On 11 June 2026 the New York Times ran a major report on China's robot offensive: the mass production of humanoid robots as a strategic industry, state-driven, not a niche. You can argue about individual forecasts, but not about the direction. The robots are coming, and their hardware will largely come from China. For hospitals, utilities and other regulated facilities, the decisive question is therefore no longer whether service robots arrive, but under whose control their data and remote access sit.
The numbers point to China
The picture is strikingly consistent across sources:
- Chinese manufacturers shipped roughly 90 % of all humanoid robots delivered worldwide in 2025, a jump of almost 480 % year over year (TechTimes, Bloomberg).
- Beijing is turning this into industrial policy: a joint directive from the MIIT and SASAC ministries calls for more than 10,000 humanoids in commercial use by the end of 2026, across manufacturing, logistics, retail, healthcare and disaster relief. Local governments and state-owned enterprises had to submit deployment plans by the end of June (Caixin). Internally the framing is: out of demo mode, into "work mode".
- It is backed by a state fund of around one trillion yuan (about 138 billion US dollars), complemented by regional subsidy programmes (International Federation of Robotics).
A sense of proportion is in order, though: more than 150 firms are crowding into the market, but only about 23 % of buyers are satisfied with the products on offer (The Next Web). Both are true: the hardware dominance is real, the maturity in sustained productive operation is not yet. That is exactly why it pays to think about the right architecture now, not once the devices are already in the building.
The real question: not "whether", but "under whose control"
That robots are coming into the hospital is settled. The open question for European facilities is not whether they deploy service robots, but under whose control their data and remote access sit. A networked robot is an IT system in a sensitive environment, with microphones, cameras, map data and a remote channel. This control layer is today's blind spot.
The risk is documented, not speculative
This is not scaremongering, it is publicly documented:
- In the Aethon TUG hospital transport robot, researchers at Cynerio found five vulnerabilities ("JekyllBot:5"), one of them rated at near-maximum severity, CVSS 9.8. Attackers could have remote-controlled robots, watched patients and tampered with medication delivery (Cynerio).
- In the Temi telepresence robot, McAfee documented several flaws with missing authentication and hard-coded credentials. Strangers could have eavesdropped on video calls and remote-controlled the robot, with no sign-in at all (McAfee).
- In Unitree robots, from the very manufacturer leading the humanoid wave, CVE-2025-35027 ("UniPwn") describes a wormable takeover over Bluetooth: hard-coded keys, bypassed authentication, root access that spreads on its own to other robots within radio range (NVD).
The pattern is always the same: undocumented remote access, weak authentication, no indication to the user when something is recorded or transmitted. In a critical-infrastructure hospital, that is not acceptable.
KRITIS and NIS-2 set the frame
KRITIS and NIS-2 do not demand a particular robot brand. They demand that you know where data lives, who has access, and how you respond when something goes wrong. A robot tied to a foreign cloud, whose remote maintenance you do not control, makes exactly these duties harder. We have already written up the practical side, in our practical guide to KRITIS and NIS-2 for service robots.
Sovereignty is decided at the application layer
Here is the point that matters. Sovereignty is not decided at the hardware. Hardware is interchangeable, cost-driven, and for the foreseeable future will largely come from China; trying to out-build it would be naive. Sovereignty is decided one level up: in the application and control layer between the robots and your IT. This layer determines which data leaves the building, who may remote-control a robot, and whether a single device becomes an entry point. It is exactly the level that KRITIS and NIS-2 address in practice. Whoever occupies it keeps control, regardless of the name on the type plate. This is the layer we have to occupy in Europe.
Don't ban it, govern it
"The answer to Chinese hardware dominance is not to ban robots. The answer is a vendor-neutral control layer."
In concrete terms: robots run offline by default, all data traffic is routed through a controlled middleware, and remote maintenance only happens over controlled channels. That keeps the hospital in command, no matter which manufacturer the robot comes from.
That is exactly what we build with Axiona: the vendor-independent layer between robots and the outside world, designed for encapsulated, auditable operation that can run on-premise, with hospOS as the sector-specific layer for the hospital. In all honesty: software does not make anyone automatically KRITIS- or NIS-2-compliant. Compliance remains an organisational process. But a neutral layer keeps data, access and integration where they belong, with you.
Form follows function
Humanoids are the marketing face of this wave. In everyday hospital work, the demonstrated benefit today lies elsewhere: in transport and guidance. Moving samples does not require legs, it requires reliability, an elevator connection and clean process integration. We measure value in nursing time saved, not in stage demos. And robots complement nurses, they do not replace them; but that only works once integration, acceptance and security are solved.
Next step
If you are planning robotics in a regulated environment, it pays to look at the control layer before procurement. Talk to us about your project, or explore our approach to sovereignty and security.
