Breaking the Laws of Robotics: Attacking Industrial Robots

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

thank you for coming to our talk welcome as you can guess from the title we're gonna be talking for the next 45 minutes about robots so let's first start to understand what an industrial robot is because we might have seen this we might have seen some pictures like this but you may imagine that there is a lot of complexity behind these machines so to take up some of the complexity we reduced and simplified the view that is necessary for this talk so there are standards mostly iso standards that specify and define the architectures the architecture of industrial robots so they're mostly standardized what you can see at the center of this image is of course the robotic arm right so it's a it's made of metal most of the time it's very heavy it has multiple joints and all the joints are motorized there are several servo motors that allow the the arm to perform very complex movements at the end of the arm there is what is called the end effector which is essentially the end of the robot it might be a cutting device might be a set of pliers might be a laser or other welding equipment it really depends on what the task of the robot is so these robots are generic that can do everything that's why they are interesting so the end effector can be changed depending on the application on the opposite side we see the human the operator which is the one that as you can imagine moves and interact with the robot by using a certain device that we will see in a minute in between there is what is interesting for us from a security perspective and of course for attackers it's the controller if we open the box of the controller we actually literally open the cage of a controller what you see on your right you see a bunch of computers in there the main one is called the main computer and it is the one that has most of the interfaces with the external world the first component that needs to be attached to the main computer is the teach pendant the teach pendant you can imagine it as a as a very rugged tablet with a joypad on it with which the operator can interact with the robot directly so that it can literally use it as an extension of its of his brain or his arm sorry after that after instructing the robot to perform a certain movement in between there is the axis computer the axis computer is the one that translates a movement as a high level command as an axis movement for example move a certain joint 30 degrees left right this is still a high level command and in order to be activated we need another intermediate device which is the drive unit that's the one that translate an axis movement into a drive for the servo motors for example apply a certain amount of power to servo motors 1 and 2 for a certain amount of time and this create the actual movement great so one of the main characteristics of industrial robots is that they are flexibly programmable in the sense that you can write code as you were you were writing code for another application by which you can instruct the robot to do the same task to perform the same task over and over these programs can be written from scratch with a normal editor or they can be recorded as macros using the joypad so you can turn the robot in teaching mode do some movements and then you can repeat the execution and interesting an interesting thing of this of this program is that they are implicitly parametric you can imagine that in order to perform a certain complex movement there is a lot of physics behind it there is a lot of kinematics behind it so the controller is actually solving a control problem what we tell to the controller is move a certain joint to a certain position but behind it the controller has to solve the problem how much does the arm weight how much far do I have to go so to reach a target there is a certain amount of control problems that need to be solved and all of these are implicitly parametric so that the programmer only needs to write a program and the controller does the rest so if the physics of the of the system changes the program will automatically adapt and this is interesting because it makes the robots very generic of course it's also interested in it also opens a possibility for you no repercussions so if these parameters are for example I'm just giving you a hint saved in a configuration file if the configuration file is altered this may end up in a wrong movement you know you know the robot not being able to reach a target in an optimal time great so second characteristic of industrial robots is that they are connected that's why we call them industrial robots connected robots so to speak if we take a look at one of the not previous generation but not bleeding-edge robot by Kamau for example they were already meant to receive comments in a very interesting way you can send emails to the controller and the robot will will execute a command or you can have the controller send you emails in order to give you monitoring signals and stuff like that so they are already meant to be connected even if you are not looking at the most you know latest generation of robots in addition to emails there are of course other protocols that can be used to program and interact with these robots remotely for example we found that in ABB they use FTP in as I mean to upload code or upgrade the certain components but of course there are also other non-standard protocols for example ABB uses this API to receive commands and the newest generation they also have a rest like API so they're getting more and more opening and all of this is sitting as you can see in a pretty wide attack surface from simple USB ports to Ethernet ports even radio devices what you see with a little antenna that you see on the right is a 4G modem so there are various reason why you want to want to connect your robots from simple monitoring which is even specified in the standard from active control of the production this is what we're expecting in a near future at the end we might expect I mean it's not very hard to imagine a future where they will the app stores or library stores where even industrial operators can download pieces of code and compose them together to create a complex a complex task there is even already a App Store for consumer robots so it's not really hard to imagine that at some point in the future there will be AB store for industrial robots as well so given all the all of these premises and given that robots are so connected I'm asking a question and I'm asking actually to one of my colleagues do we believe that cyber attacks against robots are you know a realistic threat what do you think that we do to the users of our survey so we interviewed 50 domain experts between industry and academia and we found out that the 20 of them that replied a little bit more than half of them thinks that a cyber attack against an industrial robot is not a realistic threat so we asked them also a bunch of other questions for example what are the consequences that you foresee if an attacker is has compromised your robot so most of them were worried about the impact on physical safety is the human operator at risk some of them worried about production losses what if the attacker stops the production plant one of them even hinted what if the attacker inserts some small defects in the products so the other question that follows this one is of course then what are the most valuable assets at risk well they are of course intellectual property on the controller there is code that is specific to a certain production so this might be part of the intellectual property of the business but they also cared for humans and for materials and the pigments so as you have seen in the last few slides the impact is way much more important than double net abilities alone so how can we access the impact of an attack against in the two robots well we can start reasoning about the answers that our users that the users of our survey gave us but we should also think of the requirements that an industrial robot should have so what are these requirements you can think of them of something close to the laws of robotics of Asimov fact the first one is safety the robot should never harm the user the second one is accuracy you can see on the image there's a robot that has been programmed to throw a dart right in the center of a dartboard to do so this robot must not only locate the dartboard so Reed had some physical some input from the physical world and he must do this accurately but it must also throw the dart correctly so we have a two-fold requirement of input and output accuracy the third and last requirement is integrity I mean what could go wrong what can go wrong is that the user or the malicious user can ask the robot for example to reach a position which is not physically reachable the robotic arm can break for example so if such a command has been sent to the controller we should avoid that such a thing can happen so a robot specific attack is a digital borne violation of these requirements we developed five of them and the first one is the one of control loop alteration so espadrille told you before these robots are pretty much flexible we found out that usually there are configuration files that stores some of these implicit parameters that describe for example the control loop permit properties and the kinematics the values of the kinematics parameters that are used to calculate the next position so what if an attacker can modify this config files what happen is that after the compromise the user will send a command try to execute a program what happen is that since the representation of the physical world for the robot has changed something we can happen we developed a proof-of-concept to show you what will happen we weren't able to bring the robot with us it didn't fit in the luggage but let me show you the video so in this video we program we show you how we program the robot to just draw a straight line nothing fancy extremely easy at this moment the robot is not under attack again try to think of this from the user perspective now the robot is under attack nothing changed the code is always the same what you will see is actually that something is happening from the user perspective the operator perspective still nothing has changed did you notice anything well if we look closely at the pencil trail we will find out that a small drift of a couple of millimeters has been introduced this module oh of course Quality Assurance processes can have a devastating impact the next attack is the one of calibration tampering not only the robot should know let's say the representation of the physical world but it must be also able to calculate an error and account for this error in the representation so you will have to calibrate the robot what if the attacker is able to compromise again the calibration parameters what can happen is that either he is able to again introduce some micro defects or damage physically the robot the motors the third attack is the one of production logic tampering in this attack the attacker is able to compromise the safety requirement he does so by modifying the code for example that is running on the controller in this image you can see that we written wrong density you specify the weight of the object that the robot is speaking in the code if the attacker can change this representation some fancy things happen you will see for example the robotic arm started drifting upwards so if the attacker is able to compromise the code to modify the code because no code integrity checks at present we are a man-in-the-middle attack he is able to do basically whatever he wants modify the production process completely introduce my credits is free to do whatever he wants the last two attacks are the ones about the state alteration what if the attacker is able to modify the state of the robot turn it on at his will or change the representation of the state that is displayed to the user well if the user reads motors are on on the teach pendant he will not enter the workspace if the attacker has compromised the robot we have seen that he can in some sometimes we can change the state of the robot or at least he is always able to change the information that is displayed to the user so in this case the user would read motors are off free to go instead he will be at risk we developed a proof-of-concept also for this attack by introducing a malicious DLL in the teach pendant and as you can see on the interface the teach pendant is sent to the user the robot is in manual mode you need to move the joystick to move it he will go slow and the motors are off don't worry what is really happening instead is that the robot was in automatic mode it can go fast hit the user do whatever it wants and their motors are on so this raised an important question is the teach pendant part of the safety system that's what it's not because there are safety standards in place that mandates that if the user enters the workspace of an industrial robots for example he enters the cage an emergency stop must be issues must be should and the robot should stop but as we have seen many times what is mandated by the standards or what is the best scenario is not what happened in real life so what if these safety measures are too limiting we ask Allah to our users some of them replied yes well these measures are kind of limiting for us so what do you think they will do well they will customize them most of them said yes well we did something with our safety measures we changed them in some way so what happens if they change the measures in some weird ways this male was a follow-up to our report and a researcher described an incident where they were running a security scan of the network just the normal and map being scan and one of the packets happened to wake up the PC that was controlling the robot the robot started swinging at full speed and the only physical safeguard that was there well was just a red line drawn on the floor fortunately no one was hurt so as we've seen things in the real world can change a little bit from what we are scratched up to now what I described requires an attacker to be in control so how can we do this Thank You Davide so up to now we assumed that the attacker is able to compromise the controller from a motor standpoint in this second part of the third we will we will try to lift this assumption and we will scribe how we manage to find couple of vulnerabilities that actually allowed us to remote compromised the controller we didn't perform a complete vulnerability assessment our goal was just to implement those attack that we explained before and also all the vulnerabilities that I will explain you after that have been fixed or mitigated by Emily or by the vendor of the robot so let's go back to the attack surface of the robot as we told you before the main point the main the main component of the grabber controller that exposes the most attack surface is the main computer the main computer exposes a lot on active services and it is the component that is the gateway between external world and the controller so we focus it now our analysis to the main computer from a technical standpoint the main computer is an x86 system running a real-time operating system vxworks it's a component that is extremely interesting from our point of view because it is the gateway between the user interface and the robot is the Plex panel the Flex pendant is another embedded system which runs to Windows CE so let's go back to the main computer the main computer as we said expose a lot of natural services those not to service are authenticated using a user of a relational system framework which is a kind of standard user authorization system framework where every user human user mean authenticates using a username and a password and it is used to authenticate the access to all kind of natural services each you belong to a set of rows each role belongs to set of permissions if we go back to the user manual we see that there is actually a different user with a default password from a new robot where from robot to a 6.04 it is actually possible to deactivate the default user and it is actually suggested not in the user model but in the deployment guidance that are given to a big robot customers to deactivate the UN default user so even if you get network access to the robot we will need to compromise the controller to I passed this authentication one point of view one subsystem that we can look at to find some thymosin abilities is the update system so to update the system as the system is composed by a lot of computers based components you just obtain the main computer then the main computer will transmit will propagate the page to all the system for example when the Flex pendant boots it will fetch the software that if needs to run from the main computer and it does this using FTP when you put the system the Flex pendant connects the FTP to the main computer and will download the code there is no code sign so if you are able to change the piece of code that is running that is the store on the main computer you will be able to change the firmware running on the Flex payment the point is how is this authentication perform well before our pad before the before the latest patches the flex penalty authenticated to the main computer using any contentious basically the user traditional system was turned on after the Flex payment Putin so to allow the flex payment to actually download the load the software update before a user could actually type username and password because the boot is unattended the update system is not the only sub system where we have a kind of complex interaction complex and attend an interaction between different components another interesting point is the auto configuration of optional components this is a service box is a gateway using for remote monitoring the who we talked about this later and this service box can be plugged into the main computer via ethernet and we allowed to configure itself automatically again the auto configuration is performed using the FTP and this time is performing using FTP and hard-coded password because there is no way to type fashion inside them their service box before the first Auto configuration fortunately this hard-coded password will allow us to just to retrieve files and store files in the slash common subdirectory the slash common is actually a driver with which allows to perform two operations read system information the version of the software running on the main computer the current time stamp and the kind of information and execute commands if you store a file in / comment / command this file will be actually passed by the drivers by the driver by the common driver and some comments will be executed for instance when you connect the remote service box the main computer it will be it will upload the file to out register itself so you can see remote service and distraction with a certain IP address that is the IP address of the remote service box so it is interesting to see what commas do we have at our disposal and it turns out that we have a shell common the shell command takes a single parameter and executes this parameter as a vxworks symbol so basically you can execute any symbol in the main computer famer using shell and the name of the symbol unfortunately it is not possible to pass parameters we can just execute function without parameters but there are interesting same things that we can do we can do a root shell a boot or worse we can disable the solution system shell new alias and the school disabled will completely disable utilization system and given the fact that we found our coding credential to access this driver we have remote command execution limited by the fact that we cannot pass any parameter but if we look further in how the main computer parses the parameters passes the commands we see that we have an unbounded right to the stack so the parameter the name of the parameter is just copied straight to the stack without an invalid check we have a formal memory corruption vulnerability we have a stack overflow that Allah will allow us to perform remote code execution and basically execute arbitrary code on the main computer female this is not all the only let's say parsing routine or security-critical routine we also found stack corruption vulnerabilities in other points one is in the passing of the Rob API prodigal there is an answer interesting copy from the from a parameter of the protocol to the stack and what indicates we can have a remote code execution or also in the boot of the flag pendant in the in this in a code of that marriage is the boot of the Flex pattern there is a steal another buffer overflow that will allow us to perform a denial of service for instance so this is just a subset of Devon amis that we found and the takeaways of this is that we were able to found some standard memory corruption vulnerabilities stack overflows and sanitize copies nothing particularly fancy and not a particularly difficult to fix the most of the vulnerabilities that we found our logical vulnerabilities it is a complex system it is a complete distributed system with different subsystems that different microcontrollers different processor and those need to communicate together and the implementation of some part of this communication was flawed from a security point of view but the main problem in our vulnerability assessment is that all the components are blinded us in each other there is no hardware or software trust boundaries between different services running on the main computer or different harder components so just a single stack of vulnerability in an unknown poorly audited not so important service of the main computer and you can compromise all the components running on all the robot controller because the because the components are trusting each other so to wrap up we are able now to complete compromise the controller just the connect via FTP or connected to via Rob API and exploit added either the statical dentures and remote code the common execution or one of the memory corruption that we found to execute arbitrary code on the main computer once we can execute arbitrary code we can call that the function to disable the UAS once we disable the user authorization system we are now able to upload and download arbitrary files to the multitude to the main computer storage the main computer storage is basically used a bi FTP as a shared file system for all the components now we can for example upload a malicious DLL that will be executed at the next boot by there by the flexpayment these DLL can straight forwardly implemented the attack that that we just showed you before the one about the state alteration or can for instance implement some kind of command and control or per system functionalities so at this point we can actually say that we have the robot controller completely under the Tucker's control there is a small step missing because to implement many of the tags that we shoved you we need to attempt a with configuration files configuration file that contains sensitive parameters for example the PID parameters the PID Techcon the parameters that control the kinematics of the width of the robotkind of the robot air and thus those fights are sensitive those files are encrypted actually those fights out obfuscated more than encrypted and by reverse engineering the robot controller filmer we were able to reverse-engineer the obsession which is kind of simple and tamper with the files so we are now able to from a remote standpoint to connect to the robot expert the robot to run arbitrary code and tamper with the configuration files so basically we have all the elements in place to implement the attack that we showed you before in the video but we need to connect remotely to the main to the main computer so the question is now is it actually feasible for an attacker that is not working in the company inner and external remote attacker to actually connect to the control that we robot controller at launch our attack so let's go back to the problem of connecting the robots so now we we go a little bit more in-depth into the how robots are connected we only glanced it at the beginning so if you're looking at the modern factory pretty much this is a listen area that we have in mind there are several connection points some robots will be connected directly to the internet by the radio interface through a custom APN for example it really depends on the vendor some of them will only be connected to to the computers in the land in the factory land and some other will be indirectly connected to the internet using a you know normal gate like basic basic case this in area is also fairly confirmed from the from the small survey that we run it's not very surprising to discover that most of the domain expert that we asked they use Ethernet to connect the robots I personally found it a bit surprising to find out that they were using Wi-Fi to connect to the robot I mean in within the factory LAN I know I don't think it's a great idea because I mean a simple vulnerability in the radio in your radio firmware might end up having the attacker within reach even if it's outside the factory right so another question that we were curious to to know the answer of what do you connect your robot also directly to the internet because we were really interested into this and fortunately only a minority of them told us that people would connect the robots directly to the internet so the next question is so given that these people are some of them some of these domain experts are telling as they do connect robots to the Internet are we going to find any robots if we simply scan the internet for them right so this is a the result of a shounen scan actually reflect what we got fortunately we haven't found a lot of exposed robots if you simply search for the top five brands this is what you were gonna find I checked a couple of days ago and there were 10 10 times more than that but we will be monitoring these searches for about one year and all the numbers that we got were you know flowing between 25 and 35 so not a lot of them so actually if you change your your point of view instead of looking for the robots you look for the brands of the routers that are used to connect these robots you're going to find that much interesting picture we search for the 12 top manufacturers of industrial routers we haven't focused on like generic network manufacturer network equipment manufacturers such as Cisco simply because they produce a wide variety of products we focus only on unknown vendors that reduce specifically - the routers so the first thing that that stands out from this light is the amount of routers that you find clearly not all of them there is there isn't an ethical way to verify which of these are actually connected to - robots as well as opposed to generic industrial equipment but it gives a picture it's a it's a superset but still includes the number of robots connected there because some of this vendor for example a 1 are the vendor of choice by the robots vendor a 1 is used by ABB other vendors are used by other routers are used by other robot vendors so they do include the the number of robots connected another thing that you notice the the left core the right column is that some of them are even connected with no authentication enabled so the second red flag is that there is a deployment issue I mean there are configuration that are non not secure by default in these devices you might wonder how we found all of these devices I mean if it was easy or not to find these devices expose how we we crafted the search pattern well unfortunately it turns out that is rather easy at MSE unfortunately and I'm gonna explain you why I mean unfortunately what you see at the bottom there is one probably extreme example of a vendor that thought was a good idea to expose a very verbose Network banner and this is actually common among these vendors to announce you know details in the network banner so generally I mean this is not even on vulnerability probably if you talk to the vendors you can tell them that there is an info disclosure kind of vulnerability but it's not an extreme case of vulnerability but still I cannot refined a use case for exposing in this case even the frequency of the CPU the MAC address of the network are the date in which the the funeral was built what else the the serial number of the device I cannot honestly fine maybe I'm overlooking something but I cannot find a use case for that if you find it please I will be happy to know that so this is a general issue that we found in most of the devices we have analyzed most of them are very very verbose from from a network banner point of view so if it were device is connected to you know non-critical equipment when we say okay fine I mean this simple vulnerability is not of high impact but in this case I mean these devices are connecting industrial equipment I cannot really find why an industrial equipment would need such an exposure so here of course don't get me wrong I'm not advocating in favor of security through obscurity of course not that's a bad idea but it of course is if there are vulnerabilities the response shouldn't be to hide these devices the response should be fixed those vulnerabilities but on top of that you also have to make sure that these Network banners disappear because you're simply making the attacker job easy you craft a fee a simple simple search and shot and you can find all of these devices plain easy not that these devices are not vulnerable I mean they are vulnerable we also found we and other researchers before us found that a good majority of these have outdated software stack the main components in these devices you may imagine it's a Linux kernel some busybox and SSH and probably a web server if you find that even this small set of software is outdated then is not a very good picture that you have even clip the libraries sometimes were outdated and the femur of the of the basement was outdated in some of these devices so given that they are used to connect critical equipment again there should be more and more focus also the web server sometimes is is a vulnerable this is an example that I wanted to bring because it's kind of funny there is this vendor who has plain copied the code from a beginners blog explaining how to to create a REST API in PHP copy and paste into the router and the vendor response was well this component is not exposed okay fine but then there is you know 0 input sanitization and I'm simply showing a simple short snippet but believe me there is no input sanitization in that and the code is copy and pasted directly from the beginners block so I didn't really like I wasn't really very a founders so the bottom line through this example is that when you need to connect your robots use some care and as marchello told you before vendors the robots vendors are providing you guidelines that you're not going to find online on their on their website they're going to give you a separate manual a security set a separate security manual that you have to to use to you know to properly secure your deployment and they offer guidance I mean this is what one of the vendors told us they offer guidance specifically for connecting robots to network or to the internet directly so now I think we have a lot of wrap-up so I'm gonna hand the the slider to divert them and then we'll go through question answers thank you so let me conclude this talk I hope you enjoyed it let me just wrap up what we said give you some more insights so we have seen in this presentation that robots are being increasingly connected this can pose a problem we developed some industrial robots specific classes of attack and these happens also because these robots are extremely flexible the barrier to entry fortunately is quite high I mean an industrial robot can cost at least seventy five thousand dollars used but of course we know that this isn't the barrier for a motivated attacker or for an attacker with the financial means what should we do now we've seen that the vendors are very responsive we were extremely happy to work closely with ABB the vendor of the robot they fixed the vulnerabilities in no time were extremely available also to help us verify our findings so this was amazing but we feel that as a community we really need to push for measures so let me give you some hints on what we think should be the countermeasures that we need to implement in the next few years maybe so as a short-term control my sir we think that we should work on the user side we need to implement attack detection and deployment our dominga so we are talking about the user side on the vendor side instead as a medium term objective we should think of system hardening integrate secure development in the lifecycle of the applications but what do we think is the most important point probably is that you remember a couple of years ago there exceed that where no say security standards for the automotive field right so same thing happens for industrial robots we have safety standards they are also amazing but they do not take care for an active attacker so we hope that our research will shed some light give some hints so that new standards can be born regarding the security of industrial robots and not only the safety aspects you can find our contacts on top and the papers slides and every material are on Robotech org and the second link is our industry report so if you have any question feel free to ask [Applause] [Music] [Applause]

Info

Channel: Black Hat

Views: 5,482

Rating: 4.8367348 out of 5

Keywords: BHUSA, Information Security, InfoSec, Black Hat 2017, Black Hat, Black Hat USA 2017, Black Hat USA, robotics, robots, industrial robots

Id: RKLUWnzIaP4

Channel Id: undefined

Length: 39min 32sec (2372 seconds)

Published: Fri Dec 01 2017