The ROBOTICS Institute of JOANNEUM RESEARCH Forschungsgesellschaft mbH in Klagenfurt, addIT, a subsidiary of Atos and a leading IT service provider in Carinthia, and Trend Micro, one of the world’s leading IT security providers, have joined forces to form a cybersecurity development partnership. […]
Industrial plants, pipelines, energy suppliers, but also laboratory facilities or hospitals have been increasingly affected by cyber attacks in recent months. IT and OT convergence in smart factories has not only brought huge productivity benefits, but also increased cybersecurity risks from possible malware infections and unauthorized access. Due to the flat network architecture and the associated vulnerability to attacks an entire production can come to a complete Standstill.
In a typical production environment, plants are often operated for decades. If these systems are decoupled from other systems, as was previously the case, the functionality in connection with safety components is no problem. It is made more difficult by the networking of the facilities with the Internet, which is now state-of-the-art and represents a gateway for cyber attacks. Open vulnerabilities in the systems of attackers can often be exploited, because patch management in a production environment is difficult or even impossible if the hardware is old and patches are not available.
Robotics is one of the essential building blocks between the digital and the real world. On the one hand, a robot allows many possibilities for interaction , but on the other hand relies on an operating system that is vulnerable and therefore offers a potential gateway for cyber attacks. With this background, addIT approached the JOANNEUM RESEARCH Institute ROBOTICS, whose focus is on physical and cyber-physical security in innovative robot-based production processes, to jointly develop a proof of concept, i.e. a practical test for a potential business idea. Trend Micro was brought on board as a project partner and provided an essential safety component using EdgeIPS, which enables uncomplicated patching and updating of the robot. Control is carried out via the existing network.
In the development project, several attack scenarios were simulated in order to manipulate a mobile robot arm, as it is often used in industrial plants. Current experiments under laboratory conditions have very quickly shown the first successes. With the latest technology, it has been possible to ward off attacks and prevent possible damage in the production chain.
Dieter Jandl, Managing Director of addIT Dienstleistungen GmbH & Co KG and Head of Marketing & Communications Atos CEE, says: “Austrian industry is an essential pillar of domestic value creation. For this reason, it is essential that innovation is not slowed down by potential cyber risks. Therefore, I am pleased that with the joint project partnership we can make a contribution to supporting companies in leading their business safely into the digital future.“
“In human-robot collaboration, safety and security are more closely interwoven than anywhere else in the industry. Safety, i.e. the protection of people, is now defined in standards and guidelines. The security aspect, i.e. the hacking of a robot, is ignored in many places. However, successful digitization and automation in production can only be achieved if it can be guaranteed that the network in which the robot systems are located is protected from unwanted, often malicious hacking attacks. This cooperation has shown how robot applications can be reliably and easily protected from cybercriminals,“ explains Bernhard Holzfeind, ICT and Laboratory manager at the JOANNEUM RESEARCH ROBOTICS Institute.
“This successful project partnership is due to the intensive exchange of knowledge between our TXOne-product management, and our partners from research and industry. The proof of concept has shown that the use of EdgeIPS can successfully ward off these attacks and thus protect non-patchable (robot)environments,“ says Daniel Schmutz, Head of Channel & Marketing ALPS at Trend Micro.
The EdgeIPS is designed for installation directly in front of business-critical Assests in Level 1-3 environments (according to the Purdue model). Their transparency and ability to detect network traffic and robotic or production equipment are designed to fit directly into OT networks without disrupting the operation of the equipment. The EdgeIPS is just one part of the TXONE Cyber Security Solutions portfolio, with which Trend Micro offers security solutions for industrial systems. The products benefit from the results of the vulnerability research of Trend Micro’s Zero Day Initiative (ZDI). The EdgeIPSTM systems allows for exclusive protection against undiscovered and Zero-Day threats in networked production, and robotic systems.
The benefits of EdgeIPS are reported for the minimum time required for configuration, maintenance and Administration, as well as the high degree of flexibility in the deployment. Because EdgeIPS can be placed anywhere in the network that needs to be protected. This enables high visibility and reliability of business-critical assets without changing the network topology.