Perfect spies may already be among us: industrial robots

One dark night in May of 2013, T-Mobile's top smartphone testing robot 'Tappy' was abducted from its Bellevue lab and spent the night in the company of Huawei employees who were doing exactly what they had been told repeatedly not to do " try to copy it.

Huawei was at the time trying to develop its own smartphone screen-testing robot and was apparently struggling. Its smartphones were not doing well in T-Mobile's endurance tests. The robot's tapping arm was returned in a Huawei engineer's bag the next morning, and the last of the Huawei staff were promptly kicked out of the lab.

The whole episode and the events leading up to the theft were the subject of a civil lawsuit which cost Huawei US$4.8 million, with the company admitting its staff had acted inappropriately. The US government is now ratcheting up for further action over the intellectual property theft.

Industrial espionage is not new, but is a particular problem for technology firms that fiercely compete in cutthroat markets. Technology theft can give competitors undue advantage, and such offences are therefore considered very serious, carrying some hefty fines.

Before the internet became ubiquitous, industrial espionage " or economic espionage as it is also known " required people on the inside, either new hires or disgruntled employees to pass technology and information to an outside party. Modern history is full of examples of firms that suffered from industrial espionage, for example razor maker Gillette, film maker Kodak and technology company IBM. In IBM's case, the theft was international in scope, and it successfully sued Hitachi and Mitsubishi Electric for the crime in 1983.

In our modern, connected world, industrial espionage can now be conducted at great distances by hackers who gain unauthorised access to computer systems. In 2011 Chinese hackers allegedly broke into the computer systems of ExxonMobil, Chevron and ConocoPhillips along with two other oil and gas companies to steal critical proprietary information.

A Fanuc robot. Photo: Neil Newman

Industrial robots have historically operated with dedicated networks and software, as the major robot manufacturers designed their systems to fit a specific factory. This meant it would be difficult to operate for example a Japanese Fanuc robot alongside a Swiss ABB robot, or one from German, now Chinese-owned, Kuka. The Japanese wanted to improve interoperability, and under the auspices of the Japanese Ministry of Economy, Trade and Industry (Meti), in 2015 a 'New Robot Strategy' action plan was drawn up. One of the key components of the plan was to make Japanese robotics a global standard, thereby making them easier to integrate domestically and overseas, ensuring the Japanese manufacturers retained their leadership.

Independent systems on dedicated networks are largely impenetrable from outside attackers, but as standards come together and robots are connected to the internet, this introduces a new risk from hackers. Given the ubiquity of robots in a wide range of manufacturing, from car assembly and aircraft parts, through food and drink packaging, to drug packing and medical equipment, this threat must be taken seriously. As the risk of malicious cyberattacks has grown, a growing range of systems need to be protected by the same companies that provide the antivirus and firewall software we use at home. One such is cybersecurity and defence company Trend Micro.

Yet, what if the purpose of an attack was not to interfere with manufacturing or gain production information, but rather to collect information about what the robots are doing? This opens a new dimension for spycraft. A company that knows what the robots in their competitor's factory are doing has the edge. Already, Japanese robotics companies are collecting data from their robots in the field, uploading it to the cloud to be analysed to improve efficiency and hone in on their customers' needs. Ensuring that data doesn't fall into the wrong hands is crucial.

It's 10pm, do you know what your robot is doing? A Fanuc robot lifts a car. Photo: Neil Newman

Japanese robot maker Fanuc collects data from their robots, but are careful to say that their Industrial IoT Platform 'FIELD' system " which stands for Fanuc Intelligent Edge Link and Drive' " production data remains in the factory. As more robot makers start to track the activity of their products and offer their clients "big data" analytics, promising efficiency gains, anybody looking to build a new factory now faces a quandary: which robot to trust?

There are 10 major manufacturers of robots, these are ABB (Switzerland), Yaskawa (Japan) KUKA (German " Chinese owned), Fanuc (Japan), Kawasaki (Japan), Epson (Japan), Staubli (Switzerland), Nachi-Fujikoshi (Japan), Comau (Italy), Omron Adept (US " Japanese owned).

A rethink of what equipment is used in factories could open up opportunities for smaller robot manufacturers and reshuffle the order of the big producers. For example, if you run a factory that historically used Kuka but are no longer comfortable with the new owners, or you are a Chinese manufacturer no longer happy with the Japanese sucking up all your factory data, you might look for something else.

As supply chains start to shift after Covid-19 " and the Japanese government for one is aggressively prodding Japanese firms to get out of China via a 240 billion yen (US$2.23 billion) fund " manufacturers will be looking to tool up new factories elsewhere. Modern, cloud-connected equipment not only presents a new security risk, but introduces geopolitical considerations about its country of origin. What level of connectivity to allow, and who owns that data, become critical factors when considering what to buy, or indeed, in which companies to invest. ■

This article originally appeared on the South China Morning Post (SCMP).

Copyright (c) 2020. South China Morning Post Publishers Ltd. All rights reserved.