Book Image

Practical Industrial Internet of Things Security

By : Sravani Bhattacharjee
Book Image

Practical Industrial Internet of Things Security

By: Sravani Bhattacharjee

Overview of this book

Securing connected industries and autonomous systems is of primary concern to the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security directly ties to system reliability as well as human and environmental safety. This hands-on guide begins by establishing the foundational concepts of IIoT security with the help of real-world case studies, threat models, and reference architectures. You’ll work with practical tools to design risk-based security controls for industrial use cases and gain practical knowledge of multi-layered defense techniques, including identity and access management (IAM), endpoint security, and communication infrastructure. You’ll also understand how to secure IIoT lifecycle processes, standardization, and governance. In the concluding chapters, you’ll explore the design and implementation of resilient connected systems with emerging technologies such as blockchain, artificial intelligence, and machine learning. By the end of this book, you’ll be equipped with the all the knowledge required to design industry-standard IoT systems confidently.
Table of Contents (22 chapters)
Title Page
Copyright and Credits
Dedication
Packt Upsell
Foreword
Contributors
Disclaimer
Preface
I
I
Index

Securing the data life cycle


Data generated by connected assets has a life cycle. Device-cloud communication involves data acquisition, processing, retention, and deletion. In order to protect the privacy of data across its life cycle, policies need to enumerate the responsibilities of all parties covering the entire period of contract engagement.

Encryption of sensitive data protects data during acquisition, protection, and retention phases.

Data activity monitoring services provide logging and auditing traces associated with the data access, changes, and events, often at a data-element level of granularity. Thresholds and rules define the normal activity to flag alerts in the case of data anomalies. In multi-tenant environments, the visibility of these events should be limited only to associated tenants and users. While the cloud platform provider may provide proprietary data monitoring solutions, some well-known third-party solutions include IBM Guardium Data Activity Monitoring and Imperva...