IoT connectivity in power generation and distribution (smart grids) is an important use case that enables utility companies to communicate with their retail and enterprise consumers. This bidirectional communication enables demand-based variable energy production, as well as fuel and cost optimization (NIST-SMG). With smart metering, utility workers no longer need to physically visit consumer premises to obtain meter readings. This makes metering and billing more accurate and cost-efficient. Accuracy in tracking and reporting usage enables utility companies to gain better insights into customer energy usage profiles, which enables them to optimize usage and defer usage away from peak hours.

A power generation utility is a typical example of a system of systems, with highly distributed control systems and networks. Smart grids are, in general, implemented in a way that depends massively on TCP/IP networks, both wired and wireless.

In many power generation facilities around the globe, the cyber defense practices utilized today are often outdated. Inadequate use of risk management practices and security controls such as industrial firewalls with DPI capabilities and access control render these facilities exposed to cyber risks.

As critical infrastructures, the impact of a cyberattack in these facilities could potentially cascade onto other interdependent systems, such as water purification facilities, smart city traffic control systems, and so on. In Chapter 9, Real-World Case Studies in IIoT Security, the anatomy of a power grid cyberattack is discussed elaborately.

Data suggests that energy sectors are more prone to cyberattacks and more than 15% of industrial cyberattacks target the energy sector (ENER-SYMT). Stuxnet, Duqu, Shamoon, and Night Dragon are infamous security incidents that targeted the energy sector. Internet threats are one of the prime concerns in the energy sector, compounded with the ubiquity of legacy systems, which were originally designed as air-gapped systems and still remain to be fortified with security controls.

In manufacturing plants, unscheduled downtime has always been the top reason for lost productivity. Critical asset failures largely contribute to these unplanned shutdowns. Finding effective ways to predict and prevent asset failures on the factory floor has always been a hard-to-win battle. Today, the evolving framework of IoT enables us to better manage physical assets using smart sensing, scaled connectivity, and data-driven predictability. Using the IIoT framework, manufacturing plants can deploy instrumentation across the factory processes to establish a digital continuum, which connects information and utilizes actionable data. Real-time analysis of this data enables early fault detection and data-driven decision making, which in turn helps minimize unplanned downtime and improve performance, and therefore increase profits.

In manufacturing, legacy technologies, inadequate cybersecurity skills among OT operators to conduct timely patches, upgrades, segmentation, perimeter-based defense, and so on pose a serious cyber risk. The interplay of multiple vendors owning the various components of an IIoT solution and the vulnerabilities in third-party systems, such as unsecured APIs, lack of permission-based access, the use of clear text, and so on, need to be carefully examined:

Figure 1.13: Chronology and global spread of industrial cyberattacks; Source: Frost and sullivan (FSV-IoT)

In June 2010, 14 industrial sites, including a uranium-enrichment plant, were infected by a 500 KB computer worm called Stuxnet. The worm entered one of the computers through a USB stick, and feigned a trustworthy digital certificate to evade automated detection systems. It proliferated via the enterprise LAN and infected air-gapped computers, owing to its ability to be transmitted through a USB drive.

Driverless, autonomous vehicles taking over the city's roads is the grandest human dream of this decade. Fuel efficiency, hassle-free commuting, parking efficiencies, traffic and road safety, reduction in harmful fuel emissions, and so on are the advantages associated with the vision of autonomous vehicles. While we may have to wait some more years before we can live in this dream, internet-enabled connected vehicles and fleet management are very much a reality. Connected sensor meshs, communications using vehicle to vehicle (V2V) and vehicle to infrastructure (V2I), telemetry, AI and machine learning, cloud connectivity, and so on are the building blocks to make connected vehicles a reality. General Motor's OnStar, Ford's Sync, and Chrysler's Uconnect are some examples of early-stage connected vehicle technologies that are already in use.

Road safety, mobility, and the environment are the top priorities of the connected vehicle program that the US Department of Transportation (DOT) is driving, in partnership with state and local transportation agencies. The National Highway Traffic Safety Administration (NHTSA) estimates that connected vehicles can reduce the 5 million recorded crashes on US roads by 80% (DOT-VHC). According to DOT, surface transportation loses nearly 4 billion gallons of gas each year due to traffic congestion, which also significantly adds to the greenhouse gases (GHG) that vehicles emit. Smart traffic controls thus equate to both fuel and environmental efficiency.

Nextgen connected vehicle communication uses dedicated short-range communications (DSRC), in addition to cellular, GPS, Bluetooth, and so on, to gain 360-degree road awareness. Forward Collision Warning (FSW) doesn't depend on line-of-sight. Considering a driver's data privacy, vehicle information—heading, position, speed, and so on—are communicated using Basic Safety Messages (BSM), which eliminates any personal identifying information (PII) regarding the vehicle or the driver.

In connected vehicles, several complex technologies intricately interplay. The software and hardware often involve multiple vendors. Cloud connectivity provides inroads for black hat hackers. Vulnerabilities in an automobile's control area network (CAN) databus, use of insecure APIs in the software modules, lack of permission control for third-party applications, inadequate "security by design" practices, and penetration testing provide a wide attack surface that can very well shatter our smart transportation dreams.

By exploiting a software bug, security experts Charlie Miller and Chris Valasek demonstrated the fatal consequences of an on-the-road hack when they wirelessly sabotaged a 2014 Jeep Cherokee. The full exploit is explained in Miller and Velesek's report (http://illmatics.com/Remote%20Car%20Hacking.pdf)

Several IoT applications are digitally transforming healthcare systems around the world. Some of the common IoT use cases are connected hospitals, where connected medical devices are simplifying critical patient monitoring instruments. In hospitals, smart medical equipment provides accurate data and reduces cluttered wiring, thus reducing human error-related accidents. Remote monitoring of patients, particularly the elderly, is also a promising use case.

Real-time tracking of medical devices and personnel (such as doctors) in large healthcare facilities is possible by using Bluetooth low-energy (BLE) and RFID. Real-time OS and high throughput data buses allow the cloud connectivity of medical equipment to optimize equipment usage, reduce cost, and improve patient care with instant reports and health analytics. In the pharmaceutical industry, robotics and biosensors are improving the quality of drug manufacturing. IoT also improves visibility into the supply chain of pharmaceuticals, ensuring improved drug quality and patient safety.

In November 2017, for the very first time, the Food and Drug Administration (FDA) approved a digital pill (FDA-MED). A digital pill is a medication that's embedded with a sensor that can tell doctors whether and when patients take their medicine. Since critical medical devices and drugs are linked to human life/death conditions, conformance to FDA regulation is a helpful safety gate. Although regulatory intervention holds the reins for healthcare digitization, connected medical devices and hospitals are a reality today. Black hat incidents in hospitals also testify to the fluid attack surfaces that have been exposed with the adoption of internet connectivity in this slow-moving sector.

May 2017 saw one of the worst cyberattacks in medical history, which crippled the UK's National Health Service with the WannaCry ransomware. Outdated software and applications, legacy systems, and inadequate cybersecurity practices pose major risks for black hat exploits. Inadequate cybersecurity awareness among hospital staff, and the lack of security disciplines such as regular patch cycles, and so on add to the risk factors. In the case of a cybersecurity breach, loss of confidential information such as a patients' medical and financial records is bad enough, but an OT cyber incident can also temper with medication and monitoring devices, which could cost human lives.

In May 2017, WannaCry ransomware spread across enterprises in 150 countries. The ransomware was combined with a Microsoft Windows Server Message Block (SMB) protocol exploit called EternalBlue (ETN-WRD). The IT infrastructure in enterprises including Telefonifa, Santander, Deutsche Bank, Fedex, and so on was infected. However, the biggest impact was seen in hospitals belonging to the UK's National Health Service (NHS), where swathes of computers were infected, forcing hospitals to turn away patients and cancel surgeries.

The EternalBlue exploit, when successfully delivered, grants admin access to every connected system in an Enterprise IT infrastructure. The vulnerability existed in legacy Miscrosoft Windows versions—Windows 7 and 8, XP, and 2003.