Isolating Cyber Threats While Enhancing IoT Infrastructure
Published on : Saturday 05-03-2022
Medium to large companies are more exposed to mischievous cyber-attacks that result in immeasurable losses, says Jasbir Singh.
The Internet of Things (IoT) describes physical objects (or groups of such objects) that are embedded with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other communications networks. IoT deployments pose unique new security, privacy and compliance challenges to businesses worldwide.
In the process of digitalisation, the wide use of IoT device-based applications generate enormous economic advantages for industries and enable broad innovations that cover a wide swathe of industries from oil & gas to energy, manufacturing to logistics, diagnostics to healthcare, local to remote accessibility to monitor and control. Wide use of IoT in smart plants/systems covers everything like monitoring, control, production, predictive maintenance and shipment predictability to customers in lean systems. Digitally connected availability of products at warehouses and customers using technologies to remote access from mobile apps shall reduce operational/logistic complexity, reduce costs and improve time to customer. With the advancement of technology, engineers are predicting even more extensive use of IoT enabled devices and services (IoS) in the future, with devices evolving for newer applications, services and data collections apps revolutionising the IoT space, for organisations/industry to take advantage of emerging technologies.
IoT deployments bring a new security and compliance challenges to the user for the applications being developed for the solutions in business. Cybersecurity, mostly considered for software used for the system in business and now security for IoT, adds an additional layer of complexity in the cyber and physical device connection. Operations and maintenance in office/factory/manufacturing the IoT integration rely on device connectivity to enable users to operate, and services to interact device/system by login to troubleshoot, by exchanging data from devices, logic controller or server. Companies integrate IoT based modular system for predictive maintenance, using IoT security standards to adhere as it is essential for operational technology (OT), which is important and vulnerable to risks in the event of breaches, can cause catastrophe and big financial loss.
IoT security standards in OT segment are not yet mandatory or parts of industrial standards/application engineering or enforced by governmental regulations, unlike those covered in IT standards.
IoT devices are even smaller and specialised for use with various process applications that are sometimes becoming dangerous, posing serious security risk when connected to computers through network or using wireless protocol. The possibility of being attacked by hackers has increased, leading to issues beyond failure only to IoT devices but also posing security risks to other attached systems in the network. Most common IoT devices possibly can become unsafe if these are placed to communicate through the internet. Attackers once penetrate into a system take control of computers, can steal data or modify the control algorithm for continuous fetching of information for their use and disrupt the entire business process. Manufacturing processes line can abruptly go wrong or stop with no reason, or may lead to human fatalities among those operating the lines or facilities in the event of breaches, can cause catastrophic and big financial losses.
Traditionally we think that cybersecurity breach occur only in software; however IoT adds an extra layer of complexity. In operational and maintenance functions the use of IoT devices makes end-to-end device connectivity by allowing the user to login, interact, troubleshoot, exchange data from connected devices. Companies are always eager to take advantage of IoT to improve efficiencies by predictive maintenance. The need to adhere to IoT security standards is essential, because any breach in operational technology (OT) is disastrous and a loss of opportunity.
Medium to large companies are more exposed to mischievous cyber-attacks that result in immeasurable losses such as privacy breaches, company business data corruption, server/system crashes, interruptions in operation, stoppage of supply line, customer connectivity, reliability on logistics, market losses and serious financial burdens. Cyber criminals are using a variety of tactics to abuse the weak security system or firewall among rapidly growing digitisation in businesses (Fig 1).
IoT cybersecurity companies recommend protecting data, devices and connections at with four levels of protection (Fig 2).
1. *User means person or other secure devices, systems or applications using edge computing.
a. IoT devices should be ‘smart and intelligent’ which are able to handle security during communication by authentication, encryption, timestamps, high-speed data storage layer in transients, proxies, firewalls, connection loss, etc.
b. Devices should be strong and able to operate in the field with limited or no support. These smart devices can process the data locally by edge computing and can communicate in form of applications.
2. Interface gateway and network communicating technology (messaging).
a. The gateway and communication layer is the connectivity networks of the IoT to cloud where the data can be securely received or transmitted.
b. The data is in transit uses the physical layer (e.g., WiFi, 802.15.4 or Ethernet), in networking layer (IPv6, Modbus, TCPIP or OPC-UA), or in application layer (MQTT, CoAP or web-sockets) where any unsecure communication can be prone to hacker intrusions.
c. Data that is encrypted in transit should make is meaningless/non-useful to hackers unless the user has the right encryption key to unlock the code.
d. Firewalls and intrusion prevention systems used to stop communication at the device itself, when it detects unwanted intrusions or detect malicious activities happening on the communication layer.
3. Authentication, encryption, storage and execution of algorithms
a. The device should only initiate the connection to the cloud as one way communication but it should not allow data for incoming connections.
b. A connection to the cloud can also facilitate a bi-directional channel, thereby allowing the IoT device to be remotely controlled.
c. Communications to the IoT device should be carefully managed either unidirectionally or both way communication.
d. Lightweight message-based protocols have specific advantages for IoT devices which have options for selecting double queuing, encryption, filtering and even sharing with third parties.
e. Verification of the integrity of other cloud platforms and third-party applications which communicate with our cloud services helps to protect against any malicious activity.
f. Digital certificates can help for easy identification and authentication required for IoT communication. Digital certificates uses an asymmetric, encryption based, authentication system which is designed to authenticate a transaction and also encrypt the channel from device to cloud communication before the authentication takes place.
4. Life cycle management – Remote up-dation of system software and management.
a. Security in design is the first step to keep an IoT solution secure.
b. Lifecycle include policy enforcement, regular auditing and system control.
c. IoT devices and applications needs security patches to strengthen resistance against attack and fix any possible vulnerabilities in future.
d. Secure remote control is also important when maintaining a large IoT devices connected.
e. Remote control of a device is required for remote diagnostics, updating with new configuration, updating with patched for buggy software, updating files, improving machine learning algorithm with a new data and more.
In process plants, to monitor and control with instrumentation using Wireless and HART sensors/devices network, end-to-end CCM mode 128-bit AES encryption is provided at the network/transport layer from the data source to the data consumer – the Gateway. In addition to individual session keys, a common network encryption key is shared among all devices on a network to facilitate broadcast activity as needed.
Wireless process instrumentation is working with the following environment:
1. Radios frequency which complies with IEEE 802.15.4-2006.
2. Using 2.4GHz license free frequency band.
3. Signal “Hops” across multiple devices in mesh network to avoid interference.
Adding of IoT devices in process plant brings an extra element for better performance but it has ingresses with extra risk/security challenge to implement. The following points must be considered while working with IoT devices:
a. When data should be stored/transmitted to the device or the cloud
b. Which level of encryption is needed to the data
c. Knowledge of the types of firewalls used in the IoT cloud
d. Business must have the correct culture to address security risks of IoT based system
e. Ensure all vendors to provide rootkit malware protection
f. Vulnerability of device during installation
g. Secure IoT architecture and enable for remote testing of firmware
h. Vulnerabilities during regular service of automation devices, and
i. Instant detection of any rootkit malware problems.
Some vulnerability issues must be considered during full life cycle management of IoT system
a. Secure maintenance processes to access the devices, networking and cloud data management
b. Secure access and high privilege levels for limited people in IoT implementation, and
c. Secure process to updates in firmware and software and it may ensure digitally signed or authenticated access.
Manufacturers sometime believe that they have ‘nothing of importance’ that hackers would like to target, or ‘no value-added product if targeted’ by cybercriminals. The increasing connectivity due to advancement in digitalisation in process with Industry 4.0 and the use of data within manufacturing networks will grow in the long run. Company may lose track of its data flow, used in equipment digital control system and connected accessories to interconnect, which may lead to bigger issues in the long run. Industries have to be more focused in today’s rapidly enhancing digitalisation in smart plants.
Jasbir Singh is an Automation Expert having long experience in Factory Automation, Line Automation, Implementation Strategist, Business Coach, Regular writer on automation, Artificial Intelligence, Robots/Cobots, Digital Technology, Network Communication, Industrial Internet of Things (IIoT), Wireless Communication, Block Chain and use of advance digital technologies. He has established a long association with Business Houses/large production houses to improve factory automation in their production lines as well as productivity improvement in factories in India and overseas; and in advising and designing the units to transform into digital platforms by use of Artificial Intelligence. Email: [email protected]
