Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Practical Industrial Internet of Things Security
  • Toc
  • feedback
Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

By : Sravani Bhattacharjee
5 (3)
close
Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

5 (3)
By: Sravani Bhattacharjee

Overview of this book

Securing connected industries and autonomous systems is of primary concern to the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security directly ties to system reliability as well as human and environmental safety. This hands-on guide begins by establishing the foundational concepts of IIoT security with the help of real-world case studies, threat models, and reference architectures. You’ll work with practical tools to design risk-based security controls for industrial use cases and gain practical knowledge of multi-layered defense techniques, including identity and access management (IAM), endpoint security, and communication infrastructure. You’ll also understand how to secure IIoT lifecycle processes, standardization, and governance. In the concluding chapters, you’ll explore the design and implementation of resilient connected systems with emerging technologies such as blockchain, artificial intelligence, and machine learning. By the end of this book, you’ll be equipped with the all the knowledge required to design industry-standard IoT systems confidently.
Table of Contents (14 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
An Unprecedented Opportunity at Stake
chevron up
An Unprecedented Opportunity at Stake
Defining the Industrial IoT
Industrial IoT security – a business imperative
Cybersecurity versus cyber-physical IoT security
Industrial "things," connectivity, and operational technologies
IT and OT convergence – what it really means
Industrial IoT deployment architecture
Divergence in IT and OT security fundamentals
Industrial threats, vulnerabilities, and risk factors
Evolution of cyber-physical attacks
Industrial IoT use cases – examining the cyber risk gap
Summary
2
Industrial IoT Dataflow and Security Architecture
Industrial IoT Dataflow and Security Architecture
Primer on IIoT attacks and countermeasures
Trustworthiness of an IIoT system
Industrial big data pipeline and architectures
Industrial IoT security architecture
Summary
3
IIoT Identity and Access Management
IIoT Identity and Access Management
A primer on identity and access control
Distinguishing features of IAM in IIoT
Identity management across the device lifecycle
Authentication and authorization frameworks for IIoT
Trust models – public key infrastructures and digital certificates
PKI certificate standards for IIoT
Extending the OAuth 2.0 authorization framework for IoT access control
IEEE 802.1x
Identity support in messaging protocols
Monitoring and management capabilities
Building an IAM strategy for IIoT deployment
Summary
4
Endpoint Security and Trustworthiness
Endpoint Security and Trustworthiness
Defining an IIoT endpoint
Endpoint security enabling technologies
IIoT endpoint vulnerabilities
Establishing trust in hardware
Endpoint identity and access control
Initialization and boot process integrity
Establishing endpoint trust during operations
Endpoint data integrity
Endpoint security using isolation techniques
Endpoint physical security
Machine learning enabled endpoint security
Endpoint security testing and certification
Endpoint protection industry standards
Summary
5
Securing Connectivity and Communications
Securing Connectivity and Communications
Definitions – networking, communications, and connectivity
Distinguishing features of IIoT connectivity
IIoT connectivity architectures
Controls for IIoT connectivity protection
Security assessment of IIoT connectivity standards and protocols
Fieldbus protocols
Connectivity framework standards
Connectivity transport standards
Connectivity network standards
Data link and physical access standards
Summary
6
Securing IIoT Edge, Cloud, and Apps
Securing IIoT Edge, Cloud, and Apps
Defining edge, fog, and cloud computing
IIoT cloud security architecture
Cloud security – shared responsibility model
Defense-in-depth cloud security strategy
Infrastructure security
Identity and access management
Application security
Data protection
Data encryption
Securing the data life cycle
Cloud security operations life cycle
Secure device management
Cloud security standards and compliance
Case study of IIoT cloud platforms
Cloud security assessment
Summary
7
Secure Processes and Governance
Secure Processes and Governance
Challenges of unified security governance
Securing processes across the IIoT life cycle
Understanding security roles
Elements of an IIoT security program
Security maturity model
Implementing an IIoT security program
Summary
8
IIoT Security Using Emerging Technologies
IIoT Security Using Emerging Technologies
Blockchain to secure IIoT transactions
Cognitive countermeasures – AI, machine learning, and deep learning
Time-sensitive networking – Next-gen industrial connectivity
Other Promising Trends
Summary
9
Real-World Case Studies in IIoT Security
Real-World Case Studies in IIoT Security
Analysis of a real-world cyber-physical attack
Case study 2 – Building a successful IIoT security program
Case study 3 – ISA/IEC 62443 based industrial endpoint protection
Summary
10
The Road Ahead
The Road Ahead
An era of decentralized autonomy
Endpoint security
Standards and reference architecture
Industrial collaboration
Interoperability
Green patches in brownfield
Technology trends
Summary
11
I
I
12
II
II
Security standards – quick reference
13
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Industrial IoT deployment architecture

Although IIoT architectures have many use case-specific variations, in this section, we shall consider a basic example architecture to establish the context. Subsequent chapters present multiple IIoT reference architectures and architecture-based case studies.

Most IIoT deployments are brownfield, and involve both new and legacy technologies. In the following diagram, the main components of the architecture are:

  • Sensor networks (communicating over Wi-Fi/BLE)
  • A controller/aggregator
  • An edge gateway connecting the industrial systems to cloud-based platforms for analytics
  • Business applications used for data visualization and insights:
Figure 1.7: A typical IIoT deployment architecture
In this book, the terms greenfield and brownfield are used often. A greenfield refers to an IIoT use case that is developed from scratch rather than built on top of an existing deployment; the latter is referred to as a brownfield.

In the case of a brownfield deployment, as shown in the following diagram, the SCADA network is connected to the cloud via an edge gateway. Traffic needs to be securely controlled both at the ingress and at the egress of the edge device:

Figure 1.8: A brownfield IIoT architecture for an ICS/SCADA system

In the case of a large wind farm, several remote windmill units are controlled by the ICS/SCADA system. With the adoption of IIoT, the wind farm gets connected to a cloud-based IoT platform. Data from the wind turbines is sent up to a data center to do analytics and so on in the cloud. The turbine data has to go through an edge device, which can be a gateway, center hub, or edge controller. This edge device collects telemetry and diagnostics information from the wind farm sensors. In this edge device, a lot of protocol handshakes and translations occur, and as such, it provides a sweet spot for attackers to inject malware. The vulnerable edge device needs to be fortified with security counter measures. For example, deep inspection of packet flow to inspect both IT and OT protocols (MODBUS, TCP, and UDP) to detect anomalies is important.

Such deployments involving multiple vendors and technologies provide a favorable environment for mistakes, oversight, and misconfigurations. So, there must be enough visibility to see exactly what's happening in the OT network. In traditional OT networks, there is a serious lack of traffic visibility as compared to IT networks, in terms of traffic flows, source destination information, and so on. That's because historically, OT environments were considered immune to cyberattacks. Besides that, proprietary technologies and "security by obscurity" principles were erroneously deemed to be secure by design.

End of Section 7
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete