Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Practical Industrial Internet of Things Security
  • Toc
  • feedback
Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

By : Sravani Bhattacharjee
5 (3)
close
Practical Industrial Internet of Things Security

Practical Industrial Internet of Things Security

5 (3)
By: Sravani Bhattacharjee

Overview of this book

Securing connected industries and autonomous systems is of primary concern to the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security directly ties to system reliability as well as human and environmental safety. This hands-on guide begins by establishing the foundational concepts of IIoT security with the help of real-world case studies, threat models, and reference architectures. You’ll work with practical tools to design risk-based security controls for industrial use cases and gain practical knowledge of multi-layered defense techniques, including identity and access management (IAM), endpoint security, and communication infrastructure. You’ll also understand how to secure IIoT lifecycle processes, standardization, and governance. In the concluding chapters, you’ll explore the design and implementation of resilient connected systems with emerging technologies such as blockchain, artificial intelligence, and machine learning. By the end of this book, you’ll be equipped with the all the knowledge required to design industry-standard IoT systems confidently.
Table of Contents (14 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
An Unprecedented Opportunity at Stake
An Unprecedented Opportunity at Stake
Defining the Industrial IoT
Industrial IoT security – a business imperative
Cybersecurity versus cyber-physical IoT security
Industrial "things," connectivity, and operational technologies
IT and OT convergence – what it really means
Industrial IoT deployment architecture
Divergence in IT and OT security fundamentals
Industrial threats, vulnerabilities, and risk factors
Evolution of cyber-physical attacks
Industrial IoT use cases – examining the cyber risk gap
Summary
2
Industrial IoT Dataflow and Security Architecture
Industrial IoT Dataflow and Security Architecture
Primer on IIoT attacks and countermeasures
Trustworthiness of an IIoT system
Industrial big data pipeline and architectures
Industrial IoT security architecture
Summary
3
IIoT Identity and Access Management
IIoT Identity and Access Management
A primer on identity and access control
Distinguishing features of IAM in IIoT
Identity management across the device lifecycle
Authentication and authorization frameworks for IIoT
Trust models – public key infrastructures and digital certificates
PKI certificate standards for IIoT
Extending the OAuth 2.0 authorization framework for IoT access control
IEEE 802.1x
Identity support in messaging protocols
Monitoring and management capabilities
Building an IAM strategy for IIoT deployment
Summary
4
Endpoint Security and Trustworthiness
Endpoint Security and Trustworthiness
Defining an IIoT endpoint
Endpoint security enabling technologies
IIoT endpoint vulnerabilities
Establishing trust in hardware
Endpoint identity and access control
Initialization and boot process integrity
Establishing endpoint trust during operations
Endpoint data integrity
Endpoint security using isolation techniques
Endpoint physical security
Machine learning enabled endpoint security
Endpoint security testing and certification
Endpoint protection industry standards
Summary
5
Securing Connectivity and Communications
Securing Connectivity and Communications
Definitions – networking, communications, and connectivity
Distinguishing features of IIoT connectivity
IIoT connectivity architectures
Controls for IIoT connectivity protection
Security assessment of IIoT connectivity standards and protocols
Fieldbus protocols
Connectivity framework standards
Connectivity transport standards
Connectivity network standards
Data link and physical access standards
Summary
6
Securing IIoT Edge, Cloud, and Apps
chevron up
Securing IIoT Edge, Cloud, and Apps
Defining edge, fog, and cloud computing
IIoT cloud security architecture
Cloud security – shared responsibility model
Defense-in-depth cloud security strategy
Infrastructure security
Identity and access management
Application security
Data protection
Data encryption
Securing the data life cycle
Cloud security operations life cycle
Secure device management
Cloud security standards and compliance
Case study of IIoT cloud platforms
Cloud security assessment
Summary
7
Secure Processes and Governance
Secure Processes and Governance
Challenges of unified security governance
Securing processes across the IIoT life cycle
Understanding security roles
Elements of an IIoT security program
Security maturity model
Implementing an IIoT security program
Summary
8
IIoT Security Using Emerging Technologies
IIoT Security Using Emerging Technologies
Blockchain to secure IIoT transactions
Cognitive countermeasures – AI, machine learning, and deep learning
Time-sensitive networking – Next-gen industrial connectivity
Other Promising Trends
Summary
9
Real-World Case Studies in IIoT Security
Real-World Case Studies in IIoT Security
Analysis of a real-world cyber-physical attack
Case study 2 – Building a successful IIoT security program
Case study 3 – ISA/IEC 62443 based industrial endpoint protection
Summary
10
The Road Ahead
The Road Ahead
An era of decentralized autonomy
Endpoint security
Standards and reference architecture
Industrial collaboration
Interoperability
Green patches in brownfield
Technology trends
Summary
11
I
I
12
II
II
Security standards – quick reference
13
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Data encryption

Data encryption protects data confidentiality; however, applying encryption to all data is not always required, nor is it efficient or cost effective when not needed. The cloud platform provider and tenant can mutually decide on a use case-specific data encryption policy, considering the scope of encryption, where to apply encryption, and also the organizational and regulatory requirements.

The scope of encryption defines which data types need encryption, encryption key usage, and so on. If these parameters are user configurable, then the platform provider needs to implement a default encryption mechanism to enable less educated customers protect themselves. When data needs to be persistently stored outside the data center and on-premises, such as in a mobile device, then encryption methodologies must be decided as part of the deployment requirements (device policies and so on).

Encryption of data in transit typically uses connectivity framework mechanisms (for example, DDS...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 13
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete