Overview
Explore industrial robot programming security issues in this 40-minute Black Hat conference talk. Examine the technical features of programming languages from eight leading manufacturers and discover cases of vulnerable and malicious usage. Learn about a patented static code analyzer designed to scan robotic programs and uncover unsafe code patterns. Evaluate the effectiveness of static source code analysis as a defense tool through real-world examples from 50 automation programs. Discuss remediation steps for developers and vendors to mitigate security risks in industrial automation scripts. Gain insights from experts Federico Maggi, Marcello Pogliani, Davide Quarta, Stefano Zanero, and Marco Balduzzi on improving the security of industrial robot programming.
Syllabus
OTRazor: Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
Taught by
Black Hat