Security News > 2020 > August > Security analysis of legacy programming environments reveals critical flaws

Conducted jointly with Politecnico di Milano, the research details how design flaws in legacy programming languages could lead to vulnerable automation programs.

Legacy proprietary programming languages such as RAPID, KRL, AS, PDL2, and PacScript were designed without an active attacker model in mind.

Not only are vulnerabilities a concern in the automation programs written using these proprietary languages, but researchers demonstrate how a new kind of self-propagating malware could be created using one of the legacy programming languages as an example.

"Most industrial robots are designed for isolated production networks and use legacy programming languages," said Christoph Hellmann, Program Manager, ROS-Industrial Consortium Europe.

As a result of this research, security-sensitive features were identified in the eight most popular industrial robotic programming platforms, and a total of 40 instances of vulnerable open source code have been found.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/H4UTFCTJBiI/