GM Hooking 30,000 Robots To Internet To Keep Factories Humming

An anonymous reader quotes a report from Bloomberg: General Motors has connected about a quarter of its 30,000 factory robots to the internet, and the largest U.S. automaker already is reaping the benefits of less down time. In the last two years, GM has avoided 100 potential failures of vehicle-assembling robots by analyzing data they sent to external servers in the cloud, Mark Franks, director of global automation, said at a conference in Chicago on Monday. Connectivity is preventing assembly line interruptions and robot replacements that can take as long as eight hours. Internet monitoring allows GM to order parts when it detects they're wearing out instead of having to store them at the factory. That reduces inventory and saves money, Franks said. Hooking robots to the internet for preventive maintenance is just the start of a spurt of new robotics technology, Franks said. GM is using robots that can work safely alongside humans in the factory that produces the Chevrolet Volt plug-in hybrid, he said.

I can already smell...

[Motherfucking Shit]

...the plausible deniability.

"No, your honor, we didn't intentionally program our vehicles to cheat the emissions testing process. Some evil hacker must have done it to make us look bad!"

Re:I can already smell...

[ShanghaiBill]

"Some evil hacker must have done it to make us look bad!"

Suki did it [youtube.com].

Re:I can already smell...

[Anne Thwacks]

If GM has 30,000 robot hookers, the world is changing faster than I though!

Re:

[barrygrommit]

If GM has 30,000 robot hookers, the world is changing faster than I though!

OK...this one gets my vote for sarcastic humor of the week!

Re:

[syntotic]

(voting? wasnt it like-ing?)

Re:

[davester666]

Yeah, at least the summary appears to be completely vapid. Like it is somehow unpossible for these computers to have been hooked up to a local server to track when they are worn out or are failing. Nope, the data has to be sent to the cloud for the magic to happen.

Re:

[clodney]

Yeah, at least the summary appears to be completely vapid. Like it is somehow unpossible for these computers to have been hooked up to a local server to track when they are worn out or are failing. Nope, the data has to be sent to the cloud for the magic to happen.

Obviously not impossible to have done it with a local server, but potentially very difficult. The internet based server likely belongs to the manufacturer of the robot, not GM. So they are enabling service monitoring by the manufacturer or distributor, not doing it themselves.

If they needed to convince the robot manufacturer to install the server at each factory, that would be more difficult, and obviously require cooperation from the manufacturer.

And lastly, nothing in the summary talks about the communi

Skynet.

[MrCodswallop]

Skynet.

Industry of things 4.0

[stooo]

Industry of things 4.0
etc. etc. etc.....

Re:Industry of things 4.0

[stooo]

We must generate best-of-breed web-readiness to be able to scale ubiquitous e-commerce to utilize proactive systems to deliver frictionless deliverables for the innovate B2C web services.

Re:

[tehcyder]

We must generate best-of-breed web-readiness to be able to scale ubiquitous e-commerce to utilize proactive systems to deliver frictionless deliverables for the innovate B2C web services.

Only 9/10 as you failed to mention The Cloud.

Re:

[stooo]

Nah ! The Cloud is Obsolete. Today, we use The Sun. At least in my location.

Re:

[RabidReindeer]

Wait a minute. Why are all those new Camaros morphing into killbots?

Re: Skynet.

[dacaldar]

Seems like a reasonable thought experiment. In order to paralyze and maybe control human society, would a sentient computer intelligence really need access to guns and bullets, if they could create, steer and accelerate many wheeled steel objects along our road network? If fully coordinated, many could never leave your building, or at least street block, without probably getting killed... at least until gasoline supplies run out.

Do you want Terminators?

[genfail]

Because this is how you get Terminators, GM.

Re:

[FatdogHaiku]

Because this is how you get Terminators, GM.

OR
A really big ransomware bill...
Well, the customer will pay it all in the end.

Re:

[Baloroth]

OR A really big ransomware bill... Well, the customer will pay it all in the end.

Or, if history is anything to go by, the government.

Re:

[ChrisMaple]

Just as businesses don't pay taxes because taxes are expenses that have to be passed along to the purchaser, the government pays for nothing because government's payments are ultimately made by taxpayers.

Re:

[freeze128]

SkyNet isn't a rogue AI, it's a hacking group from Russia!

Re:

[Tablizer]

Why didn't Slashdot use the what-could-possibly-go-wrong tag?

Re:

[fisted]

Because the new /. owners don't understand that those tags were supposed to be funny/witty. It seems entirely lost on them, and they'll just use something that sounds more or less appropriate.

Re:

[sudon't]

Because this is how you get Terminators, GM.

It's how you get terminated. "Let's connect all of our machines to the Internet! What could go wrong?"

Why in hell?

[msauve]

Why would they "connect them to the Internet?" There have to be a very limited number of robot suppliers, why wouldn't they just have VPNs specific to each to handle these service needs? Going through the Internet via a secure VPN is very different than connecting to the Internet.

(having said that, it's more than likely that's exactly what they're doing, and the summary/article has simplified it to the point of just being wrong)

Re:

[EvilSS]

Why would they "connect them to the Internet?" There have to be a very limited number of robot suppliers, why wouldn't they just have VPNs specific to each to handle these service needs? Going through the Internet via a secure VPN is very different than connecting to the Internet. (having said that, it's more than likely that's exactly what they're doing, and the summary/article has simplified it to the point of just being wrong)

If I was GM I'd rather have them talk out via (properly configured) HTTPS to the vendor at a fixed IP or range of IPs than setup a VPN to the vendor. Vendor VPNs can be a pain and if something goes wrong they are a great way for a uninvited guest to into the customer systems. Just ask Target about that. At least this way you can shrink the possible surface area a bit.

Re:

[AvitarX]

I'd probably have them send via UDP (I'm assuming it's the type of stuff where a few missed numbers makes no difference), and completely incapable of receiving anything on that NIC)

Re:

[msauve]

"If I was GM I'd rather have them talk out via (properly configured) HTTPS to the vendor at a fixed IP or range of IPs than setup a VPN to the vendor."

If you were you, you wouldn't have a clue about how an IPSec VPN actually works.

Re:

[EvilSS]

Yea totally. I mean, it's not like a number of data breaches have occurred due to improper security at a vendor, with the customer network being compromised over the IPSEC tunnel. Nope. never happened. ever. this week.

I'd rather have a system that reports out, initiates communication from my side, and doesn't have the possibility to allow back-channel communications from the vendor to my network.

Re:

[msauve]

I see your problem. You don't understand routing or firewalls, and think VPN means all-or-nothing. It doesn't.

Re:

[EvilSS]

No, I just know that VPNs can, have, and will be again misconfigured by the customer side and used to target companies via their more security lax vendors. I've seen it happen and had to come in and clean up the mess (for a very tidy sum in billable hours for my company, so yea, keep on keeping on I guess). I'd much rather have a system in place that lowers my attack surface area. Yes you CAN create a secure IPSEC tunnel that prevents all this, but you can also screw it up. Why even open up the possibility

Re:

[stooo]

HTTPS ?
HTTPS security is a joke.

Re:

[EvilSS]

Not really, unless you are using out of date certificates or crypto (so no SSL, TLS 1.0, SHA1, etc) it is extremely secure. I'd much rather have a system that doesn't have the possibility that, should someone misconfigure the VPN (because we all no that NEVER happens, right?) would expose my network via the vendor network. In this case simpler is better.

Re:

[stooo]

SSH is extremely secure. SSL not.

All of the implementations of SSL are full of holes.
Why ? because KISS has never been factored into the protocol, so it's widely too complex, and that leads to many many holes and partial implementations.
Also, certificate chains are deeply flawed.

Re:

[Coisiche]

Yeah, story should have been "GM create 30,000 node target for botnet managers".

It was probably pwned within hours of the press release.

Re:

[jbmartin6]

From the article, my guess was they connected to robots to a LAN so they could send messages to a central monitoring system. Maybe just SMTP, in which case maybe we can send our own and get them to buy too many robot widgets.

MBA logic

[rfengr]

So they'd rather NOT keep spare parts at the factory for a robot that can shutdown an assembly line for 8 hours? Fucking bean counter logic. How about keep a whole spare robot, or two.

Re:

[DraconPern]

Why do they need to keep spare parts when you can get the parts in two hours using Amazon PrimeNow! :D  And before you say you can only buy food, you are wrong. You can buy a weber outdoor grill using prime now.

Re:

[deKernel]

You can think the IRS for that kind of crap. The company will get taxed on the value of the spare parts in inventory at the end of the year.

Re:

[stooo]

so what ?

Re:

[tehcyder]

You can think the IRS for that kind of crap. The company will get taxed on the value of the spare parts in inventory at the end of the year.

Really? Are you sure? In the rest of the world, companies are taxed on their profit, not their balance sheet holdings.

Re:

[ChrisMaple]

14 states tax inventory. https://taxfoundation.org/does-your-state-tax-business-inventory/ [taxfoundation.org].
Apparently, the US government does not tax inventory (I had believed otherwise), but there may be some subtle tax advantages to minimizing inventory. I don't think you can avoid paying taxes on profits by just using all your profits to buy stuff.

Re:MBA logic

[gtall]

I see you don't understand how the U.S. tax system works. The people in Congress determine the tax laws and what can and cannot be taxed. The IRS is merely the middleman with little discretion and even that is subject to judicial review.

Re:

[gweihir]

Save a penny, lose a million. That is what MBAs do best. No understanding of anything and "normal operation" as the only optimization target. As a result, no survivability. While cleaning up after the results of such incompetence is a major part of my work and is actually often quite interesting (and I am expensive enough that nobody tries to micro-manage me or such idiocy), the sheer amount of stupidity at work in modern corporate cultures and management approaches is staggering and it seems to be getting

Re: MBA logic

[sg_oneill]

It's pretty much standard JIT thinking which has been factory dogma since the 60s. I've worked at places like this. Management swears up and down we don't want "stock on hand" to keep costs down , so instead the entire factory goes offline because some random bearing goes fubar and the nearest replacement part is in china

Re:

[Anonymous Coward]

Your knowledge of the subject is.... faulty.
sg_oneill is quite right; JIT in various monikers has been around a long time;
https://en.wikipedia.org/wiki/Just-in-time_manufacturing

Let's deal with one aspect of your massive ignorance:
"2. JIT is for inventory, not production."
"JIT" in production preceded that of inventory by decades. It emerged from the Assembly Lines, and culminated with the "Time And Motion Men" fad of the Fifties. Don't have people waiting around waiting on other people. Then it got into the

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Z80a]

Depends on which board gets to it.
If /pol/, you're obviously getting shit like swastika shaped cars, paintjobs that say things like "hitler did nothing wrong" and the factory suddenly manufacturing the classic VW beetle.
If /a/, they will use the robots to manufacture their waifus the best they can,
But if its /v/, they probably will just pose the robots into sexy poses for profane intents.

Queue GM hacking in ...

[CaptainDork]

... 3 ... 2 ...

Re:

[quenda]

Cue the spelling police ...

Re:

[CaptainDork]

queue [merriam-webster.com]

a waiting line especially of persons or vehicles

cue [merriam-webster.com]

not queue

Re:

[quenda]

So not a typo but illiteracy? You heard other people say "cue" as in prompt, and thought they meant "line up"?
Whom did you imagine is arranging the queue of hackers? And do they really wait in line? Think about it.

Re:

[CaptainDork]

The links I pasted were:

1.) Not original material on my part
2.) Not in audio format.

Re:

[davidwr]

Re:Queue GM hacking in ...

Cue the spelling police ...

The line to hack GM begins forming in 3...2... [insert unit of time here].

Re:

[quenda]

Here, here!

Re:

[fisted]

your knot funny.

Re:

[Enigma2175]

Funnyer then alot of the populous.

Sell vehicles to robots...

[freeasinrealale]

Hope they pay the robo's enough so they can buy a GM vehicle.. waidaminit isn't gm making self driving cars.. so why should robo's buy gm vehicles? somethings not quite right here.

Bring jobs to 'Metica!

[TheOuterLinux]

...so the Russians and Chinese can run the robots.

Good luck with Just In Time parts.

[Mal-2]

Seriously, the first time the manufacturer doesn't have a part in stock, they're fucked -- unless they're still keeping a supply at a distribution center somewhere.

The costs of relying on someone else's reliability instead of your own redundancy is that the number of situations that get out of your hands increases dramatically.

Re:Good luck with Just In Time parts.

[aaarrrgggh]

That has been said for the last 20 years, and has proven wrong. The specific exceptions are when the shipping time exceeds some threshold, there is a very high probability that when you need the spare parts so will many other people, and on a similar note when price (or shipping) elasticity can be impacted by external events. Just-in-time consumables (or components) is a different story. As we get better predictive data, preventative replacement parts pretty much goes out the window.

Now, if one part can shut you down 100% for n hours, maybe you consider on-site spares... but if it is a loss of 25% capacity for those n hours you likely take your chances, knowing you can make up the lost production over x days.

Re:

[mattr]

In 2009 I delivered a supply chain system to a major construction equipment manufacturer. Even one hour of downtime for these machines is very expensive so people would be cannibalizing other machines to make a quick fix. They already had a satellite-based telemetry system in place to predict failures and servicing, and our system checked different warehouses and tried to pick the best choice based on various rules including lead time calculation. This article is talking about something that other companies

What could possibly go wrong?

[Geoffrey.landis]

I'm surprised this one isn't tagged "What could possibly go wrong?"

Re:

[phantomfive]

The only thing missing from the summary is the IP address. For no reason.

Lets wait until they have 30000 bricked robots...

[gweihir]

...when the first script-kiddie gets in and does some firmware "upgrades".

Re:

[gweihir]

Actually, in the worst case-scenario, the robots damage their hardware as a result from changed safety-parameters and have to be completely replaced. Similar things have already happened with SCADA systems. "Bricked" is less severe, it just means that a direct, physical restoration of the original firmware has to be done before the robots can be used again.

Keep Factories Humming?

[PPH]

Why? Because they don't know the words?

Re:

[Tablizer]

"Daisy, Daisy, give me your answer do
I'm half crazy all for the love of you
It won't be a stylish marriage
I can't afford a carriage
But you'll look sweet upon the seat
Of a bicycle built for two"

Re:

[j-b0y]

Or:

        Now the world has gone to bed,
        Darkness won't engulf my head,
        I can see by infra-red,
        How I hate the night,
        Now I lay me down to sleep,
        Try to count electric sheep,
        Sweet dream wishes you can keep,
        How I hate the night.

Not as stupid as it sounds

[Gravis Zero]

This isn't internet connectivity being added to each robot, it's more like an intranet that connect to a single server per factory that has one job: sending data over the net to a specified destination. The destination holds all the info for all the factories and allows factories to have their part inventory managed from a central location. To actually change what the robot does, you would need to hack the factory server and the robot's computer. The good thing about this setup is that it's unlikely to need maintenance or even patching because it's so incredibly basic. This means it's easy to lockdown the server that actually faces the Internet to do it's one thing: send data. Considering the factories are their bread and butter, I have a hard time seeing them skimping on security for the factories. However, I could see the factory management server getting hacked if it uses some bonehead design like it runs on IIS or something. The only thing you can really do though is wreak havoc with their part inventory.

TL;DR: hacking is unlikely though hacking the robot computers and reprogramming the robots would require a state-sponsored level of hacking.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Rogue974]

You are making a big assumption here. I work in industrial Automation as well. I am a controls engineer sitting in a facility that has it's controls network secured behind a DMZ that's sole purpose is to keep the business network away because we have nasty stuff on site. We follow industry best practices as laid down by the vendor and ICS-Cert.

With that said, we have other facilities in the same company that have the same policies as I do (policies come from corporate) in place and the local guy at 3 of

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Rogue974]

Unfortunately some industrial automation vendors and end users still do have the security mindset of the average IoT device. We are getting better as an industry, but some are still really scary!

One of my co-workers about 5 months ago found a site where someone wrote the script to crawl around the web and look for PLCs and DCS systems and the like that were on the web with no restrictions. Some of them were probably honeypots set to trap people, but as little as 6 months ago, there were still thousands of

Jesus, people...

[Shoten]

You know, it only seems to take one line in a Slashdot post, out of context, to drive people batty here. I'm seeing a long stream of posts that seem to believe that GM just took all of these robots and plugged them directly into a cablemodem without any firewalling or other security, making it effortless for some dork to simply go fuck with the production lines.

Okay. So, there's "connected to the Internet" as in you have a connection to the Internet...like I am using to post this. I'm behind a firewall,

Re:

[MrLogic17]

Even more so - this sounds like uploading historian data to an outsourced company for analysis.
Uploading log files is a long way from internet controlled.

Nuts, this kind of analysis should be done in-house on a real-time basis, if you're doing predictive fault analysis. Costs of down-time are too high to wait for actual failure.

Re:

[Rogue974]

I posted this above, but you are assuming they are either a 1 way from the server or sending log files.

I am a controls engineer so deal with this on a daily basis. Controls systems should be separate, there should be some kind of security, but the article doesn't specify. In the last 3 months, I have had 2 vendors show up that should understand security on controls networks but they are trying to sell me valves and instruments for my facility with WiFi built into it. Not only that, but you can actuate eq

Doesn't GM know the Slashdot Rule?

[Applehu Akbar]

It goes like this: any device you connect to the Internet will be hacked, no matter what security you apply to it and no matter how many levels of encryption. The problem is unsolvable, and any attempt at a solution brands you as a fool. The Internet of Things is even more evil than Apple or Uber.

Re:

[account_deleted]

Comment removed based on user account deletion

How can they...

[Zorpheus]

Why would anything of this require an internet connection? You can do all of that over a local network.

Re:

[Bender Unit 22]

This article sounds so last century.

Re:

[Zorpheus]

Sounds to me like the time in the 2000s, when it became a fashion to put things "in the cloud". Fuzzy term for doing it online, which made everyone forget the risks again that are associated with that.

This will all end great.

[Blig]

30,000 factory robots connected to the internet they want? What could possibly go wrong!

What can possibly go wrong?

[QuietLagoon]

... General Motors has connected about a quarter of its 30,000 factory robots to the internet ... I mean, really, what can possibly go wrong in this scenario? Did GM at least have some common sense remaining to assure each robot has an off switch?

To the Internet???

[Neuronwelder]

Yea, uhuh.. This is going to end well. Why can't they just have a local network, with an IT crew. I guess they ran out of sanity.

Youtube

[slapout]

Just wait until the robots discover cat videos

What could possibly go wrong

[kilodelta]

This is a car company - and since they don't think infosec is important in their connected vehicles what security will they implement for the robots? I can just see this going very wrong.

Re:

[mezrac]

They can unbolt themselves