Case study: Remote attack to disable MiR100 safety

Publikation aus Robotics

Sebastian Taurer , Benjamin Breiling, Stella Svrta, Bernhard Dieber

Proceedings of the first Cybersecurity for Robotics 2019 Conference (CSfR2019) , 11/2019


In this abstract, we describe a case study where we remotely disabled the safety subsystem of a MiR100 industrial mobile robot. Due to several misconfigurations and negligence of standard security procedures (like changing default passwords), it is possible to retrieve, manipulate and reupload the safety program logic running on the dedicated safety PLC in the robot. We sketch the attack vector and describe its effects and possible mitigation strategies. The vulnerability described has been acknowledged by the robot manufacturer and is being addressed.


BibTeX Download:

Download (1 kB)