Experts say robots will be commonplace in 10 years. \u201cMany respondents\u00a0see advances in [artificial intelligence] and robotics pervading nearly every aspect of daily life by the year 2025\u2014from distant manufacturing processes to the most mundane household activities,\u201d says Aaron Smith, senior researcher, The Pew Research Center's Internet Project, speaking of the several experts quoted in his \u201cPredictions for the State of AI and Robotics in 2025\u201d.People are increasingly connecting the broadening array of robots to the Internet and IoT devices, including sensors, to add functionality. \u201cA new generation of robots uses wireless networking, big data, machine learning, open-source, and the Internet of Things to improve how they assist us in tasks from driving to housekeeping to surgery,\u201d says Ken Goldberg, Professor, UC Berkeley. IoT such as sensors produce useful data, anything from temperature readings to measurements of vibrations, for decision-making by control systems that manage robots.[ How Dangerous Could a Hacked Robot Possibly Be? ]But there are security issues with Internet-based control of robots, which will grow as the number of robots and connections grow. \u201cSecurity is a critical issue that prevents the widespread adoption of IoT technologies and applications. For this reason, this paper remarks that a full re-discussion about the major security challenges is required to make IoT a viable paradigm, especially in robotics applications,\u201d says L.A. Grieco, Associate Professor, Politecnico di Bari, Italy, et.al in \u201cIoT-aided robotics applications: technological implications, target domains, and open issues\u201d (2014).CSO explores the Internet of Robotic Things and the information security challenges it presents for the enterprise.The Internet of Robotic ThingsThe Internet of Robotic Things will encompass more than robots working in factories. \u201cWe see IoT creating autonomous control loops where components that aren\u2019t considered traditional robots are automated, delivering close-looped intelligence on the floor, generally through a connection with the Internet,\u201d says Sarah Cooper, head of engineering, M2Mi.[ 5 ways to prepare for Internet of Things security threats ]Robots and close-looped autonomous control systems use sensors to provide real-time data about the environment and status of these robotic IoT devices. Remote control systems respond to changes in sensor data, making changes in robot behavior based on changes in IoT tasks in progress and in environmental factors.High functioning robots rely on distributed sensor networks to provide decision-making input. Robots and IoT control devices relying on distributed systems require greater interoperability, more distributed processing, and much more secure communications. \u00a0\u00a0\u00a0\u201cAs IoT matures, we see the industry adding more robotic and AI functions to traditional industrial and consumer robots,\u201d says Cooper. Beyond simply automation, these functions include predictive analysis, learning capabilities [such as machine learning], autonomous decision making, and complex programmable responses, explains Cooper. \u201cThe autonomous nature of these systems and their often critical function in the larger system make them of particular concern when it comes to security,\u201d says Cooper.The Internet of Robotic Things challenges securityThe Internet of Robotic Things challenges security with loss of control, says James Ryan, Digital Leadership Fellow, Minnesota Innovation Lab. IoT creates an attack vector where someone can now gain control of industrial robots using cyberattacks. And when hackers attack IoT, the consequences are immediate and apparent, instilling a sense of loss of control in the enterprise, vendors, and users. Once IoT is deployed, it is harder and harder to update and patch it. \u201cThe 'patch and pray' mentality that we see inside many organizations won't work here,\u201d says Ryan.We cannot protect laptops today. What makes us think we can protect robots?James Ryan, Digital Leadership Fellow, Minnesota Innovation LabThe evidence is piling up that existing security practices are not effective. If the industry stays on course, following the same ineffective enterprise security strategies with robots that it does with other technologies, the consequences of losing control of robotic assets will multiply. \u201cWe cannot protect laptops today. What makes us think we can protect robots?\u201d asks Ryan.\u00a0\u00a0\u201cAn Internet-connected robot is still a secure control environment,\u201d says Cooper. But the temperature sensors on the plant floor\u2014part of those distributed sensor networks\u2014that the robot interacts with to make decisions are a lot simpler, dumber, and easier to hack. This provides an indirect avenue for disrupting the function of the robot without hacking the robot itself. A hacker could spoof a sensor and provide bogus temperature data to the control plane for a welding robot, which would direct the robot to change the duration of the weld, leading to a faulty weld.\tThe industry has not adequately identified this threat from the data plane, from the data coming in from the Internet and Internet-connected sensors, in order to verify that the sources are trustworthy.It should not, however, be difficult to achieve verification. Realizing that there are several temperature sensors on a plant floor, for example, an enterprise could compare sensor readings in order to address these risks. \u201cIf one sensor records a drastically different temperature than the other sensors do, or if that one sensor is supposed to be in the US, and all of a sudden its DNS registry is in Romania, attackers may be spoofing it,\u201d says Cooper.Internet of Robotic Things security challenges enterprisesThe awareness and intelligence from environmental sensor data that Internet-connected robots from different vendors will increasingly share between them in this ecosystem is a big security challenge for the enterprise, whether it is producing robotics, AI, and related data or simply consuming them, says Cooper.The smart home is a great example. It\u2019s really just a set of single-point robots like the Roomba and smart connected devices making individual decisions. \u201cIn 10 years\u2014and we have some customers who are working on this\u2014your smart home will actually become aware,\u201d says Cooper.The smart home will apply base services and presence, knowing where family members are and what they are doing, and use that information to tell the Roomba to leave the room where they are hosting a party, to tell the assisted living service to move objects that an elderly patient could bump into, and to tell a service robot to bring a family member their sneakers.\u201cThat kind of predictive element requires those base services to be available and shared as sort of an awareness, a consciousness,\u201d says Cooper. There will be that kind of awareness and service availability in industry as well. But it opens up the potential for a proliferation of security threats and faults between systems of multiple vendors.This demands a sophisticated system of data provenance that knows where data came from, what happened to it before it arrived, and what decisions systems have already made in order to address those security threats and faults, says Cooper. This could help prevent false data from spoofed sensors from having the effect the attacker intended.Will enterprises meet those challenges?Pew Internet data says that AI and Robotics will be in nearly every aspect of human life by 2025, just 10 years from now. Will enterprises meet these security challenges by then? Perhaps, with the right preparation and tools they will.Cloud-based data processing is one possibility. A distributed intelligence model would enable a subset of local decision-making on a drill head on the factory floor, for example. The cloud could take that drill head data output, perform some additional intelligence analysis on it, and provide that back to the cloud and down to the drill head to capture and provide provenance about data.This data provenance could control and secure that data at the same distributed points where that intelligence is generated. Together with that data provenance, the cloud system would capture and provide information about how that data should be secured, who can see it, and how they can use it.