Practical Industrial Internet of Things Security E-Book

Practical Industrial Internet of Things Security

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin GeorgeAcquisition Editor: Prachi BishtContent Development Editor: Dattatraya MoreTechnical Editor: Sayali ThanekarCopy Editor:Safis EditingProject Coordinator: Shweta H BirwatkarProofreader: Safis EditingIndexer: Priyanka DhadkeGraphics: Jisha ChirayilProduction Coordinator: Arvindkumar Gupta

First published: July 2018

Production reference: 1260718

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78883-268-7

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Foreword

When the internet was invented almost 40 years ago, security was not on anyone's radar. No one considered it at all. There was no need—the application in mind was to share documents across labs at CERN, and those documents were not secret. The internet was person-to-person, and these were persons who wanted to share.

The critical invention, the URL, is now used in a person-to-business manner. We can bank online, book flights and hotel rooms, and provide our credit card details over the internet. Since the internet is no longer a simple document-sharing scheme, security is now a major concern. Moreover, health records are often online and we (sometimes unwittingly) provide huge amounts of personal data via social media and sites that provide specific services, such as dating. We want that data to be kept private. Privacy is now definitely a major concern.

We are now connecting things to the internet. We can control physical devices in the real world; the internet is business-to-thing. Consequently, safety is a concern. Moreover, autonomous vehicles, for example, must not only be safe in the "airbag" sense, but they also need to be resilient and reliable in terms of their autonomous technology so that they don't break down at 65 miles an hour; they need to be resilient so that when they do break down, they degrade gracefully. 

This Industrial Internet of Things (IIoT) is an internet of things, machines, computers, and people that will transform economies and societies. But only if it is trustworthy.

Trustworthiness is a combination of security (it's not just cyber- any more!), privacy, safety, reliability, and resilience across both the Information Technology (IT) and Operational Technology (OT) domains. This convergence involves people from many different areas with different vocabularies ("security" means different things to an IT specialist and a plant manager) and different timelines (IT is updating my phone as we speak, while a chemical plant requires many compliance checks). It requires careful thought and reconciliation of culture, processes, values, and emphasis.

Trustworthiness is therefore a complex, expansive subject that encompasses multiple dimensions and disciplines. It requires comprehensive groundwork to promote awareness, expertise, and practical actions. It ties directly to safety, environmental damage, and ethics—the entire economy and society worldwide. Yet there's a lack of comprehensive understanding of trustworthiness among business stakeholders and technical professionals, including system developers, integrators, and manufacturers. Industrial users looking to adopt IIoT need comprehensive guidance.

This book, Practical Industrial IoT Security, takes the IIC's work, existing standards, and best practices and combines them into a security practitioner's handbook. It is widely applicable across verticals, targeting solutions architects and anyone else responsible for IIoT security, allowing them to digest a single volume to consume the breadth of the security issues in IIoT. The book seamlessly aligns with these frameworks and demonstrates their practical applicability to various IIoT uses cases.

The industry today is much in need of such a resource. This book fills the gap between conceptual frameworks and practice. It addresses the security roles and responsibilities across the life cycle, from business case and requirements definition, development, and integration, right the way to deployment and live operations. In addition to IIC resources, readers will also find several useful industry references, including works done by the IEEE, IEC, OMG, Cloud Security Alliance, NIST, research organizations, and academics. As such, this book is very closely tied with the IIC's vision and initiatives.

This book is not the conclusion for IIoT security, but rather the start of a journey to realize a digitally connected world, enabling it to evolve to meet the security challenges of the foreseeable future.

Stephen J Mellor

CTO

Industrial Internet Consortium

La Jolla, CA, USA

2018-06-27

Contributors

About the author

Sravani Bhattacharjee has been a data communications technologist for over 20 years. As a technology leader at Cisco till 2014, she led the architectural planning and security evaluations of several enterprise cloud/datacenter solutions. As the principal of Irecamedia, She currently collaborates with Industrial IoT innovators to drive awareness and business decisions by creating industry whitepapers and a variety of editorial and technical marketing content. She is a member of the IEEE IoT chapter, a writer, and a speaker. She has a master's degree in Electronics Engineering.

About the reviewer

Sven Schrecker is the Chief Architect for Intel's IoT Security Solutions Group. He is responsible for open, standards-based platforms and strategy to enable end-to-end IoT security across both legacy and new technologies, leveraging hardware and software solutions to demonstrably increase security focused at embedded and industrial deployments. He is also the Chair of the IIC's Security Working Group, where he seeks to improve security capability across IIoT. He is an inventor of over four dozen security-related patents either pending or granted.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Disclaimer

The information within this book is intended to be used only in an ethical manner. Do not use any information from the book if you do not have written permission from the owner of the equipment. If you perform illegal actions, you are likely to be arrested and prosecuted to the full extent of the law. Packt Publishing does not take any responsibility if you misuse any of the information contained within the book. The information herein must only be used while testing environments with proper written authorizations from appropriate persons responsible.

Table of Contents

Title Page

Copyright and Credits

Practical Industrial Internet of Things Security

Dedication

Packt Upsell

Why subscribe?

PacktPub.com

Foreword

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Disclaimer

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

An Unprecedented Opportunity at Stake

Defining the Industrial IoT

Industrial IoT, Industrial Internet, and Industrie 4.0

Consumer versus Industrial IoT

Industrial IoT security – a business imperative

Cybersecurity versus cyber-physical IoT security

What is a cyber-physical system?

Industrial "things," connectivity, and operational technologies

Operational technology

Machine-to-Machine

An overview of SCADA, DCS, and PLC

Industrial control system architecture

ICS components and data networks

ICS network components

Fieldbus protocols

IT and OT convergence – what it really means

Industrial IoT deployment architecture

Divergence in IT and OT security fundamentals

Operational priorities

Attack surface and threat actors

Interdependence of critical infrastructures

Industrial threats, vulnerabilities, and risk factors

Threats and threat actors

Vulnerabilities

Policy and procedure vulnerabilities

Platform vulnerabilities

Software platform vulnerabilities

Network vulnerability

Risks

Evolution of cyber-physical attacks

Industrial IoT use cases – examining the cyber risk gap

Energy and smart grids

Manufacturing

Cyberattack on industrial control systems – Stuxnet case study

Event flow

Key points

Risk gap summary

Smart city and autonomous transportation

Healthcare and pharmaceuticals

The ransomware attack on the healthcare enterprise – "WannaCry" case study

Cyber risk gap summary

Summary

Industrial IoT Dataflow and Security Architecture

Primer on IIoT attacks and countermeasures

Attack surfaces and attack vectors

OWASP IoT attack surfaces

Attack trees

Fault tree analysis

Threat modeling

STRIDE threat model

DREAD threat model

Trustworthiness of an IIoT system

Industrial big data pipeline and architectures

Industrial IoT security architecture

 Business viewpoint

 Usage viewpoint

Functional viewpoint

Implementation viewpoint

IIoT architecture patterns

Pattern 1 – Three-tier architectural model

Pattern 2 – Layered databus architecture

Building blocks of industrial IoT security architecture

A four-tier IIoT security model

Summary

IIoT Identity and Access Management

A primer on identity and access control

Identification

Authentication

Authorization

Account management

Distinguishing features of IAM in IIoT

Diversity of IIoT endpoints

Resource-constrained and brownfield considerations

Physical safety and reliability

Autonomy and scalability

Event logging is a rarity

Subscription-based models

Increasing sophistication of identity attacks

Risk-based access control policy

Identity management across the device lifecycle

Authentication and authorization frameworks for IIoT

Password-based authentication

Biometrics

Multi-factor authentication

Key-based authentication

Symmetric keys

Asymmetric keys

Zero-knowledge keys

Certificate-based authentication

Trust models – public key infrastructures and digital certificates

PKI certificate standards for IIoT

ITU-T X.509

IEEE 1609.2

Certificate management in IIoT deployments

Extending the OAuth 2.0 authorization framework for IoT access control

IEEE 802.1x

Identity support in messaging protocols

MQTT

CoAP

DDS

REST

Monitoring and management capabilities

Activity logging support

Revocation support and OCSP

Building an IAM strategy for IIoT deployment

Risk-based policy management

Summary

Endpoint Security and Trustworthiness

Defining an IIoT endpoint

Motivation and risk-based endpoint protection

Resource-constrained endpoint protection

Brownfield scenario considerations

Endpoint security enabling technologies

IIoT endpoint vulnerabilities

Case study – White hack exposes smart grid meter vulnerability

Use case

Developing the exploit

Demonstration

Establishing trust in hardware

Hardware security components

Root of trust – TPM, TEE, and UEFI

Securing secrets, or sealing

Endpoint identity and access control

Initialization and boot process integrity

Establishing endpoint trust during operations

Secure updates

A trustworthy execution ecosystem

Endpoint data integrity

Endpoint configuration and management

Endpoint visibility and control

Endpoint security using isolation techniques

Process isolation

Container isolation

Virtual isolation

Physical isolation

Endpoint physical security

Machine learning enabled endpoint security

Endpoint security testing and certification

Endpoint protection industry standards

Summary

Securing Connectivity and Communications

Definitions – networking, communications, and connectivity

Distinguishing features of IIoT connectivity

Deterministic behavior

Interoperability – proprietary versus open standards

Performance characteristics – latency, jitter, and throughput

Legacy networks with disappearing air gaps

Access to resource-constrained networks

Massive transition by connecting the unconnected

IIoT connectivity architectures

Multi-tier IIoT-secured connectivity architecture

Layered databus architecture

Controls for IIoT connectivity protection

Secure tunnels and VPNs

Cryptography controls

Network segmentation

Industrial demilitarized zones

Boundary defense with firewalls and filtering

Comprehensive access control

Core and edge gateways

Unidirectional gateway protection

Asset discovery, visibility, and monitoring

Physical security – the first line of defense

Security assessment of IIoT connectivity standards and protocols

Fieldbus protocols

Connectivity framework standards

Data Distribution Service

DDS security

oneM2M

oneM2M security

Open Platform Communications Unified Architecture (OPC UA)

OPC UA security

Web services and HTTP

Web services and HTTP security

Connectivity transport standards

Transmission Control Protocol (TCP)

TCP security

User Datagram Protocol (UDP)

UDP security

MQTT and MQTT-SN

MQTT security

Constrained Application Protocol (CoAP)

CoAP security

Advanced Message Queuing Protocol (AMQP)

Connectivity network standards

Data link and physical access standards

IEEE 802.15.4 WPAN

IEEE 802.11 wireless LAN

Cellular communications

Wireless wide area network standards

IEEE 802.16 (WiMAX)

LoRaWAN

Summary

Securing IIoT Edge, Cloud, and Apps

Defining edge, fog, and cloud computing

IIoT cloud security architecture

Secured industrial site

Secured edge intelligence

Secure edge cloud transport

Secure cloud services

Cloud security – shared responsibility model

Defense-in-depth cloud security strategy

Infrastructure security

Identity and access management

Application security

Microservice architecture

Container security

Credential store and vault

Data protection

Data governance

Data encryption

Key and digital certificate management

Securing the data life cycle

Cloud security operations life cycle

Business continuity plan and disaster recovery

Secure patch management

Security monitoring

Vulnerability management

Threat intelligence

Incident response

Secure device management

Cloud security standards and compliance

Case study of IIoT cloud platforms

Case study 1 – Predix IIoT platform 

Case study 2 – Microsoft Azure IoT 

Case study 3 – Amazon AWS IoT 

Cloud security assessment

Summary

Secure Processes and Governance

Challenges of unified security governance

Securing processes across the IIoT life cycle

Business cases

System definitions

Development

Deployment

Evaluating security products

Operations

Understanding security roles

Solution provider

Hardware manufacturers

Industry governance

Solution owner

Elements of an IIoT security program

Risk assessment

Regulatory compliance

Security policy

Security monitoring

Security analysis

Incident response and management

Security audits

Security maturity model

Implementing an IIoT security program

Establishing an IIoT security team

Deciding on regulatory compliance

Assessing and managing risks

Managing third-party security

Enforcing the security policy

Continuous monitoring and analysis

Conducting security training

Implementing incident management

Defining security audits

Security revisions and maturity

Summary

IIoT Security Using Emerging Technologies

Blockchain to secure IIoT transactions

Public and private blockchains

Digital identity with blockchains

Securing the supply chain

Blockchain challenges

Cognitive countermeasures – AI, machine learning, and deep learning

Practical considerations for AI-based IIoT security

Time-sensitive networking – Next-gen industrial connectivity

Time synchronization

Traffic scheduling

Network and system configuration

TSN security 

Other Promising Trends

Summary

Real-World Case Studies in IIoT Security

Analysis of a real-world cyber-physical attack

Background and impact

The sequence of events

Exploit loopholes to perform the attack

Trigger the attack with impact

Impair operations and delay recovery

Inside the attack anatomy

Reconnaissance

Spear phishing

Credential theft

Data exfiltration

Remote access exploit

Impair recovery – Malicious firmware, TDOS, and UPS failure

Cyber-physical defense – Lessons learned

Case study 2 – Building a successful IIoT security program

Background

Defining the security program

Implementation

Concluding remarks

Case study 3 – ISA/IEC 62443 based industrial endpoint protection

Background

Solution

Concluding remarks

Summary

The Road Ahead

An era of decentralized autonomy

Endpoint security

Standards and reference architecture

Industrial collaboration

Interoperability

Green patches in brownfield

Technology trends

Summary

I

II

Security standards – quick reference

Device endpoint security

Industrial connectivity infrastructure security

Edge-cloud security

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

The Industrial IoT (IIoT) is ushering in enormous social and economic opportunities. It has introduced a new era of autonomous machines and intelligent processes. However, an undeniable side effect of connectivity is exposure to cyber intrusions. Security is therefore a top concern in IIoT adoption. IIoT security is intricately linked to the reliability of physical systems, as well as human and environmental safety.

This book provides a comprehensive understanding of the entire gamut of IIoT security and practical techniques to build and adopt secured IIoT solutions. In this book, readers will find expert insights into the foundational tenets of IIoT security, threat models, reference architectures, and real-world case studies.

This book covers practical tools for designing risk-based security controls, and goes into depth regarding multi layered defense techniques involving IAM, endpoint security, connectivity technologies, and edge- and cloud-based applications, such that you gain a solid grasp of this crucial security discipline. Developers, architects, plant managers, manufacturers, and business leaders are just some of the people who should be concerned with securing IIoT life cycle processes, standardization and governance, and assessing the applicability of emerging technologies (for example, blockchain, AI/machine learning, TSN, and quantum) with a view to implementing resilient and socially beneficial connected systems at scale.

Who this book is for

This book targets IIoT practitioners, including IIoT researchers, security professionals, architects, developers, and business stakeholders. Anyone who needs to have a comprehensive understanding of the unique safety and security challenges of connected industries, and who needs to learn practical methodologies to secure industrial assets, will find this book immensely helpful. This book is uniquely designed to benefit professionals from both IT and industrial operations, backgrounds.

What this book covers

Chapter 1, An Unprecedented Opportunity at Stake, introduces you to the foundational IIoT concepts, definitions, and unique challenges in securing ICS/SCADA/DCS systems. The chapter also dives into security assessment of a few prominent IIoT use cases.

Chapter 2, Industrial IoT Dataflow and Security Architecture, gives you an in-depth understanding of data flows in industrial applications, reference architectures, and risk management methodologies for IIoT. Finally, it establishes an end-to-end IIoT security architecture based on the industrial internet security framework (IISF).

Chapter 3, IIoT Identity and Access Management, helps you develop comprehensive insights in terms of identity and access control technologies and their evolutionary developments to protect IIoT architectures.

Chapter 4, Endpoint Security and Trustworthiness, introduces you to the crucial subject of endpoint security and provides a solid understanding of the importance, challenges, and solutions to secure IIoT endpoints.

Chapter 5, Securing Connectivity and Communications, introduces the Industrial Internet Connectivity Framework (IICF), and covers the breadth and depth of IIoT connectivity technologies and architectures, giving you an expert insight into their security postures.

Chapter 6, Securing IIoT Edge, Cloud, and Apps, explains the security technologies that are designed to protect IIoT applications, from the edge to the cloud, using real-world IoT cloud examples.

Chapter 7, Secure Processes and Governance, covers the critical role of the management and governance aspects of IIoT security, in order to provide some guidance to business leaders and industry players. 

Chapter 8, IIoT Security Using Emerging Technologies, helps you to understand many emerging technologies and evaluate their relevance to securing connected industrial use cases.

Chapter 9, Real-World Case Studies in IIoT Security, builds on various dimensions of IIoT security discussed in this book with real-world use cases.

Chapter 10, The Road Ahead, summarizes the technical findings presented in this book and provides some concluding remarks and insights on what to do next.

To get the most out of this book

This book has been uniquely designed to cater to the needs of technical professionals with either an IT or operational background, and also for organizational business leaders. Chapter 3, IIoT Identity and Access Management, Chapter 4, Endpoint Security and Trustworthiness, Chapter 5, Securing Connectivity and Communications, and Chapter 6, Securing IIoT Edge, Cloud, and Apps, have advanced-level information and expect a certain degree of technical proficiency in IT technologies and a knowledge of industrial operations. The remaining chapters have been developed to provide crucial insights for IIoT practitioners with both technical and business backgrounds.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/PracticalIndustrialInternetofThingsSecurity_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Default passwords are usually easy-to-guess phrases (such as password123), and are meant to be replaced by stronger passwords when the device has been deployed."

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "The security program for their automated fleet and industrial automation control system (IACS) was operationalized to protect valuable assets and ensure the safety of rig personnel."

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

An Unprecedented Opportunity at Stake

Network connectivity has fundamentally changed the world as we know it. In the last four decades, connected computing has fueled a global economy centered around the internet and internet-based applications, and most notably the World Wide Web. It has redefined human communications and our experiences with shopping, banking, and travel. However, when this same connectivity concept extends beyond the human boundaries to otherwise dumb devices and machines, the value latent in these machine data creates unprecedented opportunities, much of which we are probably only anticipating at this point and are yet to harness completely.

The present era of smart connected machines has ushered new markets with enormous growth potential, especially with almost every industrial company being under pressure to exploit the benefits of digital intelligence. In the last five years, most industrial verticals, notably manufacturing, transportation, retail, and healthcare, have begun to embrace connected technologies at scale. These technologies collectively is known as the Industrial Internet of Things (IIoT).

Securing IIoT deployments against cyber threats, however, remains a major challenge. The consequences of an IIoT security breach are much more severe than compromises of traditional IT deployments. In the case of a hack in IIoT systems, in addition to the usual IT-based fallouts such as reputation damage and financial loss, there could be loss of life and/or environmental damage. Since IIoT systems interact with the physical environment, the security paradigms of e-commerce and IT infrastructures significantly differ in the cyber-physical domains in terms of attack vectors, threat actors, and impact.

Nevertheless, while cyber-insecurity is the undeniable flip-side of connectivity, security-by-obscurity is no longer an option. The benefits of industrial data and cloud connectivity offer enormous advantages that cannot be ignored. Industries will embrace these new technologies and must therefore balance them with adequate safety and security controls.

For any connected industry use case, security is a business and moral imperative. Much research, innovation, and investment are being directed world-wide to secure connected industries. This book combines these developments to provide a comprehensive understanding of IIoT security, and will equip the reader with practical know-how and tools to tackle both its technical and business aspects. Readers will find the important concepts and techniques needed to plan, design, and build resilient IIoT systems and can benefit from the experiences of IIoT security experts on these topics.

In this chapter, we shall establish a solid foundation by discussing the following topics:

Defining the Industrial IoT

Industrial IoT security – a business imperative

Cybersecurity versus cyber-physical IoT security

Industrial "things," connectivity, and

operational technologies

(

OT

)

IT and OT convergence – what it really means

Industrial IoT deployment architecture

Divergence in IT and OT security fundamentals

Industrial threats, vulnerabilities, and risk factors

Evolution of cyber-physical attacks

Industrial IoT use cases – examining their cyber risk gap

Defining the Industrial IoT

Security is a foundational element of IIoT adoption. Before diving into the paradigms of the IIoT security framework, let's first define and fathom the expanses of IIoT.

The Internet of Things in itself is gaining a pervasive scope, resulting in the many ways that it is defined and described. The Internet Engineering Task Force (IETF), states that "in the vision of the IoT, "things" are very various such as computers, sensors, people, actuators, refrigerators, TVs, vehicles, mobile phones, clothes, food, medicines, books, etc." (Minerva, Biru, and Rotondi 2015 (https://www.tandfonline.com/doi/full/10.1080/23738871.2017.1366536) Minerva, R., A. Biru, and D. Rotondi. 2015. "Towards a Definition of the Internet of Things (IoT)." IEEE Internet Initiative, Torino, Italy, 1. (Google Scholar)).

However, for the scope of our discussion in this book, we shall primarily lean on the following definition of the Internet of Things, which has been excerpted from (IEEE-IOT):

"An IoT is a network that connects uniquely identifiable "things" to the internet. The "things" have sensing/actuation and potential programmability capabilities. Through the exploitation of the unique identification and sensing, information about the "thing" can be collected and the state of the "thing" can be changed from anywhere, anytime, by anything."

(https://iot.ieee.org/images/files/pdf/IEEE_IoT_Towards_Definition_Internet_of_Things_Revision1_27MAY15.pdf)

This definition mentions the collection of information about the thing and also the possibility of changing the state of the thing from anywhere, anytime, and by anything. In other words, the connected things are, by design, vulnerable to harvesting and subjugation without the need for authority. This highlights the importance of security to protect IoT, a topic that will be delved deeper into in the rest of this book. 

From a functional perspective, IoT is essentially an enabler to digitize and interconnect physical assets. By embedding the communication protocol stack and software logic (or smarts), otherwise dumb entities such as appliances, sensors, actuators, or any device or machinery can intelligently communicate data without any human intervention. The enormous quantity of data (rather big data) generated by things can be analyzed to gain data-driven insights and to offer value-added products and services.

Industrial IoT, Industrial Internet, and Industrie 4.0

The IIoT digitally transforms industrial and enterprise operations by adding smarts and connectivity to machines, people, and processes. IIoT converges technical advancements in multiple areas, including:

Innovations in network connectivity (low energy wireless, edge and cloud technologies)

Low-cost sensing and computing with machine learning

Sensor-generated big data

Machine-to-machine

(

M2M

) communications

Automation technologies those have existed in the industry for many years

IIoT is also interchangeably referred to as the Industrial Internet, a term originally coined by General Electric (GE). GE defines the Industrial Internet as (GE-IIoT) "the convergence of the global industrial system with the power of advanced computing, analytics, low-cost sensing and new levels of connectivity permitted by the internet."

GE's Industrial Internet refers to the third wave of innovation in industrial environments, the first two waves being the industrial revolution, followed by the Internet revolution, as shown in the following diagram:

Industrie 4.0 is a digital transformation project that was launched (https://www.i-scoop.eu/industry-4-0/) by Germany in 2011 and widely referenced in Europe (ISP-4IR). It refers to connected cyber-physical systems (discussed later in this chapter). The Industrial Internet concept is comparable to the fourth revolution, as illustrated in figure 1.2.

Industrie 4.0 is primarily focused on the digital transformation of manufacturing by leveraging technologies such as big data/analytics and IoT. This transformation is catalyzed by the convergence of information technology (IT) and OT, robotics, data, artificial intelligence, and manufacturing processes to realize connected factories, smart decentralized manufacturing, self-optimizing systems, and the digital supply chain in the information-driven, cyber-physical environment of the fourth industrial revolution, sometimes called 4IR (ISP-IIoT):

According to top analyst firms, over the next decade, the number of connected machines is estimated to be in the order of tens of billions, while through accelerated productivity growth, the global gross domestic product (GDP) is estimated to expand in double digits. Increases in efficiency, data management, productivity, and safety are the core drivers for IIoT adoption.

Interestingly, this wave of digital transformation in various industry verticals is also a key driver for safety and security technologies in order to realize reliable systems and architectures.

Consumer versus Industrial IoT

The value of sensor-embedded connected devices took a giant leap with the ubiquity of smartphones. Hand-held mobile phones morphed from being just a data and voice communication device to a versatile commodity that assists in navigation, news, weather, health, and so on. The iPhone itself boasts of a number of sensors for proximity, motion/accelerometer, ambient light, moisture, a gyroscope, a compass, and so forth. Apple watch, Fitbit, Amazon Echo, and so on have heralded a whole new era of smart, personal wearables, along with ingestible and home controls, thus opening up entirely new market segments. These home and personal devices together are most commonly understood as the Internet of Things.

However, these same principles when applied at scale—in enterprises and industries—multiply both in terms of complexity and benefits. The Industrial Internet Consortium (IIC) was established in March 2014 with the mission to accelerate the industrial adoption of IoT, by creating standards to "connect objects, sensors and large computing systems." This formally delineated IIoT from consumer IoT, the latter being more focused on personal and home automation gadgets and appliances, and dealing with different security postures when compared to IIoT.

In this book, the term IIoT refers to scalable internet of things architectures that are applicable to enterprises across a wide variety of industry verticals, such as energy, water, farming, oil and gas, transportation, smart cities, healthcare, building automation and so on, and will be referred to by its short form, IIoT.

In many contexts, the use of the term IIoT is limited to being a connectivity enabler, just like the internet enabled the connection of computers. However, we look at IIoT as more than connectivity. It encompasses the entire industrial value chain, which involves embedded intelligence, network connectivity, harnessing big data, machine learning/AI, the smart supply chain, and advanced analytics-driven business insights.

Industrial IoT security – a business imperative

Digital connectivity of industrial machinery and equipment (or any physical asset) with advanced IT platforms is a unique advancement that opens up unprecedented social and economic opportunities. This convergence of the physical and cyber worlds at an industrial scale translates to managing operations thousands of miles away, preventing critical machine failures through proactive detection and remediation, digitally tracking the supply chain, providing elderly care remotely, and many similar use cases.

The use cases are promising, no doubt. However, cyber threats are the bane of ubiquitous connectivity, and currently it is a major deterrent to IIoT adoption.

At the Industry of Things 2017, 62% of industrial participants cited cybersecurity and data privacy as their concern in regards to adopting IoT. The lack of standards for interoperability and interconnectivity comes next at 39% (IOT-WLD).

In traditional industrial settings, obscurity has ensured security. Air-gapping has been a prevalent security strategy for protecting sensitive industrial systems. By definition, an air- gapped system is not connected to any external network or system. Air-gapping as a strategy seems questionable in a digital era where assets are never fully immune to intrusion.

Connecting enterprise systems to boost productivity and efficiency came at a price. The Equifax cybersecurity breach in August 2017 reportedly exposed the identity of several million users, and this is just one of many instances of DDoS attacks, ransomware, fraudulent transactions, and even meddling with national administration and governance.

While the impact of enterprise cybercrimes has been mainly limited to loss in finances, brand reputation, and privacy, the impact of a security breach for mission critical assets is feared to be much more severe. For example, a breach in an airline database can expose confidential passenger records and personal data. However, by compromising an aircraft's flight control system, highly sensitive aviation data can be manipulated in real time; for example, the navigation dashboard could display the plane as traveling at a higher altitude than it actually is. A breach in an airline database is serious enough; however, loss of altitude (and safety) could have much worse consequences (WLT-ICS). A cybersecurity intrusion in a connected nuclear facility, manufacturing plant, smart energy grid, or connected hospital environment could cause massive damage in infrastructure and cost human lives.

That's why security is such an important criteria in every IIoT use case. In any IIoT deployment, security can neither be considered in isolation, nor can it be an afterthought. Processes, people, and things—the three components of any IIoT architecture—dictate its safety and security requirements. IIoT security encompasses the full solution life cycle, and this book provides security guidance across most of it. Awareness and proper cognizance of the unique security characteristics of connected industries, risk evaluation, mitigation across a product's life cycle, and "security by design" principles are central to any successful IIoT business strategy. Otherwise, costly security compromises could far outweigh the social and economic promises of IIoT.

Cybersecurity versus cyber-physical IoT security

Cybersecurity is the foster child of the internet. With the proliferation of networks and networks of networks, information (data) and intelligence (software programs and applications) stored in a given network domain became vulnerable to unauthorized access. To prevent such access and its consequences, cybersecurity and information security became an indispensable discipline. Cybersecurity can be generally defined as a technology stack of processes, protocols, and practices to protect computing systems (servers, application endpoints), data, and networks from unauthorized access, malicious attacks, and other forms of intentional and unintentional damage.

Securing the Industrial Internet can be considered as a superset of cybersecurity, since now we are talking about protecting cyber-physical systems.

What is a cyber-physical system?

A cyber-physical system (CPS) refers to any network-connected instrumentation that also interacts with the physical world. Consider the example of a thermostat that's connected to a data network. In the industrial context, a common example of a cyber-physical system is an industrial control systems or ICS. An ICS is a general term used to describe a wide variety of control systems and instrumentation that's used to control industrial processes. This ranges from small panel-mounted controller modules with few control loops to several geographically distributed controllers.

Large-scale ICS is usually deployed using supervisory control and data acquisition (SCADA) systems, or distributed control systems (DCS) and programmable logic controllers (PLCs). All systems receive data from remote sensors that measure process variables (PVs), compare these with desired set points (SPs), and derive command functions that are used to control a process through the final control elements (FCEs), such as control valves.

When a CPS is connected to an external network (let's say to a centralized cloud infrastructure), we can refer to it as a cyber-physical IoT. The following diagram is a generalization of an ICS or a cyber-physical system. The system could be controlling engine performance and acceleration in an automobile, or the temperature-based controls in a power grid:

In the case of cybersecurity, the prime focus is to protect the data itself. Data privacy and identity protection are the top priorities. In the case of cyber-physical security, visibility into the controls is important. For example, if a temperature sensor in a power generation plant is hacked remotely, it can incorrectly output very high temperature values, which would cause the control system to shut down the entire power plant. In the reverse case, that is, if the sensor output is much lower than what it should be, the control action may result in much more dangerous consequences.

General characteristics of any CPS/ICS system include:

Ability to interact with the physical environment over a communication channel to receive inputs (for example, temperature) and/or feedback. In this case, unlike a cyberattack, an attacker can cause damage without breaking into the system by remotely triggering a set of physical actions. These actions can be sensed, causing the CPS to exhibit unexpected behavior. This highlights the need to secure the communication channel and the end devices.

Management and control are typically distributed.

Uncertainty regarding readings, status, and trust.

Involves real-time control loops with deterministic performance requirements.

Can be geographically spread over a large area, with components in locations that lack physical security.

These characteristics render cyber-physical security more complex than cybersecurity. In CPS, due to environmental interactions, a security breach has physical safety implications.

This necessitates cyber-physical control systems being inherently resilient. A control system is characterized as resilient when it can maintain state awareness and an accepted level of steady state behavior (operational normalcy) when exposed to abnormal conditions, which include intentional and unintentional errors, malicious attacks, and disturbances (RIE-GERT).

Industrial "things," connectivity, and operational technologies

In ITU-T Y.2060, we came across the following definitions for devices and things in the context of IoT (ITU-IOT): "Device: A piece of equipment with the mandatory capabilities of communication and the optional capabilities of sensing, actuation, data capture, data storage, and data processing. Thing: An object of the physical world (physical things) or the information world (virtual things), which is capable of being identified and integrated into communication networks."

In the IoT context, the capability to communicate and decipher data is an intrinsic property of things. With increasing digitization and connectivity in industries, industrial "things" include a wide spectrum of equipment and devices, starting with low memory, power, and computing footprints. In addition to physical assets, things include virtual objects, too. For example, certain IoT cloud platforms uses the concept of a digital "twin", which is an exact digital replica of its physical counterpart (for example, a wind turbine), to gain greater visibility and easier access to a CPS for efficient fault detection and remediation.

Technologies and platforms that come under the umbrella of IIoT are, in a sense, laying the foundations for greater levels of process efficiency and optimization, ushering in new business models and revenue paradigms. Connectivity is an inseparable dimension of these advancements, and one of the fundamental facets of connectivity is cyber threats, however unfortunate that may sound. As standard-based connectivity technologies replace proprietary industrial protocols, threats commonly seen in IT domains, for example, malware, data exfiltration, unauthorized remote access, and so on, become increasingly applicable to industrial networks as well.

Operational technology

OT refers to the hardware and software dedicated to detect or induce changes in physical processes. OT involves technologies that are used to directly monitor and/or control physical devices such as valves, pumps, and so on. As an example, consider the computing and connectivity technologies involved in an ICS/SCADA system of a power station or a railway locomotive manufacturing facility, which monitors and controls the various physical systems and plant processes.

By adopting IoT, as industries accelerate into the future, it is important to evaluate the current industrial assets and technologies in a typical industrial deployment, and to determine practical mechanisms to transition to greater efficiencies without compromising resiliency. So, before diving deeper into the subject of IIoT security, the prevalent industrial devices, systems, and technologies are discussed in this section.

Machine-to-Machine

Though often incorrectly confused with IoT, digital M2M has existed in industries for the last two to three decades. Broadly speaking, M2M refers to any technology that enables machines to exchange information and perform actions without any human mediation. From that end, M2M is foundational to the development of IoT.

To quote from (GART-IOT) ,"The key components of an M2M system are: Field-deployed wireless devices with embedded sensors or RFID-Wireless communication networks with complementary wireline access includes, but is not limited to cellular communication, Wi-Fi, ZigBee, WiMAX, wireless LAN (WLAN), generic DSL (xDSL), and fiber to the x (FTTx)."

The cellular M2M communications industry can be traced back to when Siemens developed and launched a GSM data module called M1 in 1995. M1 was based on the Siemens mobile phone S6, which was used for M2M industrial applications; it enabled machines to communicate over wireless networks.

In industries, telemetry was a very common use case for M2M, in addition to remote monitoring and the control of field assets.

An overview of SCADA, DCS, and PLC

SCADA is a distributed control system architecture used to control geographically dispersed assets. Distribution systems such as electrical power grids, oil and natural gas pipelines, water distribution, railway transportation, and so on heavily rely on centralized data acquisition and control. A SCADA control center monitors alarms and processes data for field sites, usually over long-distance communications networks. This information from the remote stations is used to push automated or operator-driven supervisory commands to remote field devices (which will be discussed later in this section) to control local operations such as the opening/closing of valves, breakers, collecting sensor data, and so on (NIST-800-82r2).

A DCS is functionally similar to SCADA, though it is typically used for localized control in continuous manufacturing process use cases, for example, a fuel or steam flow in a power plant, petroleum in a refinery, and distillation in a chemical plant. As DCS localizes control functions near the process plant, it is a more cost-effective, secure, and reliable option for uses cases where the control room is not geographically remote.

PLCs are extensively used in most industrial processes. PLCs are solid-state closed-loop control system components that are used in SCADA and DCS to provide operational control of discrete processes such as automobile assembly lines.

Being localized within a factory or plant, DCS and PLC communications use reliable and high-speed