Business opportunities in the robotic security market

KEYS FACTORS OF THE ANALYSIS

• At present, although the first commercial solutions are becoming available, we are still at an early stage of research and experimentation to find the defense mechanisms applicable to the different attack vectors.

• Spain is among the 20 countries in the world with the highest density of robotics, positioning it as one of the markets with the biggest business potential for this emerging industry.

• The new European Cyber Resilience Act will define the cybersecurity standards that must be commonly applied by robot manufacturers.

ROBOTIC SECURITY MECHANISMS ARE STILL AT A VERY EARLY PHASE

Although RPA is now in full swing and expanding rapidly, across all kinds of industries, there are barriers that prevent its large-scale implementation. One of these is, without a doubt, cybersecurity and this problem responds to three main factors:

• Experimentation in terms of robotics safety is still at an early stage and there are attack vectors that remain uncovered.
• The complexity of robotics systems means protecting them is much more expensive when compared to more conventional systems, both in terms of technical resources and economic resources.
• Robot manufacturers usually do not assume responsibility for possible risks to which their machines may be exposed once they are put into production by buyers or end users.

To get a better understanding of the current status of robotic cybersecurity, Alias Robotics has performed research (1) taking three data sources into account:

• Recent literature on the topic.
• Questionnaires filled in by the participants of various top forums and conferences on robotics, on a global scale, between 2019 and 2021.
• The results the latest research on robotic cybersecurity.

Based on these sources of information, this research yielded a series of conclusions:

• Robotic cybersecurity is a field that requires further study and training both by companies and engineers responsible for the construction of machines.
• There is a gap between the expectations that robotics has generated, at an investment level, and the actions that need to be taken in terms of cybersecurity for implementations to be carried out. This suggests that the market for robotic cybersecurity solutions will experience strong growth in the coming years to fill this gap.
• The lack of specific security measures for robotic systems, as well as standardized response plans, are indicators that the level of maturity of these technologies remains low, compared to other technological systems where these gaps are already covered and specialized plans and tools are in place.
• Most of members of robotics communities surveyed believe that the damages caused as a result of a cyber incident should be borne by manufacturers and robotics system integrators, rather than by end users.
• The ratio of publicly disclosed vulnerabilities to those that remain private is an important indicator when assessing the security readiness of a robot manufacturer.

The technical team at Alias Robotics, which already provides services to several customers in the robotics industry, detected more than 100 vulnerabilities in different robots, during 2021 alone. These types of faults have an impact from three different perspectives:

• In economic terms, due to production downtime.
• In relation to physical security, on account of accidents.
• Due to the risk of sensitive data being accessed, such as the data related to industrial property.

Furthermore, according to figures from the International Federation of Robotics (6), Spain is currently among the Top 20 countries in the world in terms of the number of robots in operation, with 16 robots for every 1,000 human workers. However, estimates by the World Economic Forum suggest that, by 2030, the number of robots will have equaled the number of human workers worldwide (6).

ATTACK VECTORS AND SCENARIOS

Various sources have tried to model the different cyber risk scenarios faced by the new business ecosystem, in which there is a high robotic density. Science Direct offers a good classification (3) as part of an Intech publication (8):

This model establishes the attack vectors structured around 5 variables:

• Origin: this may be accidental, a natural or unforeseen disaster or an intentional attack.
• Objective: this may be physical, cyber or a combination of the two.

• Impact on the robot: destruction, partial damage, degradation, disruption or unexpected behavior.

• External impact: consequences for the end user, the business or the organization at a higher level.

• Risk: to security, privacy, confidentiality, integrity or system availability.

Intech (8)

ROBOTICS CYBERSECURITY MARKET

This business opportunity is also reflected in the latest market studies analyzing this fledging sector. For example, according to Future Market Insights (4), total sales on this market, globally, have been growing at a rate of 8.4% per year since 2014 and, by the end of 2022, they will come to USD 3.5 billion. This figure is expected to grow a further 11% per year to reach USD 7.2 billion by 2029.

The main variables driving this growth are:

• The rapid automation across different types of industries, which will lead to an increase in the cyber vulnerabilities of robots.
• The possibility that this opens up to attackers to block entire production chains, as well as accessing sensitive data, using ransomware systems.
• The growing need for protection firewalls.
• The growth in the adoption of artificial intelligence solutions and collaborative robots.

The Future Markets Insights report also points out that the authentication segment will be the most predominant during the period in question, becoming the most demanded service for robotic cybersecurity companies. Specifically, multifactor authentication will experience the highest growth.

At a service level, the security testing segment will play a leading role. Testing is a service required by robotic solutions and the corresponding applications to assess their compatibility with other systems, as well as possible coding errors that may later lead to security breaches. The implementation of security solutions without prior testing may also lead to poor performance, which is why most security service providers are adopting these testing measures before applying them to robotic systems.

By type of solution, the industrial robots segment will have a 26.9% market share of the revenue generated by the sector in 2022, driven by the trend of adopting RPA systems for the automation of all types of production chains and similar systems.

As for competitors, this is a highly fragmented market. Most vendors focus on product development, although there has recently been a shift in focus to gaining market share through purchases, mergers, acquisitions and collaborations. Other players are looking to improve their position by obtaining certifications and launching awareness raising campaigns about the benefits of their solutions.

NEW EUROPEAN REGULATION

As indicated above, there is a consensus in the industry about the need for further standardization in relation to the issue of cyber risks to which robots are exposed. In this sense, legislative initiatives that pursue this goal are now beginning to take shape; ultimately, these will lead to a greater boom in the market for robotic cybersecurity services.

For example, the European Union recently revealed that it is working on the publication of a new cyber-resilience act to be implemented in 2022 (10), which will include standards on how connected devices and robots should be introduced within organizations. The ultimate goal of this law is to respond to market needs and protect consumers by introducing cybersecurity standards that can be commonly applied by all manufacturers and vendors of digital products, as well as the corresponding auxiliary services.

For now, the European Commission has published a consultation, which is open for comment until May 25, to garner views from different stakeholders on potential issues and policy approaches to address this regulation.

BIBLIOGRAPHY

01. FUTURE MARKET INSIGHTS. Cyber Security in Robotics Market Outlook – 2022-2029. February 2022 [accessed 20/04/2022]. Available at: https://www.futuremarketinsights.com/reports/cyber-security-in-robotics-market
02. SCIENCE DIRECT. Cybersecurity, safety and robots: Strengthening the link between cybersecurity and safety in the context of care robots. July 2021 [accessed 27/04/2022]. Available at: https://www.sciencedirect.com/science/article/pii/S0267364921000017
03. FUTURE MARKET INSIGHTS. Cyber Security in Robotics Market Outlook – 2022-2029. February 2022 [accessed 27/04/2022]. Available at:​​​​​​​ https://www.futuremarketinsights.com/reports/cyber-security-in-robotics-market
04. HISPASEC. DeadBolt, nuevo ransomware contra dispositivos NAS de QNAP. January 26, 2022 [accessed 27/04/2022]. Available at:​​​​​​​ https://unaaldia.hispasec.com/2022/01/deadbolt-nuevo-ransomware-contra-dispositivos-nas-de-qnap.html
05. INTECH. Cybersecurity of Robotics and Autonomous Systems: Privacy and Safety. 2017 [accessed 27/04/2022]. Available at:​​​​​​​ https://cdn.intechopen.com/pdfs/56025.pdf
06. IFR. Robot Density nearly Doubled globally. December 14, 2021 [accessed 28/04/2022]. Available at:​​​​​​​ https://ifr.org/ifr-press-releases/news/robot-density-nearly-doubled-globally
07. EUROPEAN COMMISSION. Cyber Resilience Act: new cybersecurity rules for digital products and ancillary services. March 2022 [accessed 28/04/2022]. Available at:​​​​​​​ https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13410-Cyber-Resilience-Act/public-consultation_es
08. CINCO DÍAS. Global X lanza 8 ETF temáticos para liderar los fondos cotizados en Europa. November 30, 2021 [accessed 28/04/2022]. Available at:​​​​​​​ https://cincodias.elpais.com/cincodias/2021/11/30/fondos_y_planes/1638283908_544415.html