Universal Robots UR30 User Manual page 162

Cybersecurity
Network
configuration
requirements
Robot setup
security
requirements
UR30
•
Operating personnel must have a thorough understanding of general
cybersecurity principles and advanced technologies as used in the UR robot.
•
Physical security measures must be implemented to allow only authorized
personnel physical access to the robot.
•
There must be adequate control of all access points. For example: locks on
doors, badge systems, physical access control in general.
WARNING
Connecting the robot to a network that is not properly secured, can
introduce security and safety risks.
•
Only connect your robot to a trusted and properly secured
network.
•
Only trusted devices are to be connected to the local network.
•
There must be no inbound connections from adjacent networks to the robot.
•
Outgoing connections from the robot are to be restricted to allow the smallest
relevant set of specific ports, protocols and addresses.
•
Only URCaps and magic scripts from trusted partners can be used, and only after
verifying their authenticity and integrity
•
Change the default password to a new, strong password.
•
Disable the "Magic Files" when not actively used (PolyScope 5).
•
Disable SSH access when not needed. Prefer key-based authentication over
password-based authentication
•
Set the robot firewall to the most restrictive usable settings and disable all
unused interfaces and services, close ports and restrict IP addresses
10. Cybersecurity Threat Assessment
163 User Manual