UK Robotics Taxonomy: Cybersecurity and Safety Assurance Requirements by Class

Why One Assurance Framework Is No Longer Enough for UK Robotics

A caged industrial robot in a 1980s automotive factory and a networked surgical robot in a 2026 NHS operating theatre share a category name — robot — and almost nothing else in terms of assurance requirements. The first needed a safety fence and an emergency stop. The second needs functional safety certification under ISO 13485, cybersecurity assessment of its hospital network integration, and resilience testing to verify it rejects malicious commands gracefully.

UK robotics has expanded from isolated industrial arms to a broad landscape of classes — cobots, mobile robots, autonomous vehicles (road, rail, air and maritime), medical systems, nuclear and hazardous-environment robots, service robots and defence systems. Each class has a distinct risk profile. Each requires a tailored combination of physical safety certification and cyber resilience assurance. And for every class that has become connected, autonomous or AI-driven, the traditional safety certification framework alone is no longer sufficient.

This paper maps the full taxonomy.

The Core Distinction: Safety Certification vs. Cyber Resilience

Traditional safety certification — CE/UKCA marking compliance with ISO and IEC standards — assumes deterministic behaviour and random failures. It asks: will this system fail safely if something goes wrong by accident?

Cyber resilience assurance, framed by the NCSC's Cyber Resilience Test Facility (CRTF) principles-based model, assumes an intelligent adversary. It asks: will this system withstand and recover from a deliberate, targeted attack on its control, communication or software?

For every robotic class that has moved from physical isolation to network connectivity, both questions must be answered. Neither framework alone is sufficient.

How Risk Profiles Shift Across Robotics Classes

The dominant risk factors for any robotic system shift as connectivity, autonomy and human interaction increase. The taxonomy in this paper characterises eleven robotics classes across five dimensions: deployment context, dominant risk factors, applicable safety assurance regime, cyber assurance expectations under the CRTF model, and an overall assurance maturity rating.

The pattern is consistent across classes. Industrial and rail robotics carry high safety maturity built on decades of established standards — BS EN ISO 10218, IEC 61508, EN 5012x — but low to moderate cyber maturity, because these systems were designed for physical isolation and are only now acquiring network connectivity. Autonomous road vehicles, drones and maritime autonomous systems sit at the opposite extreme: their safety certification frameworks are still emerging, and cyber resilience practices are nascent despite the attack surface being significant — GPS spoofing, V2X exploitation and comms hijacking are realistic, not theoretical, threats.

Medical robots and cobots occupy a middle ground: safety certification is formalised and stringent, but cyber resilience is in early stages, with connectivity-driven risk growing faster than assurance frameworks are developing.

The Four CRTF Pillars Applied to Robotics

The NCSC's Cyber Resilience Test Facility model provides four principles that cut across every robotics class.

Principles-based assurance asks outcome-focused questions rather than prescriptive checklists. Can this industrial robot keep operating safely even if its network is under attack? Can this autonomous vehicle maintain safe behaviour under GPS spoofing? This approach accommodates non-deterministic AI behaviour that traditional certification was never designed to evaluate.

Threat-led testing simulates realistic adversary scenarios through penetration testing and red-teaming. For an autonomous vehicle, this means testing not only that it brakes on sensor failure (safety) but that it reacts safely when a communications link is actively exploited (cyber).

System-of-systems perspective recognises that a robot safe in isolation may become unsafe when an external system it depends on fails or is compromised — a cobot in a smart factory, a surgical robot across a hospital network, a drone fleet connected to cloud infrastructure.

Continuous assurance acknowledges that AI-driven systems whose behaviour evolves through learning and updates cannot be adequately assured by point-in-time certification. Regular threat assessments and resilience by design become part of the product lifecycle.

The Assurance Gap: Where Safety Standards End

The assurance gap — the space between what safety certification addresses and what cyber resilience assurance must additionally cover — is widest for the fastest-growing deployment categories. Autonomous road vehicles, drones, maritime autonomous systems and AI-driven service robots all face significant cyber attack surfaces with limited mandatory assurance frameworks. ISO/SAE 21434 and UNECE R155 are accelerating development for automotive cybersecurity. The CRTF is providing threat-led testing frameworks for CNI-adjacent robotics. But for service robots and consumer-grade humanoid systems, cyber resilience assurance remains largely voluntary and reliant on manufacturer best practice.

That gap will close — driven by the CRA's extension to products with digital elements, procurement requirements from regulated sector buyers, and the maturing of NCSC guidance for autonomous systems. The organisations and manufacturers who address it proactively will be better positioned commercially and regulatorily than those who wait.

Key Takeaways

  • UK robotics spans eleven classes with fundamentally different risk profiles. One assurance approach does not fit all.

  • Safety certification maturity is high for industrial, rail and medical robotics. Cyber resilience maturity lags significantly for most classes.

  • The assurance gap is widest for autonomous vehicles, drones, maritime autonomous systems and AI-driven service robots — the fastest-growing deployment categories.

  • The NCSC CRTF principles-based model provides a unifying cyber resilience framework applicable across all classes, complementing rather than replacing safety certification.

  • Continuous assurance, not point-in-time certification, is the appropriate model for AI-driven and adaptive robotic systems.

  • For any robotic system that has moved from physical isolation to network connectivity, cyber resilience assurance is now a co-equal requirement alongside physical safety certification.

Download the Full Taxonomy

The full white paper includes the complete eleven-class taxonomy table with deployment context, dominant risk factors, safety assurance regime, CRTF cyber expectations and colour-coded maturity ratings for each class; a historical evolution timeline from 1980s to 2020s; the four CRTF assurance pillars applied to robotics; the full regulatory and standards context covering HSE, sector regulators and NCSC; and the assurance gap analysis by class category.

Free to download. No registration required.

UK Robotics Taxonomy: Cybersecurity and Safety Assurance Requirements by Class

Previous
Previous

Vulnerability Discovery in the Age of AI: Why Principles-Based Assurance Is Now the Only Credible Response

Next
Next

Cyber Assurance Architecture: A New Discipline for Managing Cybersecurity Evidence