Cyberzagrożenia
Dilemma of smart factory 1: Proprietary languages
This series of blog posts explains the design security risks involved in legacy languages and risk mitigation measures that all users of industrial robots should do. This part explains the characteristics of industrial robots and our survey method.
Save to Folio
Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact is a necessity, the importance of industrial robots that can repeatedly execute specified movements with high accuracy is regaining attention. However, it is not commonly known that industrial robots are programmed using languages designed decades ago. Trend Micro has been conducting cybersecurity research on smart factories since 2017, and discovered vulnerabilities in "automation programs" that define the behavior of industrial robots and also design flaws in "programming languages". These languages are legacy languages that were designed decades ago, but they continue to be used for purposes such as maintaining compatibility with successor models and reducing the burden of re-learning, and are a technology that is still being used in modern smart factories. In this series, based on the results of our third joint research project with the Polytechnic University of Milan, from a short to long-term perspective, we analyze the design security risks involved in legacy languages and risk mitigation measures that all users of industrial robots should take. In this first installment, we will explain the characteristics of industrial robots and the background, purpose, scope, and survey method used to conduct this research.
Industrial robots support factory automation
An industrial robot is a mechanical device that performs assembly work, transportation, processing, etc. inside a factory instead of humans (Photo 1). In today's world, where production that caters for business on a global scale is commonplace, it would be unthinkable to build a factory manufacturing process that does not involve industrial robots. Industrial robots, which can repeatedly perform precise work and reproduce flexible movements, are the basis of the automation of the manufacturing process.
The demand for industrial robots is increasing significantly, even with the COVID-19 pandemic. According to a report by Fortune Business Insight, the global market size for industrial robots was about 21.83 Billion USD in 2019, and is expected to expand to 66.48 Billion USD by 2027. This increase in demand is believed to be due to soaring labor costs in Asian countries, which are the main production base regions, and continuous investment in automation for the purpose of improving productivity. In addition, the social demand for the realization of minimal or no physical contact and unmanned services brought about by the COVID-19 pandemic is presumed to be a major driver of the growing demand for industrial robots. Industrial robots, which play a central role in automation of the manufacturing process, will become even more important in the post-COVID-19 world.
<Photo 1> Industrial robot (arm type) used in this empirical study
Movements of industrial robots are defined programmatically
Now let's analyze industrial robots from the perspective of digital technology. Industrial robots are complex cyber-physical systems used in manufacturing and are key components of smart manufacturing systems. When you hear the word robot, usually the actuator part like an arm comes to mind first, but the actuator part does not move independently, its movements are defined by a program and controlled by a controller (Figure 1). Therefore, industrial robots do not move as desired immediately after being placed, but work the required movements are programmed. An industrial robot is, so to speak, a large computer with a section that operates physically.
<Figure 1> Mechanism of robot movement (Simplified version) -Robot movement is defined by a program.
Automation programs are written in proprietary languages
Trend Micro decided that it was worth conducting security research on the "automation programs" of industrial robots when it discovered a vulnerability in an application of heavy industry giant ABB in previous joint research with the Polytechnic University of Milan. The application was written in ABB's own programming language and researchers were unfamiliar with it. Automation programs that drive industrial robots are written in completely different languages than the mainstream programming languages that are used to create websites and mobile apps. "Task programs" that define the automation behavior of industrial robots are typically written by field experts using a programming language specific to each robot manufacturer. In addition, each robot manufacturer creates a manufacturer-specific ecosystem that only uses its own programming language, programming environment, and even tools.
Let's look at examples of individual manufacturer's languages. Figure 2 is an example of a simple code written in the original language "KRL" of Kuka, a major heavy industry company. In this case, an industrial robot arm is instructed to move between two points (pos1 and pos2). Figure 3 also shows a pick-and-place program written for the ABB platform. You can see that each of them has a different language structure.
<Figure 2> Automation operation to move an industrial robot arm 10 times in a loop between two points
An example (described in Kuka KRL)
<Figure 3> An example of a description in ABB's simulation environment. A pick-and-place task program (left) and a digital twin-simulated station for an industrial robot (right)
This means that in order to operate an industrial robot, it is necessary to learn the proprietary language developed by its manufacturer, and when introducing an industrial robot from a different manufacturer, it is necessary to learn that manufacturer's proprietary language as well. Therefore, it can be said that the operation of industrial robots is an environment in which strong vendor lock-in must occur due to its technical structure. Furthermore, given the long product life of industrial robots and the fact that the languages were developed decades ago, the vulnerabilities in automated programs discovered in the previous study may have resulted from defects in the programming languages themselves. Based on this hypothesis, Trend Micro started this research with the aim of "understanding the root causes of vulnerabilities in automation programs and presenting risk mitigation methods."
This survey targeted eight major robot manufacturers
This survey targeted the platforms of eight companies that are leaders in the field of industrial robots. The target manufacturers were ABB, Comau, Denso Wave, FANUC, Kawasaki Heavy Industries, Kuka, Mitsubishi Electric, and Universal Robots. All of these manufacturers have long histories and have established trusted positions in the industry. Although Universal Robots is a recent entrant, it is worth noting that in addition to its own programming language, its control process engineers are leveraging mainstream languages such as Java and Python.
In this study, we not only used empirical verification methods such as analysis of task programs including automation logic, but also considered technical documents of 8 major industrial robot platforms, analyzed information from 11 online forums, from a non-technical perspective, held interviews with 20 experts in the field of industrial robots. With this method, we aimed to force consideration of non-technical issues such as industry characteristics and development culture, which goes beyond the vulnerability analysis of specific programs. As a result, as well as raising the security awareness of control process engineers, it became clear that some vulnerabilities could be fixed more easily and effectively by redesigning the platform and performing major upgrades. This matter will be described later in this series.
The fact that a technology itself is "legacy" does not mean that it immediately has security vulnerabilities. However, the security requirements and development process of each technology must change as threats evolve due to changes in the environment. What happens when technology developed according to the common sense of decades ago is incorporated into today's smart factories? This research clarifies the current positioning of cyber security in the industrial field through structural analysis of existing programming languages.
<Figure 4> Outline of this study's research method
Next time, I will explain the details of the verification results of this research and the impact of vulnerabilities in automation programs on production processes.