Trend Micro provides information about dangerous design errors and weaknesses in legacy programming languages for industrial robots. In collaboration with the Politecnico di Milano, Trend Micro publish basic guidelines for safe OT development.
Trend Micro presents new research that indicates design weaknesses in legacy programming languages used in industrial systems. The security researchers are also publishing new guidelines for secure programming, which are intended to help developers of Industry 4.0 systems to significantly reduce the surface area for software attacks. This effectively prevents business interruptions in OT (Operational Technology) environments.
Vulnerable automation programs of industrial robots
The research carried out in collaboration with the Polytechnic University of Milan (Politecnico di Milano) shows comprehensively how design weaknesses in older programming languages make automation programs vulnerable. In the event of manipulation, attackers have the opportunity to disrupt industrial robots, automation and production systems and to steal intellectual property. According to the report, the industrial automation world does not seem to be prepared to recognize and prevent the exploitation of the vulnerabilities found. It is therefore imperative on the part of industry to adopt and establish proven security measures from network security and secure encryption practices. To this end, the researchers are already in close contact with industry leaders.
"Since it is often impossible to apply patches and updates to an OT system connected to the network, the development must be secure in advance," explains Udo Schneider, IoT Security Evangelist Europe at Trend Micro. “Today, the software backbone of industrial automation depends on legacy technologies, which all too often contain hidden vulnerabilities. These include Urgent / 11 and Ripple20 as well as variations of Y2K-like architecture problems. Not only do we want to point out these challenges, but once again take the lead in protecting Industry 4.0 by offering specific design, development, verification and ongoing maintenance assistance as well as tools for scanning and blocking malicious and vulnerable code. "
The possibility of an active attacker was not taken into account
During the development of the previous, manufacturer-specific programming languages such as RAPID, KRL, AS, PDL2 and PacScript, the possibility of an active attacker was not taken into account. Since these languages have been around for decades, they are now essential for important automation tasks in the factory floor, but they cannot be easily repaired themselves.
Vulnerabilities are not only a problem in automation programs written with manufacturer-specific languages. As the researchers show with an example, a new type of self-propagating malware can even be created in one of the legacy programming languages.
Trend Micro Research has worked closely with the Robotic Operating System Industrial Consortium to develop recommendations on how to reduce the exploitability of the problems identified.
Policies help prevent attacks
"Most industrial robots are designed for isolated production networks and use legacy programming languages," says Christoph Hellmann Santos, program manager at ROS-Industrial Consortium Europe. “They can be vulnerable to attacks if, for example, they are connected to a company's IT network. That is why ROS-Industrial and Trend Micro have jointly developed guidelines for a correct and secure network setup for controlling industrial robots with ROS. "
According to the new guidelines, task programs based on these languages and controlling the automatic movements of industrial robots can be written in a more secure manner in order to reduce the risk in Industry 4.0. The key points to consider for writing safe work programs are:
- Treat industrial machines as computers and work programs as powerful code
- Authenticate all communication
Implement policies for access control - Always perform an input validation
- Always perform an output cleanup
- Implement proper error handling without disclosing details
- Set up suitable configuration and deployment procedures!
In addition, Trend Micro Research and the Politecnico di Milano have developed a patent pending tool that can detect vulnerable or malicious code in task programs and thus prevent damage during runtime.
40 cases of vulnerable open source code found
As a result of this investigation, safety-relevant features were identified in the eight most widespread industrial robot programming platforms and a total of 40 cases of vulnerable open source code were found. A provider has already removed the automation program affected by a vulnerability from its app store for industrial software. Two other vulnerabilities were confirmed by the developer, which led to a fruitful discussion. Details of the vulnerabilities were also published in an alert by the US Homeland Security Agency's ICS-CERT (Industrial Control Systems Cyber Emergency Response Team). The results of this research will be presented on August 5th at Black Hat USA and in October at the ACM AsiaCCS conference in Taipei.
More on this at Trendmicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.