Can ROS be used securely for industrial use cases? The present study analyzes this question experimentally by performing a targeted offensive security exercise in a synthetic industrial use case involving ROS-Industrial and ROS packages.
After months of failed interactions with MIR and while trying to help secure their robots, Alias decided to empower end-users of Mobile Industrial Robots’ with information and disclosed preliminary results. This case study illustrates the information made available and the consequences of the insecurity.
This attack case study presents the penetration testing exercise conducted during the Week of Universal Robots’ Bugs. Our team challenged the security of these robots and developed exploits for identified vulnerabilities, across different firmware versions.
In cooperation with KUKA, the german Federal Cyber Security Authority (BSI) or the Spanish National Cybersecurity Institute (INCIBE) among others, we pentest KUKA's robots and responsibly disclose results hinting that further work is required to protect against hazards.
This cyber security case study shows how our team performed a short pentesting activity on a popular and rapidly growing low cost service robot, the UFactory's xArm. We study the xArm family of robots and report on the most representative security flaws.
In cooperation with ABB, we tackled several security flaws identified in real deployed robots. We learned that while ABB cares about cyber security, many "older" ABB systems are flawed by both new (0-days) and old vulnerabilities leading to security EoL products.
This cyber security case study shows a threat model performed in a fully modular ROS 2 articulated robotic arm. The application considered is MARA, a modular robot operating on an industrial environment while performing a pick & place activity.
This study case presents the result of research and a posterior penetration testing exercise conducted on Softbank Robotics humanoid social robots. Building on top of past work, our team studied the security of these robots, and demonstrated the current insecurities.