Jana Fruth, Richard Münder, Hannes Gruschinski, Jana Dittmann, Bernhard Karpuschewski, Rolf Findeisen
5. VR PROTOTYPE FOR SENSITISING TO SECURITY RISKS IN THE
MANUFAC-TURING ENGINEERING
In this section we describe our VR prototype for illustration and simulation of potential security risks and indirect safety
incidents in the production domain, caused by malware in-fected control systems of industrial robots. The simulation is conducted within the VR software ”KUKA.Sim Pro” Version 2.1 and KUKA.OfficeLite KR C Version 5.4. In Figure 5 the simulation of the automatic chamfering of large gearings with a KUKA robot KR210-2 [11] is demonstrated as described in Section 3. We seek to sensitise users, e.g. production engi-neers, technicians, and machinists to potential security risks and safety implications caused by malware infected industrial robot control systems. Our simulation prototype is designed to instruct users of production systems on potential security risks and indirect safety hazard scenarios in the production domain, compare with Figure 4.
Figure 4: Proposed VR environment including the virtual robot system and its operator
Additionally, with our VR model users can instruct themsel-ves on potential security and indirect safety impacts caused by malicious code infections. Furthermore, robot manufacturers should be motivated to develop and provide adequate securi-ty protection solutions as opposed to using sub-standard IT technologies that increase the risks for malicious codes.
Figure 5: VR prototype: scenario of automatic cham-fering of large gear segments with a KUKA robot KR210-2
Figure 6: VR prototype: scenario of damage of a desk by misdirection of the KUKA robot arm cau-sed by robot control program malware infection (see encircled space in yellow)
Our VR simulation should demonstrate both potential im-pacts to the security and imim-pacts to the safety of production systems caused by malware infected robot control systems.
An example active attack on security is the manipulating of robot control programs by adding additional moving com-mands (see also Section 4). This security attack may cause discrepancies in functional safety, e.g. the wrong movement of the robot arm. In Figure 6 a damage of a desk caused by a misdirection of the KUKA robot is illustrated. Furthermo-re, security attacks could have an impact on indirect safety.
These attacks could cause damage to objects and/or cause injury to humans. An example, which illustrates a collision of a misdirected KUKA robot and a human is shown in Figure 7.
Figure 7: VR prototype: scenario of injury of a hu-man by misdirection of the KUKA robot arm caused by robot control program malware infection (see en-circled space in yellow)
As explained before, our current prototype of VR simulation
of the chamfering of large gearings with an industrial robot can be employed for security and safety instruction and teaching scenarios. Furthermore, manufacturers of industrial production systems should be motivated to improve the security mechanisms of their systems to avoid the described security attacks and safety impacts.
6. CONCLUSION AND FUTURE WORK
In this paper, we describe a VR simulation prototype, which demonstrates the automated chamfering of large gearings with a KUKA robot. The VR scene should be used for a better illustration of potential security risks in the production domain, e.g. the manipulation of robot control programs with malicious codes.
In the future, this VR simulation should be extended. There-fore, we plan on endowing our simulation with an annotation that includes multi-media security warnings for a better un-derstanding of the potential security and safety risks. This will allow our VR simulation prototype to be used as a self-education tool for users. Furthermore, a detailed testing and evaluation process of our prototype with users of production systems is ongoing. In the future, the instruction with VR simulation including security risks with potential interdepen-dencies to safety could be applied to other robotic domains, like service robotics.
Acknowledgements
We would like to thank KUKA Roboter GmbH Augsburg, Fischer AG Herzogenbuchsee, and Schunk GmbH & Co. KG Lauffen. Jana Fruth and Richard M¨under are funded by the German Ministry of Education and Science (BMBF), project 01IM10002A. The presented work is part of the ViERforES project. We also wish to thank Ryan Maher for proofreading the paper.
7. REFERENCES
[1] DIN 3960 - Begriffe und Bestimmungsgr¨oßen f¨ur Stirnr¨ader und Stirnradpaare mit
Evolventenverzahnungen, 1987.
[2] SIEMENS, SINUMERIK 840D sl / 840Di sl SINAMICS S120, Diagnosehandbuch, 2009.
[3] M. Bishop.Computer Security: Art and Science.
Addison-Wesley Professional, 2003.
[4] E. Byres and J. Lowe. The Myths and Facts behind Cyber Security Risks for Industrial Control Systems. In VDE Congress 2004, Berlin, Germany, 2004.
[5] A. Dietrich, M. Schulze, S. Zug, and J. Kaiser.
Visualization of Robot’s Awareness and Perception. In First International Workshop on Digital Engineering (IWDE), 2010. pages 38–44, ACM, Magdeburg, 14.
June 2010.
[6] J. Dittmann, B. Karpuschewski, J. Fruth, M. Petzel, and R. M¨under. An exemplary attack scenario - threats to production engineering inspired by the Conficker worm. InFirst International Workshop on Digital Engineering (IWDE), 2010. pages 25–32, ACM, Magdeburg, 14. June 2010.
[7] Forschungsprojekt ALF - Arbeiten und Lernen im Fachbereich. e-Learning in der Production. 2005.
http://www.alf-projekt.de/alf eLearning produktion .pdf, last access: 22. Feb. 2011.
[8] Fraunhofer IFF. Project ”LiSA” - Assistant Robot in Life Science Company Labs. 2009. http://www.iff.
fraunhofer.de/en/iffdben/Produkt detail.php?
ProduktId=66, last access: 21. Feb. 2011.
[9] J. Fruth, C. Kr¨atzer, and J. Dittmann. Design and Evaluation of Multi-Media Security Warnings for the Interaction between Humans and Industrial Robots. In Electronic Imaging Conference 7575: Intelligent Robots and Computer Vision XXVIII: Algorithms and Techniques, IS&T/SPIE, 2011. San Francisco Airport, CA, USA, 23.–27. Jan. 2011.
[10] N. J. S. R. D. p. . Haegele, M. From Robots to Robot Assistants. InProceedings of the 32nd ISR
(International Symposium on Robotics), pages 404–409, 2001.
[11] KUKA Roboter GmbH. KR 210-2 (Series 2000). 2011.
http://www.kuka-robotics.com/germany/de/products/
industrial robots/high/kr210 2 2000/, last access:
1. March 2011.
[12] S. Lueders. (No) Security in Automation!? InVGB PowerTech, volume 88, pages 127–130, Essen, Germany, 2008.
[13] B. Matthias. Mensch-Roboter-Kooperation in der industriellen Praxis - Stand und Ausblick. In12.
IFF-Wissenschaftstage - Fachtagung: Sicherheit in der Mensch-Roboter-Interaktion, 2009. 16.–18. Jun. 2009.
[14] B. Siciliano, L. Sciavicco, L. Villani, and G. Oriolo.
Handbook of Robotics - Modelling, Planning and Control. Springer, London, 2009.
[15] N. Storey.Safety-Critical Computer Systems. Addison Wesley Longman Limited, 1996.
[16] Symantec. Stuxnet Introduces the First Known Rootkit for Industrial Control Systems.Symantec Offical Blog, Aug. 2010. http://www.symantec.com/connect/de/
blogs/stuxnet-introduces-first-known-rootkit-scada-devices, last access: 21. Feb. 2011.
[17] szenaris. Virtual Worlds.szenaris homepage.
http://www.szenaris.com/109-1-Virtual+Worlds.html, last access: 22. Feb. 2011.
[18] C. Walter and M. Schenk. Flexible Arbeitsraum¨ uber-wachung mit ortsfesten und mobilen Sensoren f¨ur die Mensch-Roboter-Koexistenz. In12.
IFF-Wissenschaftstage, Fachtagung: Sicherheit in der Mensch-Roboter-Interaktion, 2009. 16.–18. Jun. 2009.
[19] L. Westhoff. Aktuelle und zuk¨unftige Nutzung von sicheren Robotern in der automobilen Produktion. In 14. IFF-Wissenschaftstage, Fachtagung: Sichere Mensch-Roboter-Kooperation, 2011. 30. Jun. 2011.