Book Image

Practical Industrial Internet of Things Security

By : Sravani Bhattacharjee
Book Image

Practical Industrial Internet of Things Security

By: Sravani Bhattacharjee

Overview of this book

Securing connected industries and autonomous systems is of primary concern to the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security directly ties to system reliability as well as human and environmental safety. This hands-on guide begins by establishing the foundational concepts of IIoT security with the help of real-world case studies, threat models, and reference architectures. You’ll work with practical tools to design risk-based security controls for industrial use cases and gain practical knowledge of multi-layered defense techniques, including identity and access management (IAM), endpoint security, and communication infrastructure. You’ll also understand how to secure IIoT lifecycle processes, standardization, and governance. In the concluding chapters, you’ll explore the design and implementation of resilient connected systems with emerging technologies such as blockchain, artificial intelligence, and machine learning. By the end of this book, you’ll be equipped with the all the knowledge required to design industry-standard IoT systems confidently.
Table of Contents (22 chapters)
Title Page
Copyright and Credits
Dedication
Packt Upsell
Foreword
Contributors
Disclaimer
Preface
I
I
Index

Analysis of a real-world cyber-physical attack


On December 23, 2015, three Ukrainian heat and electricity distribution companies (oblenergos) underwent a concurrent cyberattack that caused 225,000 customers to lose their power (ISAC-SANS). The cyber adversary remotely sabotaged the SCADA distribution management system (DMS), maliciously took control of the HMIs, and subsequently launched destructive attacks to disable communications with the field. At least 27 substations were reported to have been taken offline.

This Ukrainian incident is a good example to understand the dynamics of a bold and successful cyber attack. The attack was the first of its kind, considering that it targeted a nation's critical infrastructure. It impacted physical assets, people, reliability, and reputation. Although third-party cloud providers (a typical component of IIoT architectures) were not involved in this use case, this study still showcases how the adversaries remotely hijacked the grid's operations; and...