-hack is only the latest in a never-ending line of cyber attacks. Hacking has become just another one of the common annoyances of modern life, alongside parking tickets, politics, and public transport.

Although hacks are common, there are still huge repercussions that result from security breaches. We are familiar with many of these issues...

...but what if someone hacked a collaborative robot?

A couple of years ago, a security company called IOActive highlighted how hackers could exploit the software of some collaborative robots. Let's look a bit more deeply at how a hacker could crack a cobot.

Why would hackers want to hack a robot?

We often think about cyberattacks as being all about stealing data — hackers gaining passwords and personal data to steal money from people or to sell on the black market. However, there are more reasons that hackers break into computer systems. Some hackers do it to disrupt services, some to make a political point, and some to leak private information.

Here are five reasons that a hacker might want to access a collaborative robot:

1. Altering or sabotaging the production outcome — A hacker could make slight changes to the robot programming. This could damage the integrity of the product and could be almost untraceable.
2. Using a ransomware scheme — Like many computer attacks, a hacker could take charge of the robot and block access to it, demanding payment to release it and stop them causing further damage.
3. Causing physical damage — A compromised robot could cause damage to people and/or equipment, which could incur a great cost to your company and its reputation.
4. Production line interference — A hacker could change the productivity of the robot to cause bottlenecks in the whole production line and/or damage products.
5. Sensitive data exfiltration — Any stored data which relates to industry secrets could be extracted from the robot controller.

What are the risks?

All security breaches can be damaging to a company's reputation and bottom line.

However, the fact that robots are physical machines adds an extra cause for concern. They have the potential to cause real physical damage and harm. As collaborative robots are designed to work around humans, the repercussions of a cyber attack could potentially endanger people's lives, not just endanger the company's future.

A hack on an industrial robot — whether it's a collaborative robot or otherwise — could affect 3 key factors:

• Safety — Cobots are designed to operate safely around humans. Any malicious change to their safety features could compromise this core feature.
• Integrity — With a compromised integrity, a robot would become no longer fit for purpose.
• Accuracy — Small malicious changes to a robots accuracy could damage the integrity of products whilst large changes could damage the robot itself.

One of the most concerning risks is when the safety, integrity and accuracy of the robot are changed in almost imperceptible ways. The robot could operate in a compromised state for a long time before anyone notices.

5 ways a hacker could attack a robot

A couple of years ago, cybersecurity company Trend Micro identified five cyber attacks that a hacker could use on an industrial robot. They also identified the concrete effects that such hacks could have on the robot, operator, and/or product.

It is worth noting that all of these attacks require the hacker to have access to the robot controller. Securing the controller is one of the main keys to keeping your cobot safe.

Here are the five attacks that they identified, along with their effects:

1. Altering the controller parameters

A hacker could make subtle changes to the control parameters of a robot. This can subtly change the path of the robot in a way that is almost undetectable but alters the integrity of the product.

Effects: Defective or modified product

2. Tampering with calibration parameters

A hacker could change the calibration parameters of the robot, causing it to move unexpectedly or diverge from its intended path.

Effects: Damages to the robot and/or injury to humans.

3. Tampering with the production logic

A hacker could change the robot program in small and almost imperceptible ways to introduce defects into the products and interfere with the production line.

Effects: Defective or modified products.

4. Altering the robot state

A hacker could change the state of the robot to one which is unsafe. As IOActive showed in 2017, it would be possible for a hacker to override the security limits of a collaborative robot in a way that is almost undetectable to the user.

Effects: Injury to humans.

5. Altering the user-perceived robot state

A hacker could make the robot look like it is in one state whilst really it is in another so that humans around it are unaware what state it is really in. For example, the controller could display that the robot is switched off whilst it is really operational with no security limits set.

Effects: Injury to humans.

How can you stay safe?

A lot of the information you can read about cybersecurity threats is presented in quite an alarming way. It's almost as if the writers are trying to "scare you into action." However, the purpose of this article is not to alarm you. Rather, it is intended to open your eyes to some issues which you might not have previously though about.

With this information, you can make better informed choices about how you secure your robot from cyber attacks.

One of the best ways to stay safe from hacks is to keep yourself up to date with the possible hacks that could occur.

Forewarned is forearmed!

How do you keep your robot system secure? Tell us in the comments below or join the discussion on LinkedIn, Twitter, Facebook or the DoF professional robotics community.