4. 630.10.2017
Digitalization accelerates the industrial
processes and enables new businesses …
… but the use of IoT in the cyber-physical
world also raises new threads
To enable the full
potential of IoT we
need a holistic
approach
5. TRANSFORMATION OF INDUSTRIAL PROCESSES
5
Image Source: Plattform Industrie 4.0 – RAMI 4.0
Industry 3.0 Pyramid Factory Model Industry 4.0 Smart Factory Model
7. 730.10.2017
• Gartner predicts 6.4B connected things will be in use worldwide in 2016,
up 30% from 2015, and will reach 20.8 billion by 2020.
• Internet of Things (IoT) sensors and devices are expected to exceed mobile
phones as the largest category of connected devices in 2018, growing at a
23% compound annual growth rate (CAGR) from 2015 to 2021.
• Ericsson predicts there will be a total of approximately 28B connected
devices worldwide by 2021, with nearly 16B related to IoT.
IOT WILL BE EVERYWHERE
Image Source: Ericsson Mobility Report; June 2016
8. 830.10.2017
The connection of virtual and physical world, raises new dangers:
• 2013, Austrian PowerGrid almost shut down by misguided control
command from German gas system
• 2015, German steel mill in Germany was
hacked causing massive damage
• 2015, Jeep Cherokee hacked,
including steering and braking system
• 2016, Ukraine power grid was
hacked and partially taken down
• 2016, DDoS attack by botnet of
hacked IoT devices
IOT RAISES NEW THREADS
https://www.sentryo.net/cyberattack-on-a-german-steel-mill/
9. 930.10.2017
• Fit-for-Purpose
• Physical
• Safety
• Embedded
• Type
• Destination
• Context
• Velocity
• Myriad Platforms
• Age
• Protocols, Types
• Varied Vendors
• Millions of Devices
• Multiple Networks
• Big Data, BIG Data
• Longer Supply
Chains
Scale Diversity
FunctionFlow
WHAT IS DIFFERENT ABOUT IOT SECURITY?
IoT
10. 1030.10.2017
PERMEATION OF TRUST
Source: Industrial Internet Consortium Security Working Group, “Industrial Internet of Things Volume G4: Security Framework,” 2016.
11. 1130.10.2017
The New Model for Digital Security
SAFETY, RELIABILITY AND PRIVACY:
DIGITAL SECURITY IMPERATIVES
Privacy
Safety
Reliability
Confidentiality
Integrity
Availability
People
Environment
Data
Lifecycle Management
IoT
12. 1230.10.2017
SAFETY & SECURITY CO-DESIGN
IEC TC65 WG20 “Industrial-process measurement, control and automation – Framework to bridge the requirements for safety and security”
13. 1330.10.2017
You can‘t secure it if you can‘t upgrade it!
You can't comply if you can't upgrade it!
IOT LIFECYCLE MANAGEMENT
15. 1530.10.2017
IOT SECURITY LIFECYCLE MANAGEMENT
Functional
Concept
Technical
Concept
HW/SW
Design
HW/SW
Verification
System (Technical)
Verification
System (Functional)
Verification &Validation
HW/SW Implementation
Functional
level
System level
HW/SW Level
Reusable resilient system
architecture pattern and
concepts
Scalable and efficient
crypto algorithm for IoT
HW-based solutions for
safe&secure IoT
Dependability (Safety,
Security, Reliability, Efficiency)
design methods for IoT
System in Use
and Service
Automatic Event
Correlator for
Incident Detection
Collaborative
Analysis Engine for
Situational
Awareness and
Incident Response
Strategic Safety
& Security
Verification &
Analysis
Operational
Security
Verification &
AnalysisIoT Lifecycle
Management
System
(Functional)
Monitoring
System
(Technical)
Monitoring
HW/SW
Monitoring
16. DEVELOPMENT OF SAFETY-CRITICAL SYSTEMS
16
Design
• Safe and Secure Co-
Engineering
• Threat Modelling
• Systems Theoretic
Process Analysis
• Safe and Secure
Reference
Architecture
Development
• Verification and
Validation
• Automated Test
Case Generation
• Monitoring of cyber-
physical systems
• Binary Code
Analysis
• Model-based
Testing
Operation
• Monitoring &
Analysis
• Automatic Event
Correlator for
Incident Detection
• Collaborative
Analysis Engine for
Situational
Awareness and
Incident Response
Life-Cycle Management
17. 1730.10.2017
IOT SECURITY ALONG THE VALUE CHAIN
Functional
Level
System
Level
HW/SW
Level
Trustful IoT Ecosystems
Secure Data Storage
Anomaly Detection in IoT Networks
Secure IoT Connectivity
18. Functional
Level
System
Level
HW/SW
Level
• Connect critical devices to the internet
• Security often not considered in legacy
components / networks
• Potential leak for manipulation of data and
processes
• Remote updates potentially critical
• Continuous connection not always achievable
SECURE IOT CONNECTIVITY
19. 1930.10.2017
SECURING EVERY LINK IN THE CHAIN (ETSI)
M2M Security Standards: ETSI contributions
https://docbox.etsi.org/workshop/2012/201210_M2MWORKSHOP/02_TheETSIM2MStandard/SECURITY_ENNESSER.pdf
22. • State-of-the-art firewalls work by
controlling and filtering traffic
• The secure gateway is more than a
filter
• Fully capable interface securing
the critical network:
• Offers a restricted set of needed
secure services
• Flexible solution for the higher
complexity of an Industry 4.0
context
• Can be used to allow secure
access to pre-existing networks
which were not designed with
security in mind
• Easy to include additional new
services (e.g. secure software
updates)
• Supported Platforms:
• All ARM Processors supporting
TrustZone for ARM
AIT SECURE GATEWAY
FEATURES
23. Functional
Level
System
Level
HW/SW
Level
• Protect data in cyber physical systems to
ensure authenticity and security from the source
(i.e., sensor) to the consumer (i.e., closed-loop
controls, business intelligence)
• Enable sharing of authentic data over cloud-
based infrastructures between multiple
stakeholders
• Need for novel cryptographic solutions which
protect the authenticity and security of data in a
very agile way
• Enable the next generation trustworthy smart
manufacturing services with provably authentic
data in all system stages and levels of the
hierarchy
SECURE DATA STORAGE
24. • Scalable and lightweight public-key cryptography
• Strong (public-key) cryptography to protect IoT systems
• Encryption and authentication protocols beyond today‘s Internet needed,
e.g., the TLS protocol, cannot be adapted easily to the diversity of the IoT
• Light-weight public-key crypto protocols that suitably address trade-
offs between communication and computation complexity of IoT devices
• Advanced cryptography for end-to-end authenticity and confidentiality
• Future factories will comprise large-scale distributed and heterogeneous
systems to gather information and exploit it to increase productivity and
flexibility in its production processes
• Lightweight cryptography to enable real-time applications for
authentic data provisioning and data aggregation over time
CRYPTOGRAPHIC CHALLENGES
25. Cloud environments require
novel cryptographic solutions
Key-less security
Long-term security (Quantum-
safe)
Agility of encrypted data for
sharing and manipulation
More storage efficient than
replication
PRISMACLOUD
SECURE CLOUD STORAGE
26. Functional
Level
System
Level
HW/SW
Level
ANOMALY DETECTION IN IOT NETWORKS
• Cyber Physical Systems exert
interconnectedness and integration of OT
systems (e.g., ICS, sensors) with:
• IT systems (e.g., enterprise network),
• Business processes,
• People.
• Traditional security approaches (e.g., physical
separation, isolation, obscurity of design) for
critical control systems are NOT infallible
against novel attacks.
• Black-list detection techniques based on
signatures are NOT sufficient.
• Novel white-list approaches for normal system
behavior modelling are REQUIRED.
27. 2730.10.2017
Automatic Event Correlation for Incident Detection
• Keeps track of system events, their dependencies, their occurrence:
• Dynamically learns the normal system behavior
• Detects deviation from system model:
• e.g., irregularities in CPS process flow due to intrusion
Normal System Behavior
1. Client tries to log into an online shop on a web server
2. Connection through firewall
3. Web server checks credentials through database query
4. Database query result
5. Response through firewall: access acceptance or denial
6. Client receives response
ÆCID
OUR APPROACH
28. 2830.10.2017
• Point anomalies
• Client access with unknown
user agent (e.g., Internet
Explorer instead of Firefox)
• Whitelisting: only Firefox is allowed, any other triggers an alarm
• Blacklisting: list of prohibited tools, vulnerable to incompleteness
• Anomalous event parameter
• E.g., Access outside working hours
• Anomalous event frequency
• E.g., Data theft: unusual database access from a single client in a short
time-window
• Anomalous event sequence
• E.g., SQL-Injection: Access-chain violation:
• Firewall/Webserver/Database-Server
ÆCID
DETECTABLE ANOMALIES
29. 2930.10.2017
SITUATIONAL AWARENESS & INCIDENT RESPONSE
• Modern attack campaigns target specific CPS, and leverage:
• weaknesses in the organization’s business processes,
• vulnerabilities of several systems.
• To hit their target, attackers harness multiple attack vectors and apply a
wide variety of tools to achieve their malicious objectives
• Need for advanced TI solutions to establish Situational Awareness, and
respond to wide-spread threats and cyber attacks on a daily basis.
30. 3030.10.2017
Collaborative Analysis Engine for Situational
Awareness & Incident Response
• Integrated Cyber Threat Intelligence (TI) framework to enable
organizations to consume and efficiently apply TI:
• efficiently use information about vulnerabilities, attacks, weaknesses,
exploits etc., to steer internal security management.
• Framework offering a TI toolchain utilizing modern approaches for the
automation of:
• Selection
• Interpretation
• Application
of TI information specifically in CPS-enabled
critical environments
• Usability and human-computer interaction (HCI) aspects for targeted
development.
CÆSAIR
OUR APPROACH
33. 3330.10.2017
• Data Market Austria aims to
create a data innovation
environment by building a
community of stakeholders
around the Data-Services
Ecosystem that operate in a
clearly regulated environment
• Democratic trusted
membership model through
Smart Contracts
• Decentralized brokerage of
Datasets and Services through
Smart Contracts
• Open provenance for Datasets
and transactions related to
Datasets and Services
DATA MARKET AUSTRIA
TRUSTFUL MARKETPLACE FOR (IOT) DATA
Bootnode
Member
Node
Candidate
Node Service
Dataset
User (Actor)
Externally Owned Account (EOA):
0x168bc315a2ee09042d83d7c5811b533620531f67
Terms of Use
Dataset Contract
Terms of Service
Service Contract
Membership Contract
34. Interoperability and mediation framework
for the future IoT ecosystem supporting next-generation
cross-platform IoT applications
SYMBIOTE
IOT PLATFORM INTEROPERABILITY
35. SYMBIOTE
KEY FEATURES
Hierarchical,
adaptive and
dynamic IoT
environments
Unified and
secure access
to physical and
virtualized IoT
devices
Device
discovery
across
platforms
Security:
access
scopes and
identity
management
Platform
federation for
collaborative
sensing /
actuation tasks
Seamless
roaming of
smart devices
across smart
spaces
36. 3630.10.2017
SECURITY IS A KEY ISSUE TO YOUR BUSINESS
Your brand will be held
responsible for all security
issues!
37. THANK YOU!
Dr. MARIO DROBICS
Senior Research Engineer
Center for Digital Safety & Security
Information Management
AIT Austrian Institute of Technology GmbH
Donau-City-Straße 1 | 1220 Wien, Austria
T +43 50550-4810 | M +43 664 8251007
mario.drobics@ait.ac.at | www.ait.ac.at