Explore industrial robot programming security issues in this 40-minute Black Hat conference talk. Examine the technical features of programming languages from eight leading manufacturers and discover cases of vulnerable and malicious usage. Learn about a patented static code analyzer designed to scan robotic programs and uncover unsafe code patterns. Evaluate the effectiveness of static source code analysis as a defense tool through real-world examples from 50 automation programs. Discuss remediation steps for developers and vendors to mitigate security risks in industrial automation scripts. Gain insights from experts Federico Maggi, Marcello Pogliani, Davide Quarta, Stefano Zanero, and Marco Balduzzi on improving the security of industrial robot programming.
OTRazor - Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
Overview
Syllabus
OTRazor: Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
Taught by
Black Hat
Related Courses
-
Breaking the Laws of Robotics - Attacking Industrial Robots
-
DevSecOps Fundamentals
-
Improving Dynamic Vulnerability Scanners with Static Code Analysis
-
Firmware.RE - Firmware Unpacking, Analysis and Vulnerability-Discovery as a Service
-
Can We Automate Security?
-
Scare - Static Code Analysis Recognition Evasion
