The article explores critical cybersecurity challenges related to robotic sorting systems employed for warehouse asset management within the printing industry. Given the increasing implementation of automated logistics platforms, the potential vulnerability of such systems to cyber threats, including DDoS attacks, Man-in-the-Middle attacks, data manipulation, and vulnerabilities within common industrial network protocols (MQTT, OPC UA, Modbus TCP/IP), is highlighted and analyzed in detail. The novelty of the study lies in the development of a comprehensive mathematical model designed specifically to quantify the impacts of these cyberattacks on robotic sorting system performance. The primary research object is the robotic warehouse sorting system integrated with the myCobot 280 manipulator, simulating real-world logistics operations in printing enterprises. Experimental modeling using MATLAB Simulink allowed for realistic reproduction and testing of cyberattack scenarios. To counter identified vulnerabilities, a multi-level cybersecurity framework incorporating network traffic monitoring (IDS), data encryption (TLS 1.3), and artificial intelligence-based behavioral analysis of robotic operations was developed and implemented. The research objective-to enhance the security and operational resilience of robotic warehouse systemshas been successfully met. Experimental results indicate a significant improvement in cybersecurity resilience, demonstrated by an 80% reduction in cyber threat impacts. Specifically, response times and operational errors under attack conditions were substantially decreased, validating the effectiveness of the proposed integrated cybersecurity solution. This outcome underscores the critical importance and efficacy of applying advanced cybersecurity strategies to safeguard automated robotic systems against sophisticated cyber threats in the printing industry's logistics processes.
Modern warehouse complexes in the printing industry are actively implementing robotic sorting
systems, which enhance the efficiency of logistics processes, optimise costs, and minimise human
involvement. Automated warehouse facilities using robotics ensure fast sorting of printed products,
packaging, and shipment control, which is critically important in the publishing and advertising
industries, where order fulfilment time plays a key role [
However, the widespread adoption of such systems presents significant cybersecurity challenges.
Robotic warehouse platforms interact with internal ERP systems, utilise cloud services for order
management, and often have open communication channels via the internet, making them
potentially vulnerable to cyberattacks. Unauthorised access to such systems can result not only in
financial losses but also in physical damage to equipment, production disruptions [
Therefore, researching methods to protect robotic sorting systems for warehouse assets in the
printing industry is a highly relevant applied scientific task [
In contemporary scientific research, significant attention is devoted to ensuring the cybersecurity of
robotic sorting systems in warehouse complexes, particularly within the printing industry. Key
studies by researchers addressing this topic have been reviewed [
The developed a cyber-physical security system for robotic warehouse complexes that integrates
sensors for monitoring physical parameters and machine learning algorithms for detecting
anomalies in robot behaviour. Their model enables the analysis of not only digital but also physical
threats, significantly enhancing the effectiveness of cyberattack detection [
In publications [
Adaptive Cybersecurity Methods [
Modern research increasingly focuses on cryptographic methods for data protection. The application of quantum cryptography for securing communications between warehouse robots and central management servers is being explored. For instance, the study by Wang et al. (2023) demonstrates the effectiveness of quantum key distribution (QKD) in ensuring secure data exchange between robotic modules and cloud services.
Research indicates that the human factor remains a significant vulnerability in the cybersecurity
of warehouse systems in publication [
An analysis of contemporary scientific studies suggests that ensuring cybersecurity in robotic sorting systems within warehouse complexes in the printing industry requires a comprehensive approach [11, 12]. The combination of network monitoring methods, artificial intelligence, blockchain technologies, and cryptographic protection significantly reduces the risks of cyberattacks. Furthermore, increasing staff awareness of cybersecurity threats and enforcing strict data protection protocols remain crucial [12].
Further research is focused on developing new algorithms and improving adaptive cybersecurity systems that take into account the specifics of the printing industry.
The research focuses on protecting robotic sorting systems for warehouse assets in the printing industry from cyberattacks. Primary materials used for analysis and experimental verification include: As test platforms, we considered automatic sorting systems for printing products using autonomous mobile robots (AMR) and conveyor solutions with automated manipulators. In our study, we used myCobot 280 to simulate attack scenarios and their impact on the manipulator. For programming and modeling of the physical experiment, we used ROS (Robot Operating System) for controlling and simulating robotic systems, and AnyLogic software - for modeling logistics processes in a warehouse. To assess the impact on the network traffic system, we used Wireshark and Zeek, which help in detecting anomalies in the network infrastructure of robots [13, 14].
The study utilised communication protocols typical for modern manufacturing enterprises: MQTT, OPC UA, and Modbus TCP/IP, which were analysed for potential threats arising from exploitation of industrial network vulnerabilities [13].
Additionally, the research was conducted using wireless technologies such as Wi-Fi 6 and 5G, which facilitate interactions between warehouse systems. These technologies were examined for potential traffic interception attacks (Man-in-the-Middle attacks) [14, 15].
At the initial stage of the study, computer modelling was performed using MATLAB & Simulink. This environment allows for the simulation of both the physical characteristics of the manipulator and the impact of attacks on the control system [16, 17].
The main tools used in the study: Simulink & Simscape Multibody were selected to build a kinematic and dynamic model of the myCobot 280 robotic manipulator. Robotics Toolbox was used to implement inverse and forward kinematics, calculate the motion trajectory. Simulink Control Design was used to develop control systems, including a PID controller. Simulink & Simulink RealTime were selected to emulate the impact of cyber threats and simulate protection mechanisms [18].
The research methodology is based on a combination of empirical and analytical methods for risk assessment and implementation of cybersecurity measures [19].
The STRIDE Method (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) was used to categorize threats [13].
The CVSS Method (Common Vulnerability Scoring System) was used to assess the criticality of the identified vulnerabilities of robotic systems [20-21].
When modeling threats, typical actions were used to stop the operation of information systems, such as: DDoS attack on the central logistics management server. Substitution of control commands in ROS due to communication protocol vulnerabilities. Physical attack on the access system (RFID spoofing) [12].
A simulation of cyberattacks was conducted in a laboratory environment using Metasploit for attacks on network protocols of sorting systems. Zeek was used to assess malicious activity in traffic logs. Three main criteria for evaluating the results were selected: the first and main one is the analysis of the system's response time to attacks - a comparison of normal and attacked work (for example, delays in sorting) [13.19.20].
Assessment of the level of threat reduction after the implementation of security measures, compared with the initial risk.
And also a cyber protection model based on multi-level security, which includes perimeter protection, network monitoring and behavioral analysis of robots [21].
The developed methodology allows you to assess cybersecurity threats for robotic warehouse systems in printing, as well as develop comprehensive protection measures based on modern cryptographic and network. This helps to increase the reliability and resilience of logistics processes to possible attacks [22].
Cyber Threats Related to Networks and Communication Protocols [23, 24, 25]: • • • • • • • • • •
Z1 DoS/DDoS Attack (Denial of Service / Distributed Denial of Service) – Intentional overload of logistics system management servers, leading to failures in sorting robots. Botnets are used to generate a large volume of traffic.
Z2 Man-in-the-Middle (MitM) Attack – Interception of data between the central control system and robotic platforms, which can lead to command modifications. Relevant for protocols such as MQTT, OPC UA, Modbus TCP/IP.
Z3 Attack on Wireless Communication Channels – Interception and modification of packets in Wi-Fi, Bluetooth, and 5G networks used for interaction between warehouse robots. Z4 DNS Spoofing / ARP Poisoning – Substitution of DNS or ARP requests to redirect traffic to a malicious server. Threats Related to Data Manipulation.
Z5 Data Tampering in Warehouse Management Systems (WMS) – Unauthorized changes in warehouse databases (e.g., modification of delivery routes, sorting priorities).
Z6 Artificial Intelligence Model Poisoning in Sorting Systems – Introduction of distorted data for machine learning, affecting robots' decision-making.
Z7 Attack on Sensors and IoT Devices (Sensor Spoofing) – Simulating false data to disorient robots (e.g., modifying QR codes or RFID tags).
Physical Threats and Insider Attacks: • • •
Z8 Physical Intrusion into Warehouse Infrastructure – Unauthorized access to network equipment or control servers.
Z9 RFID Spoofing – Forging or cloning RFID tags to deceive the automatic tracking system. Z10 Social Engineering (Phishing, Baiting, Tailgating) – Exploiting human factors to gain access to control systems (e.g., extracting passwords from employees). Software and Operating System Vulnerabilities:
Z11 Exploiting Unsecured APIs – Unprotected API interfaces used for interactions between warehouse systems may be exploited by attackers.
Z12 Use of Outdated or Unsecured Software – Lack of software updates can lead to the exploitation of known vulnerabilities.
Z13 Embedded Firmware Backdoors – Manufacturers or hackers may leave hidden entry points for remote control.
Threat Criticality Levels
To provide objectivity and avoid subjectivity when assessing the criticality of cyber threats in robotic warehouse sorting systems, this study applied the widely recognized Common Vulnerability Scoring System (CVSS v3.1).
Each attack was evaluated according to the following CVSS v3.1 criteria: • • • • • • • •
Attack Vector (AV) – type of system access (network, local).
Attack Complexity (AC) – complexity of executing the attack.
Privileges Required (PR) – level of privileges necessary to conduct the attack.
User Interaction (UI) – requirement of user interaction.
Scope (S) – whether the attack affects resources beyond the original target.
Confidentiality (C) – impact on data confidentiality.
Integrity (I) – impact on data integrity.
Availability (A) – impact on system availability.
Based on these criteria, the CVSS numerical score (0-10 scale) was calculated, allowing a clear classification of attack criticality levels:
To analyze the safety of a robotic warehouse asset sorting system in the printing industry, mathematical relationships between influence factors, threats, and safety criteria were formed.
S(t) – system state at time t (1 – operating normally, 0 – shutdown due to attack).
The change in the system's state under the influence of attacks and security measures is described ( ) =1 = − ( ) ∙ 1 − ( ) , (1) where: S(t) =1, the system operates normally. S(t)→0, the system fails due to an attack.
For a better understanding of the system's operation, a mathematical description of the impact of different types of attacks on the system was performed.
DoS/DDoS Attack (Z1)
A DDoS attack causes system overload, increasing response time: where: R0 – normal response time without an attack. λ – intensity of requests from attacking bots. N – number of attacking requests. C – server bandwidth.
The security measure P1 reduces the load on the system: ( ) = 0 + ∙ , secure( ) = 0 + ∙ ∙ 1 − 1( )
, compromised( ) = true( ) + ∙ 2( ), (2) (3) (4) (5) (6) (7) (8) (9) Man-in-the-Middle (MitM) Attack (Z2)
A MitM attack modifies control commands U(t): where: Utrue(t) – genuine control commands. Z2(t) – level of command interception by the attack. α– degree of attack influence.
With TLS 1.3 security, the protection level P2 modifies the equation:
secure( ) = true( ) + ∙ 2( ) ∙ 1 − 2( ) , Sensor Spoofing Attack (Z7) Fake sensor data alters the trajectory of the robotic arm:
spoofed( ) = true( ) + ∙ 7( ), where: qtrue(t) – correct trajectory.Z7(t)) – impact level of the attack. β – coefficient of trajectory
Security through digital signature verification of sensor data: deviation. mitigation Pi.
Protection is implemented through a set of criteria that influence the probability of attack spoofed( ) = true( ) + ∙ 7( ) ∙ 1 − 7( ) , total( ) = 1 −
1 − ( ) , =1 where: Ptotal(t) – overall system security effectiveness. Pi(t)– probability of blocking each attack. The higher Ptotal (t), the more effectively the system resists attacks.
Impact of Authentication and Access Control (K1). Probability of a successful attack through credential compromise:
auth( ) = 1 − − 1 , where γ – impact level of authentication measures (2FA, Zero Trust).
Impact of Network Protection (K2) detect = 1 4
, response =
1 4 + 7
, =1 ( ) = 0 ∙ (1 −
( ) ∙ (1 − ( ))), Response time: The higher the threat analysis level, the faster the system detects and neutralizes attacks. Impact of Security on Sorting Performance
Probability of blocking network attacks: The higher the network security (K2), the more effectively attacks are neutralized. Secure Data Transmission and Encryption (K3) Protection against MitM attacks: network( ) =
, encryption( ) = 1 − − 3∙ 2, where K3 – level of security via TLS 1.3, PKI, and HSM.
Threat Detection and Response (K4) Time to detect an attack: where: Q0 – performance without attacks. Zi(t)– threats disrupting system operation. Pi(t)– protection level against threats.
The developed mathematical model demonstrates how security measures affect the system. The overall level of protection Ptotal(t) allows us to assess the effectiveness of countering attacks. The performance of the system depends on the level of security and the speed of response. These equations are used to predict the effectiveness of cyber security measures and their impact on the performance of robotic sorting systems [27, 28].
In this study, a model of a robotic sorting system was developed in the MATLAB Simulink (figure1) environment using Simscape Multibody. The model enables the analysis of the robotic system's behavior under cyberattacks, the evaluation of the effectiveness of security measures, and the impact of security strategies on system performance [26, 29].
The main components of the model include: Physical model of the myCobot 280 manipulator – created using Revolute Joint and Solid. Control system – implemented through a PID controller. Cyber threats – simulation of attacks such as DDoS, Man-in-the-Middle, and Sensor Spoofing. Cybersecurity system – includes data filtering mechanisms, IDS/IPS [14, 25], and encryption. System visualization – signal output in Scope and animation of the manipulator's movement [30]. (10) (11) (12) (13) (14)
The model incorporates a motion control loop for the manipulator, which includes the following processes: Command generation for movement – the Sine Wave block creates a signal to simulate control commands. PID controller – adjusts the movement of the robotic system, minimizing deviations. Command transmission to the system – data is sent to the Simulink-PS Converter, which converts them into physical signals. Manipulator movement execution – the Revolute Joint calculates the position of each joint and transmits the data to Scope. Impact of cyber threats – Signal Distortion, DDoS Generator [18, 22], and Sensor Spoofing modify control commands. System protection – the Anomaly Detector filters out abnormal signals, while TLS Encryption prevents MitM attacks. Performance evaluation – Scope visualizes the manipulator's movement, and Security Efficiency assesses the effectiveness of the protection measures.
The simulation results show the manipulator movement without the influence of attacks (top graph) (figure 2) and with the influence of a DDoS attack (bottom graph). Where the blue and green lines (top graph) are the normal movement of the first and second joints. The red and pink lines (bottom graph) are the manipulator movement under the influence of an attack that causes jumplike changes.
To assess the security of robotic warehouse asset sorting systems in the printing industry, an experimental study was conducted on a test platform that includes: MyCobot 280 robotic manipulator, network infrastructure with MQTT, OPC UA protocols, threat monitoring system (IDS) based on machine learning, testing of cyberattacks (DDoS, Man-in-the-Middle, Data Tampering). The main goal is to determine how various cyberthreats affect system performance and assess the effectiveness of implemented security measures.
Response time diagram (Figure 3) •
So, DDoS attack has the strongest impact, significantly increasing the response time. Data Tampering and MitM also increase latency, but less dramatically.
No attack: 98% successful operations • • •
DDoS: 45% Data Tampering: 70%
MitM: 55%
Thus, DDoS significantly reduces the operation success rate (up to 45%), indicating a strong impact of the attack. Data Tampering and MitM also degrade performance, but less critically. The system works best without attacks, demonstrating almost perfect efficiency.
Error rate chart (Figure 5)
Reflects the proportion of erroneous operations in various cyber attacks. It reflects the percentage of operations that ended with an error.
Without attack: 2% errors DDoS: 55% Data Tampering: 30% MitM: 45%
Thus, DDoS causes the most errors (55%). Data Tampering and MitM also have a negative impact, but to a lesser extent. Without attacks, the error rate is minimal.
Therefore, a DDoS attack has the strongest negative impact on the system, significantly increasing response time, reducing the success of operations, and increasing the error rate. Data Tampering and MitM also harm performance, but not as critically. Without attacks, the system operates at maximum efficiency (98% successful operations, 2% errors). Implementing DDoS protection can be critical for system stability.
Three attack scenarios were tested: • • • • • • • (A1) DDoS attack on the management server: hping3 was used to generate a large number of requests to the ROS server port.
Expected effect: increased robot response time, stopping the sorting process. (A2) Man-in-the-Middle (MitM) attack on the MQTT connection: ettercap was used to intercept and modify commands between the MQTT server and myCobot 280 manipulator, which simulated realistic attack conditions on this communication protocol. Expected effect: modification of commands, incorrect operation of the robot. (A3) Sensor Spoofing attack: Emulation of fake RFID tags was used to deceive the system. Expected effect: incorrect sorting of products.
Evaluation of protection effectiveness Three protection strategies were implemented and their impact was evaluated: (P1) Traffic limitation and IDS (Intrusion Detection System): Using Snort to detect anomalous traffic. (P2) Command encryption and authentication: Use TLS 1.3 for MQTT Implement digital signatures to verify commands. (P3) AI analysis of robot behavior: An autoencoder was used to analyze deviations in behavior.
The impact of attacks on the average execution time of operations was studied (figure 6)
The resulting diagram shows how different types of cyber attacks affect the speed of execution of operations of a robotic system. Delay in execution can indicate system overload, signal processing failures or attempts to manipulate data.
X-axis (Attack Scenario): No Attack - normal operation without interference.
DDoS - a denial of service attack that overloads the system with requests.
MitM (Man-in-the-Middle) - an attack in which an attacker intercepts and modifies data between the control system and the manipulator.
Sensor Spoofing - an attack in which an attacker changes the sensor readings, misleading the system.
Y-axis (Execution Time (sec)): Displays the average execution time of one operation depending on the impact of attacks.
Results:
The result shows that DDoS attack has the strongest impact, increasing the average execution time of operations by more than 5 times. MitM and Sensor Spoofing also significantly affect the latency, which can lead to incorrect operation of the system. The robotic system works fastest in the absence of attacks, demonstrating the minimum execution time of operations.
Impact of Security Measures on Attack Reduction (Figure 7)
The resulting chart shows how different cybersecurity mechanisms affect the error rate in a robotic system. Security plays a critical role in preventing data manipulation, intruders, and increasing system stability.
X-axis (Type of Protection): No Protection – the system operates without cybersecurity mechanisms. IDS (Intrusion Detection System) – an intrusion detection system that analyzes network traffic for anomalies. TLS 1.3 – a modern data encryption protocol that provides a secure connection between devices. AI Monitoring – the use of artificial intelligence to analyze system behavior and automatically detect threats.
Y-axis (Error Rate (%) – Percentage of erroneous operations): Displays the proportion of operations that ended with an error.
Results:
Therefore, the presence of cyber protection significantly reduces the error rate. Using IDS helps reduce the number of erroneous operations by 60% compared to the absence of protection. TLS 1.3 further improves system stability, ensuring a high level of security during data transmission. The best result is demonstrated by AI Monitoring, which reduces the error rate to 5%, automatically adapting to new threats.
Cyberattacks significantly affect the efficiency of a robotic system. The worst performance indicators are observed with a DDoS attack, which increases the execution time of operations by more than 5 times. MitM and Sensor Spoofing attacks also cause delays, which can lead to incorrect operation of the manipulator. Without attacks, the system works quickly and stably. Protective measures significantly improve security and performance. The implementation of IDS and TLS 1.3 significantly reduces the error rate. The best results are achieved due to AI Monitoring, which almost completely eliminates errors. Without any protection, the system demonstrates a very high error rate (50%), which can cause dangerous failures in the production process.
Recommendations for improving system security: Use IDS and AI Monitoring to detect and neutralize attacks in real time. Implement TLS 1.3 to protect transmitted data from interception and substitution. Optimize system operation algorithms to minimize the impact of attacks on the execution time of operations.
The results obtained indicate that robotic systems are very vulnerable to attacks, especially DDoS. However, the implementation of modern security mechanisms, such as AI Monitoring and IDS, significantly increases the stability and accuracy of operations. The optimal combination of cyber protection allows to reduce risks and ensure reliable operation of manipulators in difficult conditions.
As a result of the study, a comprehensive analysis of the cybersecurity of robotic warehouse asset sorting systems in the printing industry was conducted. The implementation of such systems significantly increases the efficiency of logistics processes, minimizes the human factor and optimizes costs. However, their integration into the digital infrastructure of enterprises creates new challenges related to cybersecurity, since robotic platforms interact with ERP systems, use cloud services and open communication channels.
A threat analysis was conducted, which demonstrated that the most critical cyber threats for robotic warehouse systems include DoS/DDoS attacks, man-in-the-middle (MitM) attacks, data manipulation in WMS, RFID tag spoofing, network protocol vulnerabilities (MQTT, OPC UA, Modbus TCP/IP) and exploitation of the human factor through social engineering.
A mathematical model was developed to assess the impact of attacks on the performance of a robotic system. In particular, the study showed that DDoS attacks can increase the average execution time of operations by 5 times, and sorting errors increase by up to 55%. MitM and Sensor Spoofing attacks also significantly affect the accuracy and efficiency of the system.
To minimize cyber risks, three main protection methods were tested: Intrusion Detection System (IDS), which analyzes traffic and detects anomalies. Data encryption and authentication via TLS 1.3 and digital signatures. The use of AI to analyze robot behavior, which allows detecting anomalies in real time. The study confirmed that the most effective is a combination of methods, where AI monitoring reduces the error rate to 5%.
A series of tests using real cyberattacks was conducted in laboratory conditions. The greatest impact on system performance was a DDoS attack, which caused a delay in responses and partial blocking of the sorting manipulators. The use of TLS 1.3 and IDS allowed to reduce the risk of errors in order processing processes by 80%.
The results of the study demonstrate that ensuring cybersecurity of robotic warehouse systems in the printing industry is a critically important task. Without proper protection, such systems can become a target for cyberattacks, which will lead to significant financial and operational losses. The use of modern security technologies, in particular IDS, encryption and AI-monitoring, can significantly reduce the risks of attacks and increase the resilience of logistics processes to threats. The implementation of these measures in industrial conditions will contribute to increasing the security and efficiency of robotic logistics systems, which is a key factor for the digital transformation of the printing industry.
The author(s) have not employed any Generative AI tools.