The Industrial IoT (IIoT) is ushering in enormous social and economic opportunities. It has introduced a new era of autonomous machines and intelligent processes. However, an undeniable side effect of connectivity is exposure to cyber intrusions. Security is therefore a top concern in IIoT adoption. IIoT security is intricately linked to the reliability of physical systems, as well as human and environmental safety.
This book provides a comprehensive understanding of the entire gamut of IIoT security and practical techniques to build and adopt secured IIoT solutions. In this book, readers will find expert insights into the foundational tenets of IIoT security, threat models, reference architectures, and real-world case studies.
This book covers practical tools for designing risk-based security controls, and goes into depth regarding multi layered defense techniques involving IAM, endpoint security, connectivity technologies, and edge- and cloud-based applications, such that you gain a solid grasp of this crucial security discipline. Developers, architects, plant managers, manufacturers, and business leaders are just some of the people who should be concerned with securing IIoT life cycle processes, standardization and governance, and assessing the applicability of emerging technologies (for example, blockchain, AI/machine learning, TSN, and quantum) with a view to implementing resilient and socially beneficial connected systems at scale.
This book targets IIoT practitioners, including IIoT researchers, security professionals, architects, developers, and business stakeholders. Anyone who needs to have a comprehensive understanding of the unique safety and security challenges of connected industries, and who needs to learn practical methodologies to secure industrial assets, will find this book immensely helpful. This book is uniquely designed to benefit professionals from both IT and industrial operations, backgrounds.
Chapter 1, An Unprecedented Opportunity at Stake, introduces you to the foundational IIoT concepts, definitions, and unique challenges in securing ICS/SCADA/DCS systems. The chapter also dives into security assessment of a few prominent IIoT use cases.
Chapter 2, Industrial IoT Dataflow and Security Architecture, gives you an in-depth understanding of data flows in industrial applications, reference architectures, and risk management methodologies for IIoT. Finally, it establishes an end-to-end IIoT security architecture based on the industrial internet security framework (IISF).
Chapter 3, IIoT Identity and Access Management, helps you develop comprehensive insights in terms of identity and access control technologies and their evolutionary developments to protect IIoT architectures.
Chapter 4, Endpoint Security and Trustworthiness, introduces you to the crucial subject of endpoint security and provides a solid understanding of the importance, challenges, and solutions to secure IIoT endpoints.
Chapter 5, Securing Connectivity and Communications, introduces the Industrial Internet Connectivity Framework (IICF), and covers the breadth and depth of IIoT connectivity technologies and architectures, giving you an expert insight into their security postures.
Chapter 6, Securing IIoT Edge, Cloud, and Apps, explains the security technologies that are designed to protect IIoT applications, from the edge to the cloud, using real-world IoT cloud examples.
Chapter 7, Secure Processes and Governance, covers the critical role of the management and governance aspects of IIoT security, in order to provide some guidance to business leaders and industry players.
Chapter 8, IIoT Security Using Emerging Technologies, helps you to understand many emerging technologies and evaluate their relevance to securing connected industrial use cases.
Chapter 9, Real-World Case Studies in IIoT Security, builds on various dimensions of IIoT security discussed in this book with real-world use cases.
Chapter 10, The Road Ahead, summarizes the technical findings presented in this book and provides some concluding remarks and insights on what to do next.
This book has been uniquely designed to cater to the needs of technical professionals with either an IT or operational background, and also for organizational business leaders. Chapter 3, IIoT Identity and Access Management, Chapter 4, Endpoint Security and Trustworthiness, Chapter 5, Securing Connectivity and Communications, and Chapter 6, Securing IIoT Edge, Cloud, and Apps, have advanced-level information and expect a certain degree of technical proficiency in IT technologies and a knowledge of industrial operations. The remaining chapters have been developed to provide crucial insights for IIoT practitioners with both technical and business backgrounds.
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/PracticalIndustrialInternetofThingsSecurity_ColorImages.pdf.
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Default passwords are usually easy-to-guess phrases (such as password123), and are meant to be replaced by stronger passwords when the device has been deployed."
Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "The security program for their automated fleet and industrial automation control system (IACS) was operationalized to protect valuable assets and ensure the safety of rig personnel."
Feedback from our readers is always welcome.
General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packtpub.com.