ALPS blog

Original article Trend Micro

One of the secrets of Trend Micro’s long-lasting success is being constantly on the lookout for where the next security threats might come from. That’s why we’re focusing a great deal of our research and development efforts right now on the intersection of IT and operational technology (OT). This burgeoning world of connected IoT devices is particularly advanced in the manufacturing space, where huge gains are already being made. But as great as these leaps forward are, so are the risks if technology systems aren’t properly secured.

That’s why we’re thrilled to be joining the ROS-Industrial Consortium (ROS-I) to help accelerate the secure development of robotic Industry 4.0 applications. It’s yet another important step for our stated mission: to secure the connected world.

Why IIoT matters

Industrial IoT (IIoT) systems are already streamlining production processes, improving cost efficiencies, and helping to drive greater agility and innovation for manufacturers. It’s no coincidence that the global market for such solutions will grow at nearly 17% CAGR over the next six years to exceed $263 billion by 2027. But with new technology always comes new cyber risk. As connectivity is introduced to industrial computing devices, the challenge is managing the threat from remote attackers. System and software vulnerabilities could be probed to hijack devices, sabotage production processes and steal intellectual property.

Robots are a particular risk—not only because so much of modern manufacturing relies on them, but also because many of these machines rely on legacy technology dating back decades. These custom, proprietary programming languages and unique ecosystems can make security complex, and lead to unpatched vulnerabilities which sophisticated attackers could exploit, with serious consequences.

Shaping the roadmap

ROS-I is an open-source project devoted to extending the capabilities of the Robot Operating Systems (ROS) into industrial hardware and applications. The job of the ROS-I Consortium is to prioritize these capabilities, offer code quality standards and provide technical support and training.

As an associate member of the consortium, Trend Micro will now be able to participate in technical and strategic projects and help to shape the ROS-I roadmap. In fact, we’ve already demonstrated our value to the organization in research last year, which uncovered design flaws and vulnerabilities in legacy programming languages used by some of its products. That resulted in our collaboration to develop secure network guidelines for industrial robots using ROS.

Securing the future

Trend Micro also recently started looking at the security of the Data Distribution Service (DDS). This protocol is used heavily by ROS2 and will therefore be another area in which we hope to deliver tremendous value to ROS-I and end-customers going forward.

Trend Micro is in many ways an unusual member of the consortium. Most either use ROS/ROS2 in their products, for example as robot manufacturers, or they want to help develop the software. We do neither, but we plan to work with the consortium to enhance security-by-design in ROS-I software. In fact, Trend Micro is only the second cybersecurity specialist to join.

Securing IIoT systems is hard: it requires capabilities across the cloud, the network, and the devices themselves. But thanks to our 30+ year heritage in cybersecurity and active deployments with global customers, we’re able to offer protection all the way from the gateway to the endpoint. That’s the kind of end-to-end security you need to drive Industry 4.0 success.

For more info, check out our Smart Factory solutions: