Security is a foundational element of IIoT adoption. Before diving into the paradigms of the IIoT security framework, let's first define and fathom the expanses of IIoT.
The Internet of Things in itself is gaining a pervasive scope, resulting in the many ways that it is defined and described. The Internet Engineering Task Force (IETF), states that "in the vision of the IoT, "things" are very various such as computers, sensors, people, actuators, refrigerators, TVs, vehicles, mobile phones, clothes, food, medicines, books, etc." (Minerva, Biru, and Rotondi 2015 (https://www.tandfonline.com/doi/full/10.1080/23738871.2017.1366536) Minerva, R., A. Biru, and D. Rotondi. 2015. "Towards a Definition of the Internet of Things (IoT)." IEEE Internet Initiative, Torino, Italy, 1. (Google Scholar)).
However, for the scope of our discussion in this book, we shall primarily lean on the following definition of the Internet of Things, which has been excerpted from (IEEE-IOT):
"An IoT is a network that connects uniquely identifiable "things" to the internet. The "things" have sensing/actuation and potential programmability capabilities. Through the exploitation of the unique identification and sensing, information about the "thing" can be collected and the state of the "thing" can be changed from anywhere, anytime, by anything."
This definition mentions the collection of information about the thing and also the possibility of changing the state of the thing from anywhere, anytime, and by anything. In other words, the connected things are, by design, vulnerable to harvesting and subjugation without the need for authority. This highlights the importance of security to protect IoT, a topic that will be delved deeper into in the rest of this book.
From a functional perspective, IoT is essentially an enabler to digitize and interconnect physical assets. By embedding the communication protocol stack and software logic (or smarts), otherwise dumb entities such as appliances, sensors, actuators, or any device or machinery can intelligently communicate data without any human intervention. The enormous quantity of data (rather big data) generated by things can be analyzed to gain data-driven insights and to offer value-added products and services.
The IIoT digitally transforms industrial and enterprise operations by adding smarts and connectivity to machines, people, and processes. IIoT converges technical advancements in multiple areas, including:
- Innovations in network connectivity (low energy wireless, edge and cloud technologies)
- Low-cost sensing and computing with machine learning
- Sensor-generated big data
- Machine-to-machine (M2M) communications
- Automation technologies those have existed in the industry for many years
IIoT is also interchangeably referred to as the Industrial Internet, a term originally coined by General Electric(GE). GE defines the Industrial Internet as (GE-IIoT) "the convergence of the global industrial system with the power of advanced computing, analytics, low-cost sensing and new levels of connectivity permitted by the internet."
GE's Industrial Internet refers to the third wave of innovation in industrial environments, the first two waves being the industrial revolution, followed by the Internet revolution, as shown in the following diagram:
Figure 1.1: Industrial Internet—the third wave of industrial innovation; Source: Adapted from https://www.i-scoop.eu/industry-4-0/
Industrie 4.0 is a digital transformation project that was launched (https://www.i-scoop.eu/industry-4-0/) by Germany in 2011 and widely referenced in Europe (ISP-4IR). It refers to connected cyber-physical systems (discussed later in this chapter). The Industrial Internet concept is comparable to the fourth revolution, as illustrated in figure 1.2.
Industrie 4.0 is primarily focused on the digital transformation of manufacturing by leveraging technologies such as big data/analytics and IoT. This transformation is catalyzed by the convergence of information technology (IT) and OT, robotics, data, artificial intelligence, and manufacturing processes to realize connected factories, smart decentralized manufacturing, self-optimizing systems, and the digital supply chain in the information-driven, cyber-physical environment of the fourth industrial revolution, sometimes called 4IR (ISP-IIoT):
Figure 1.2: Industrie 4.0 as the fourth Industry Revolution (4IR); Source: Partially adapted from DKFI 2011 www.dfki.de
According to top analyst firms, over the next decade, the number of connected machines is estimated to be in the order of tens of billions, while through accelerated productivity growth, the global gross domestic product (GDP) is estimated to expand in double digits. Increases in efficiency, data management, productivity, and safety are the core drivers for IIoT adoption.
Interestingly, this wave of digital transformation in various industry verticals is also a key driver for safety and security technologies in order to realize reliable systems and architectures.
The value of sensor-embedded connected devices took a giant leap with the ubiquity of smartphones. Hand-held mobile phones morphed from being just a data and voice communication device to a versatile commodity that assists in navigation, news, weather, health, and so on. The iPhone itself boasts of a number of sensors for proximity, motion/accelerometer, ambient light, moisture, a gyroscope, a compass, and so forth. Apple watch, Fitbit, Amazon Echo, and so on have heralded a whole new era of smart, personal wearables, along with ingestible and home controls, thus opening up entirely new market segments. These home and personal devices together are most commonly understood as the Internet of Things.
However, these same principles when applied at scale—in enterprises and industries—multiply both in terms of complexity and benefits. The Industrial Internet Consortium (IIC) was established in March 2014 with the mission to accelerate the industrial adoption of IoT, by creating standards to "connect objects, sensors and large computing systems." This formally delineated IIoT from consumer IoT, the latter being more focused on personal and home automation gadgets and appliances, and dealing with different security postures when compared to IIoT.
In this book, the term IIoT refers to scalable internet of things architectures that are applicable to enterprises across a wide variety of industry verticals, such as energy, water, farming, oil and gas, transportation, smart cities, healthcare, building automation and so on, and will be referred to by its short form, IIoT.
In many contexts, the use of the term IIoT is limited to being a connectivity enabler, just like the internet enabled the connection of computers. However, we look at IIoT as more than connectivity. It encompasses the entire industrial value chain, which involves embedded intelligence, network connectivity, harnessing big data, machine learning/AI, the smart supply chain, and advanced analytics-driven business insights.