Book Image

Practical Industrial Internet of Things Security

By : Sravani Bhattacharjee
Book Image

Practical Industrial Internet of Things Security

By: Sravani Bhattacharjee

Overview of this book

Securing connected industries and autonomous systems is of primary concern to the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security directly ties to system reliability as well as human and environmental safety. This hands-on guide begins by establishing the foundational concepts of IIoT security with the help of real-world case studies, threat models, and reference architectures. You’ll work with practical tools to design risk-based security controls for industrial use cases and gain practical knowledge of multi-layered defense techniques, including identity and access management (IAM), endpoint security, and communication infrastructure. You’ll also understand how to secure IIoT lifecycle processes, standardization, and governance. In the concluding chapters, you’ll explore the design and implementation of resilient connected systems with emerging technologies such as blockchain, artificial intelligence, and machine learning. By the end of this book, you’ll be equipped with the all the knowledge required to design industry-standard IoT systems confidently.
Table of Contents (22 chapters)
Title Page
Copyright and Credits
Packt Upsell

Chapter 1. An Unprecedented Opportunity at Stake

"Any sufficiently advanced technology is indistinguishable from magic."                                                               - Arthur C. Clarke

Network connectivity has fundamentally changed the world as we know it. In the last four decades, connected computing has fueled a global economy centered around the internet and internet-based applications, and most notably the World Wide Web. It has redefined human communications and our experiences with shopping, banking, and travel. However, when this same connectivity concept extends beyond the human boundaries to otherwise dumb devices and machines, the value latent in these machine data creates unprecedented opportunities, much of which we are probably only anticipating at this point and are yet to harness completely.

The present era of smart connected machines has ushered new markets with enormous growth potential, especially with almost every industrial company being under pressure to exploit the benefits of digital intelligence. In the last five years, most industrial verticals, notably manufacturing, transportation, retail, and healthcare, have begun to embrace connected technologies at scale. These technologies collectively is known as the Industrial Internet of Things (IIoT).

Securing IIoT deployments against cyber threats, however, remains a major challenge. The consequences of an IIoT security breach are much more severe than compromises of traditional IT deployments. In the case of a hack in IIoT systems, in addition to the usual IT-based fallouts such as reputation damage and financial loss, there could be loss of life and/or environmental damage. Since IIoT systems interact with the physical environment, the security paradigms of e-commerce and IT infrastructures significantly differ in the cyber-physical domains in terms of attack vectors, threat actors, and impact.

Nevertheless, while cyber-insecurity is the undeniable flip-side of connectivity, security-by-obscurity is no longer an option. The benefits of industrial data and cloud connectivity offer enormous advantages that cannot be ignored. Industries will embrace these new technologies and must therefore balance them with adequate safety and security controls.

For any connected industry use case, security is a business and moral imperative. Much research, innovation, and investment are being directed world-wide to secure connected industries. This book combines these developments to provide a comprehensive understanding of IIoT security, and will equip the reader with practical know-how and tools to tackle both its technical and business aspects. Readers will find the important concepts and techniques needed to plan, design, and build resilient IIoT systems and can benefit from the experiences of IIoT security experts on these topics.

In this chapter, we shall establish a solid foundation by discussing the following topics:

  • Defining the Industrial IoT
  • Industrial IoT security – a business imperative
  • Cybersecurity versus cyber-physical IoT security
  • Industrial "things," connectivity, and operational technologies (OT)
  • IT and OT convergence – what it really means
  • Industrial IoT deployment architecture
  • Divergence in IT and OT security fundamentals
  • Industrial threats, vulnerabilities, and risk factors
  • Evolution of cyber-physical attacks
  • Industrial IoT use cases – examining their cyber risk gap