Tuesday, March 7, 2017

Industrial Internet of Things and Security, What do you need to ensure?

Industrial Internet if Things and CyberSecurity

Industrial Internet of Things is an open access to data from one or more monitoring and control systems to third-party applications to provide unique additional value to stakeholders. The main part is connectivity, smart devices that communicate the sensed data, such as vibration, level, pressure, flow, etc. These devices sometimes need to be adapted so that the data is actually converted into valid information. This information is then stored in large capacity systems such as the cloud, where there must be an information search optimization that allows access to information in real time and apply complex analysis to provide products and services with a unique value for those interested.
One of the major concerns of IIoT is about how secure the information is sent to the cloud, how reliable it is, what protections or cyber security exists against attacks.

Recently I attended a webinar conducted by Plant Engineering called Security for IIoT.  These are some of the things that I found interesting:

This is where companies decide whether to continue to use local networks or use external networks to handle data in the cloud.
The processing of information in local industrial networks has the following advantages:
A low latency (sum of time delays within a network caused by delay in the propagation and transmission of packets inside the network) very important for applications where real-time response is required.
Data privacy, being a local network, information is not exposed to external networks. We can ask what information is needed to be manipulated only in the local network and what information can be shared to be analyzed in the cloud.
The processing of information in the cloud has the following advantages:
Reduce the load on local networks, sending information that was originally processed in the local network to be processed in the cloud frees the memory of local servers making them more efficient.
The cloud has the ability to provide deeper analysis of information by applying the algorithms developed for IT networks.
It can handle more information compared to local networks, not only to store information, but also to optimize and organize it.
It allows the scalability of these analyzes to other facilities, to be used for decision-making or to provide better services.
We can make a comparison of the processing in the control network or in the cloud, like when you have money and you want to put it under the bed to “keep it safe” or you can decide to put it in a bank where you can have easier access to money and also keep it safe. Most cloud providers focus on information security, investing significant amounts of money to improve security in contrast to factories where data security is sometimes not the best. Hence the question arises, where it is better to place my information, in the bank or under the bed.
Industries can opt to select which data they want to maintain on local networks and which can be uploaded to the cloud to create hybrid systems by placing some of the information in the local control network and some non-critical information in the cloud.

Evolution of cyber security

Control systems initially used serial communication, there were no control networks. When operational networks (OTs) were started, it was established that there was no direct or indirect Internet connection (IT) because security issues. Then, the operational networks (OT) started using communication protocols that are unfamiliar to cyberattacks. Later, smart devices connected to the control networks through IP are becoming more popular, which generates more access points to the network and more vulnerability. This is a security risk that current systems are working on, as well as the cyber security improvements of legacy and new systems.

What do you need to insure?

When talking about cyber security in Industry, the main focus of industry owners is to be able to secure the various components of the red OT control (hardware and software) that is most vulnerable to the IIoT embedded system. So the focus should be on the PLCs, DCS, HMI, SCADA and sensors, especially with the high growth sensors with IP connection that needs to be safe.

The IT network should also definitely offer high security standards, but the security of these systems is usually the focus of the companies that deliver this service.
The increase in IIoT devices generates a security cycle, new IIoT devices new mechanisms for defense protection and new standards-based security architectures and experience seeking simplicity to make more effective and new methods to wrap and eliminate threats. Then, connect new IP devices and continue the cycle.

Some are asking about security embedded in the smart sensors, some sensors with this ability been developed but they have not been very popular because of their cost and complexity.

Are legacy systems secure?

In reality, they are not, the security strategy of being isolated physically is not the best, that makes them more vulnerable in the presence of an attack. They do not have enough defense for attacks introduced by portable disks or by wifi. These legacy systems were not made to withstand the attacks, they have a poor ability to detect and combat them.

What is the cyber security market offering and what do people buy?
The market offers services, software and hardware. Services lead the way in procurement, these are based on assessments and audits, design, implementation, training and security management.
Second is the software, which provides encryption, security information, event management and application software lists that are allowed to be present and active in the system.
In the third place we have the hardware, with the sale of firewalls, gateways, routers, data-diodes and DPI (Deep packet inspection).

What are the industries that are spending more money on cyber security?

According with a analysis from IHS, The Oil & Gas industries, as well as the power generation, are those that invest the most money in cyber security. You can check how are doing other industries here.

System security is definitely the biggest concern companies have to implement the IIoT, it is hoped that better solutions can be developed to make the industry feel much more comfortable with this new industrial revolution.