SECURITY CHALLENGES FOR INDUSTRIAL IOT GATEWAYS

What is IIoT?

The industrial internet of things (IIoT) is a specific domain of internet of things (IoT), bringing to the industrial sector key applications, such as machine-to-machine (M2M) communication, data analytics, and Artificial Intelligence. It is the engine, heart and soul behind the fourth industrial revolution, or as it’s commonly known Industry 4.0.

One of the main benefits of IIoT is the ability to collect and utilize data using sensors and edge gateways connected to a network of industrial machines in real-time. This network of industrial “things” allows even the most complex production line or infrastructure to work in full optimization, with minimum human intervention, full insight into the operation, and complete control over every aspect.

The automation and optimization is gained on top of existing technologies such as:

Industrial Control Systems (ICS)
Supervisory Control and Data Acquisition (SCADA)
Distributed Control Systems (DCS)
Programmable Logic Controllers (PLC)
Human Machine Interfaces (HMI)

Security Hazards in IIoT

When discussing potential hazards in Industrial IoT, the terms safety and security are sometimes confused and used interchangeably. To simplify, safety is targeted to reduce the unintentional risk of physical injury or damage to health, while security is the protection of the computer network infrastructure from intentional theft or damage.

Connecting sensors, edge gateways, NVRs and industrial routers to new or even legacy equipment, that might have been deployed in some cases even over a decade ago, makes the IIoT solution vulnerable to hazards.

There are a large number IoT security breaches, some examples include:

A malicious computer worm responsible for causing substantial damage to Iran’s nuclear project by targeting PLCs responsible for extracting nuclear material.
Malware developed to attack Linux based devices connected to a network and turn them into remotely controlled bots.
IoT hacking demonstration on connected cars.
WiFi connected devices allowing the attacker to exploit the vulnerabilities of the users.

For more info on IoT security breaches read here.

Among other considerable consequences, unsecured IIoT systems can lead to operational disruption and monetary loss. The state of the current industry is such that IoT providers are focused on developing their solutions and rely on the network to provide cyber protection. However, the network is not designed to provide cyber protection in the granularity and protection level required to protect IoT devices.

This alarming situation has recently led the state of California to regulate the cyber protection of IoT devices:

“effective on January 1, 2020. The California IoT law requires manufacturers of connected devices to equip the device with a reasonable security feature or features that are all of the following: appropriate to the nature and function of the device; appropriate to the information the device may collect, contain, or transmit; and,designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure.”

The Two Layered Approach

Securing IIoT systems requires connected threat defense and end-to-end protection, from the gateway to the endpoint. This where the two-layered model comes in.

System Security (SoC): Security is playing an increasing role in SoC design. For example, the new IIoT oriented NXP i.MX8M Plus (a new member of the i.MX8 family), has a robust approach to dealing with such threats, including hardware reverse engineering, malware insertion, modifying/replacing the device image version, rollback attacks by features such as secure boot, encrypted boot, hardware firewall and run-time integrity checker (RTIC).

Access Management Platforms: solutions that provide various remote features tailored made to the IoT security domain such as:

Access control – ensuring policies are actually respected and enforced.
Cyber protection – detecting, stopping and reporting illegal attempts to communicate with the connected devices.
Network management – complete mapping of connected devices and security alerts. Real-time multi-site and multi-vendor management.

This post is based on a joint session between product marketing teams from SolidRun and EasySec.

For more info: [email protected], [email protected]