"2021 is a milestone year for robot cybersecurity" - Endika Gil-Uriarte, CEO at Alias Robotics, talks on the latest robot security news.
Robots have traditionally been machines into isolated bubbles. For their part, Industrial production lines have been a set of robots interconnected between themself but disconnected from IT. At the advent of the new times, this reality is over, and industry 4.0 has collided the robotics reality. Connectivity technologies, as 5G, are becoming even more relevant since a growing number of leading companies are opting for cloud-connected production lines. The consolidation of this production model is evident. However, these technological advances have evolved faster than their protection technologies. In other words, connected robotics is yet much more advanced than robot cybersecurity. It is now that the focus is on security, and not just safety and it brings a paradigm shift. At Alias, as experts in robot cybersecurity, we answer some of the questions we are asked daily.
Freshly come from our partner Telefonica’s HQ in Madrid, where our CEO could first meet our partners face to face, Endika speaks about the latest developments in robot cybersecurity.
Q- Speaking about cybersecurity is a general trend in the market. How does that connect to robot cybersecurity?
A- 2020 has been a milestone year for cybersecurity, after a growing trend that had been building up for the last 5 years. We've all suffered from the pandemic that has, in many ways, changed our way of life. From severe lockdowns at home at the worst of the pandemic to the new normal. When it comes to our homes, our dependency on technology has made us more aware of security aspects. In industrial scenarios, where we mainly operate, on-site teams have become split bubble teams which require increased connectivity requirements, which has substantially accelerated digitalization and industry 4.0 transition but also increased risk and its perception.
Q- You've been almost a year at the forefront as CEO of Alias Robotics. How do you see the evolution of the robot security market?
A- It's taking shape quickly, there is now a market where there was not. The robot security market is a subset both of the cybersecurity and the robotics market. Born at its intersection, at a moment in time where robots are taking over. According to the World Economic Forum 2025, humans and robots will share the work out there at equal shares.
Earlier on in 2020 wrote a blog post elaborating on existing market trends and market studies in robot security. Now there are more than 8 (as of now) market research firms depicting Alias Robotics as one of the market niches. Robot cybersecurity is a missing gap in the robotics market, and a very required one.
https://news.aliasrobotics.com/alias-leading-company-cybersecurity-robotics/
Q- In your opinion what are and were the robot industry is facing for the new year and the after-pandemic?
A- 2021 is and will be a fascinating year for the robotics industry. 2020 has consolidated the fact that robots can be our companion technologies when it comes to facing great challenges. It has been proved that robots can not only clean for us, and perform surgery for us, but also, disinfect from SARS-CoV2 securely and contribute to our 24/7 manufacturing.
From now on, connectivity will be the next technological revolution. We believe that 5G will substantially accelerate robotics adoption in the next successful digital industries.
Cybersecurity will be a transversal pillar to all these elements, not only because of market pull coming from the end-users, which are now requiring end-to-end solutions, but also on the milestones that will be achieved in terms of robotics standardization and the birth of the new EU-Machine Directive. Major players out there are understanding the trend and rapidly positioning. I believe 2021 will be a milestone year for robot cybersecurity.
Q- Almost a year since Alias Robotics became a CVE numbering authority in the MITRE CNA program. How do you evaluate it?
A- Extremely positive. Alias Robotics became a CVE Numbering Authority in early 2020 for our products and robotics products, not in the scope of another CNA. We've had the chance of engaging with OEMs, intermediaries, governmental institutions, and security researchers, and the experience and the learnings cannot be better.
I can proudly say that Alias Robotics has become the reference in handling vulnerabilities in the robotics world, and we'll continue supporting it. MITRE has done a fantastic job putting together the program, and CISA, as a root-CNA taking over the ICS security part, has consolidated a very much needed OT-security (where most robots live, currently) segment, that will become critical in the years to come.
Q- We do see robot manufacturers taking actions in security. What does ALIAS ROBOTICS think about it?
Indeed, that's something we've been chasing for years. That is indeed something extremely positive towards the ecosystem and we applaud actions and awareness on the manufacturer side, even from players that used to be "agnostic". What was observed as additional development and economic burden, is now regarded as a needed investment.
Behind the scenes, however, there have always been several security-cautious manufacturers that are taking the right steps towards delivering best-in-class tested products and recommend the best security practices. However, it's not the manufacturer’s job to provide security. They provide functional robots, and they do it very well.
Particular reference to the case of Universal Robots A/S, which has released a method to validate URcaps and some security updates that the community has welcomed. I invite end-users to supplement those security updates in conjunction with our Robot Immune System (RIS)* solution and experience the value of having their robots protected and traced, according to our modular design.
*https://aliasrobotics.com/ris.php
We will keep on and accompany robot manufacturers in their security trips and continue serving the end-users. Since the market pulls coming from end-users. If we expect our laptops or mobile phones to be as secure as possible, why shouldn't our robots?
Q- But the OT-security ground is a challenging one.
A- Absolutely. The OT-security ground looks more like a Blue Ocean out there. No dominant player has taken the lead with a solution that floods the market.
Industrial digitalization and connectivity are something new and have their particularities. Traditional IT security space is full of solutions, but IT-oriented proxies do not necessarily work in OT, since there are tons of specifics to be covered. Robot security is one of them.
There's an array of OT-security companies that are chasing the big price of being references in the market and swallowing up a large market quota. They understand that offering security end-to-end is important (better said, critical) for the end-user.
Partial solutions that do not integrate well with each other and offer costly maintenance are not affordable any longer for the user. That's why we partnered with Telefónica and their managed industrial security solutions.
More exciting partnerships will come up live very soon. Stay tuned!