Failing at the first hurdle: How IoT security risks derailing robotics before it ever goes mainstream

Eric Jensen of Canonical

2019 is a big year for robotics, as we are seeing the expansion of automation technologies into new markets. But with IoT security still a weak spot, one major attack within robotics could have a domino effect on the entire industry, says Eric Jensen, head of IoT Product Management at Canonical – the company behind Ubuntu.Add to this the verticals that robots are beginning to infiltrate – healthcare and agriculture for example – and the threat becomes immediate and very real.

IoT is an established concept and connected devices are now mainstream. Still, its full potential has not been realised, as growth has been stunted by security concerns and other factors. Paradoxically, as the market grows, vulnerability points multiply and security risks skyrocket.

As a result, confidence in the Internet of Things (IoT) drops year-on-year. 90% of consumers lack confidence in connected devices, according to recent a survey. These concerns are more than valid, as nearly half of companies are unable to detect when a breach occurs, and only 15% of budgets are earmarked for IoT security.

Robotics’ future rests on IoT

And yet, the future of robotics rests firmly on the shoulders of IoT. Robots act as one part of intelligent ecosystems: they depend on the IoT to link various sensors and smart metres, pass data to and from third parties, and increasingly allow robots to ‘understand’ the world. The self-driving car, for example, is a robot orchestrated by various smaller devices and smart sensors.

In fact, robots are being created to tackle every conceivable problem. Take the Google-funded RangerBot – an underwater machine designed to track down one species of starfish responsible for coral reef destruction, or Small Robot Company, a start-up tackling farming deficiencies with bots that autonomously feed, seed, and weed arable crops.

Rising levels of sophistication within robotics, however, go hand-in-hand with more targeted and damaging attacks. Telesurgery uses robotics to help surgeons perform procedures remotely – a malware bug in this scenario could mean the downing of tools, threatening the patient’s life. Researchers at Brown University proved how easy it is to hack robots – the industry will simply not be sustainable without the backing of a secure, connected IoT network.


Robot manufacturers, therefore, must build with a ‘security-by-design’ mindset. This begins by selecting a robust operating system from the outset – secure now, but also ready for future market demands. Hackers are constantly evolving their activities and businesses must be flexible in their approach to security, shedding the old hardware-centric view of IoT security. Software can no longer end when a device is shipped. It must align to the lifespan of a robot and be able to update whenever there is a potential flaw. The world of mobile took many years to get to grips with this – robotics and IoT developers should learn from their mistakes.

One way developers can safely build and secure software is through snaps – containerised software packages, an open platform for building and publishing applications to an audience of millions. If a security vulnerability is discovered in the libraries used by an application, the app publisher is notified so the app can be rebuilt quickly with the supplied fix and pushed out. This allows for developers to stay focused on innovation while ensuring the longevity of robotics hardware.

It remains unclear where the onus lies for IoT security, with nobody holding anyone else to account. Market constraints often prevent device makers from putting more budget than what is absolutely necessary into design security, when there is so much pressure to innovate ahead of competitors. But it’s no secret that we need to do better when it comes to regulation.

The IoT Code of Practice in the UK introduced last year was a good start; however, it’s still not compulsory for companies to adhere to it. Similarly, the Cybersecurity Act in the EU remains leaves compliance largely voluntary. It may be that binding government legislation, where there are serious financial consequences for negligence, is the only remedy. This would make it impossible for companies to turn a blind eye to security.

Risk to industry’s reputation

For robotics to progress, IoT security needs to be addressed, and fast, before the reputation of the entire industry suffers a permanent setback. Innovations often outpace the more mundane aspects of technology, and the new age of robots is no different. Every industry has a journey to maturity that involves taking security seriously, among other things. For robotics, that time has come. Failing to start robotics projects on the right software foundations will see confidence continue to drop, stunting the rate new solutions are created.

The author is Eric Jensen, head of IoT product management, Canonical

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

Workz launches eSIM cloud

Posted on: November 29, 2021

Dubai. 29 November 2021 – IoT solutions provider Workz has expanded its eSIM subscription management solution to offer a GSMA certified cloud-based platform in the US. The platform, which is certified by the GSMA’s Security Accreditation Scheme (SAS) and hosted at Microsoft Azure’s Virginia, USA site enables mobile network operators (MNOs) to remotely manage consumer

Read more

Laiye partners with HUAWEI CLOUD to drive Brazil’s digital transformation

Posted on: November 29, 2021

Laiye, a provider of intelligent automation, and HUAWEI CLOUD, a global provider of cloud services, announced a strategic alliance to drive digital transformation in Brazil through of cloud computing, artificial intelligence (AI) and big data. The alliance will be implemented in the rest of Latin America. 

Read more