Robotics

Case study: Remote attack to disable MiR100 safety

Publication from Robotics
Robotersystem-Technologien

Sebastian Taurer, Benjamin Breiling, Stella Svrta, Bernhard Dieber

Proceedings of the first Cybersecurity for Robotics 2019 Conference (CSfR2019) , 11/2019

Abstract:

In this abstract, we describe a case study where we remotely disabled the safety subsystem of a MiR100 industrial mobile robot. Due to several misconfigurations and negligence of standard security procedures (like changing default passwords), it is possible to retrieve, manipulate and reupload the safety program logic running on the dedicated safety PLC in the robot. We sketch the attack vector and describe its effects and possible mitigation strategies. The vulnerability described has been acknowledged by the robot manufacturer and is being addressed.

 

BibTeX Download:

Download (1 kB)