Talk given at the Internet of Things Event in Eindhoven on June 8th, 2017.

1. TRUSTWORTHY IOT FOR
INDUSTRIAL APPLICATIONS
Towards Safe & Secure Industrial IoT Solutions
Mario Drobics

2. INDUSTRIAL DIGITALIZATION
Chances and Threads

3. 330.10.2017
Protected using
IoT..
..but also
endangered by
unsecure IoT

4. 630.10.2017
Digitalization accelerates the industrial
processes and enables new businesses …
… but the use of IoT in the cyber-physical
world also raises new threads
To enable the full
potential of IoT we
need a holistic
approach

5. TRANSFORMATION OF INDUSTRIAL PROCESSES
5
Image Source: Plattform Industrie 4.0 – RAMI 4.0
Industry 3.0 Pyramid Factory Model Industry 4.0 Smart Factory Model

6. 630.10.2017
INDUSTRY 4.0 – OPPORTUNITIES FOR VALUE CREATION
Image Source: AVL

7. 730.10.2017
• Gartner predicts 6.4B connected things will be in use worldwide in 2016,
up 30% from 2015, and will reach 20.8 billion by 2020.
• Internet of Things (IoT) sensors and devices are expected to exceed mobile
phones as the largest category of connected devices in 2018, growing at a
23% compound annual growth rate (CAGR) from 2015 to 2021.
• Ericsson predicts there will be a total of approximately 28B connected
devices worldwide by 2021, with nearly 16B related to IoT.
IOT WILL BE EVERYWHERE
Image Source: Ericsson Mobility Report; June 2016

8. 830.10.2017
The connection of virtual and physical world, raises new dangers:
• 2013, Austrian PowerGrid almost shut down by misguided control
command from German gas system
• 2015, German steel mill in Germany was
hacked causing massive damage
• 2015, Jeep Cherokee hacked,
including steering and braking system
• 2016, Ukraine power grid was
hacked and partially taken down
• 2016, DDoS attack by botnet of
hacked IoT devices
IOT RAISES NEW THREADS
https://www.sentryo.net/cyberattack-on-a-german-steel-mill/

9. 930.10.2017
• Fit-for-Purpose
• Physical
• Safety
• Embedded
• Type
• Destination
• Context
• Velocity
• Myriad Platforms
• Age
• Protocols, Types
• Varied Vendors
• Millions of Devices
• Multiple Networks
• Big Data, BIG Data
• Longer Supply
Chains
Scale Diversity
FunctionFlow
WHAT IS DIFFERENT ABOUT IOT SECURITY?
IoT

10. 1030.10.2017
PERMEATION OF TRUST
Source: Industrial Internet Consortium Security Working Group, “Industrial Internet of Things Volume G4: Security Framework,” 2016.

11. 1130.10.2017
The New Model for Digital Security
SAFETY, RELIABILITY AND PRIVACY:
DIGITAL SECURITY IMPERATIVES
Privacy
Safety
Reliability
Confidentiality
Integrity
Availability
People
Environment
Data
Lifecycle Management
IoT

12. 1230.10.2017
SAFETY & SECURITY CO-DESIGN
IEC TC65 WG20 “Industrial-process measurement, control and automation – Framework to bridge the requirements for safety and security”

13. 1330.10.2017
You can‘t secure it if you can‘t upgrade it!
You can't comply if you can't upgrade it!
IOT LIFECYCLE MANAGEMENT

14. PRACTICAL SOLUTIONS FOR SECURE IOT
AIT‘s holistic approach to IoT security

15. 1530.10.2017
IOT SECURITY LIFECYCLE MANAGEMENT
Functional
Concept
Technical
Concept
HW/SW
Design
HW/SW
Verification
System (Technical)
Verification
System (Functional)
Verification &Validation
HW/SW Implementation
Functional
level
System level
HW/SW Level
Reusable resilient system
architecture pattern and
concepts
Scalable and efficient
crypto algorithm for IoT
HW-based solutions for
safe&secure IoT
Dependability (Safety,
Security, Reliability, Efficiency)
design methods for IoT
System in Use
and Service
Automatic Event
Correlator for
Incident Detection
Collaborative
Analysis Engine for
Situational
Awareness and
Incident Response
Strategic Safety
& Security
Verification &
Analysis
Operational
Security
Verification &
AnalysisIoT Lifecycle
Management
System
(Functional)
Monitoring
System
(Technical)
Monitoring
HW/SW
Monitoring

16. DEVELOPMENT OF SAFETY-CRITICAL SYSTEMS
16
Design
• Safe and Secure Co-
Engineering
• Threat Modelling
• Systems Theoretic
Process Analysis
• Safe and Secure
Reference
Architecture
Development
• Verification and
Validation
• Automated Test
Case Generation
• Monitoring of cyber-
physical systems
• Binary Code
Analysis
• Model-based
Testing
Operation
• Monitoring &
Analysis
• Automatic Event
Correlator for
Incident Detection
• Collaborative
Analysis Engine for
Situational
Awareness and
Incident Response
Life-Cycle Management

17. 1730.10.2017
IOT SECURITY ALONG THE VALUE CHAIN
Functional
Level
System
Level
HW/SW
Level
 Trustful IoT Ecosystems
 Secure Data Storage
 Anomaly Detection in IoT Networks
 Secure IoT Connectivity

18. Functional
Level
System
Level
HW/SW
Level
• Connect critical devices to the internet
• Security often not considered in legacy
components / networks
• Potential leak for manipulation of data and
processes
• Remote updates potentially critical
• Continuous connection not always achievable
SECURE IOT CONNECTIVITY

19. 1930.10.2017
SECURING EVERY LINK IN THE CHAIN (ETSI)
M2M Security Standards: ETSI contributions
https://docbox.etsi.org/workshop/2012/201210_M2MWORKSHOP/02_TheETSIM2MStandard/SECURITY_ENNESSER.pdf

20. 20
ARROWHEAD
SECURE CONTROLLER
ISO20922 (MQTT) + HW security as enabler for secure inter-cloud
communication

21. 2130.10.2017
AIT SECURE GATEWAY
ARCHITECTURE
Serial Interface
or TCP/IP

22. • State-of-the-art firewalls work by
controlling and filtering traffic
• The secure gateway is more than a
filter
• Fully capable interface securing
the critical network:
• Offers a restricted set of needed
secure services
• Flexible solution for the higher
complexity of an Industry 4.0
context
• Can be used to allow secure
access to pre-existing networks
which were not designed with
security in mind
• Easy to include additional new
services (e.g. secure software
updates)
• Supported Platforms:
• All ARM Processors supporting
TrustZone for ARM
AIT SECURE GATEWAY
FEATURES

23. Functional
Level
System
Level
HW/SW
Level
• Protect data in cyber physical systems to
ensure authenticity and security from the source
(i.e., sensor) to the consumer (i.e., closed-loop
controls, business intelligence)
• Enable sharing of authentic data over cloud-
based infrastructures between multiple
stakeholders
• Need for novel cryptographic solutions which
protect the authenticity and security of data in a
very agile way
• Enable the next generation trustworthy smart
manufacturing services with provably authentic
data in all system stages and levels of the
hierarchy
SECURE DATA STORAGE

24. • Scalable and lightweight public-key cryptography
• Strong (public-key) cryptography to protect IoT systems
• Encryption and authentication protocols beyond today‘s Internet needed,
e.g., the TLS protocol, cannot be adapted easily to the diversity of the IoT
• Light-weight public-key crypto protocols that suitably address trade-
offs between communication and computation complexity of IoT devices
• Advanced cryptography for end-to-end authenticity and confidentiality
• Future factories will comprise large-scale distributed and heterogeneous
systems to gather information and exploit it to increase productivity and
flexibility in its production processes
• Lightweight cryptography to enable real-time applications for
authentic data provisioning and data aggregation over time
CRYPTOGRAPHIC CHALLENGES

25.  Cloud environments require
novel cryptographic solutions
 Key-less security
 Long-term security (Quantum-
safe)
 Agility of encrypted data for
sharing and manipulation
 More storage efficient than
replication
PRISMACLOUD
SECURE CLOUD STORAGE

26. Functional
Level
System
Level
HW/SW
Level
ANOMALY DETECTION IN IOT NETWORKS
• Cyber Physical Systems exert
interconnectedness and integration of OT
systems (e.g., ICS, sensors) with:
• IT systems (e.g., enterprise network),
• Business processes,
• People.
• Traditional security approaches (e.g., physical
separation, isolation, obscurity of design) for
critical control systems are NOT infallible
against novel attacks.
• Black-list detection techniques based on
signatures are NOT sufficient.
• Novel white-list approaches for normal system
behavior modelling are REQUIRED.

27. 2730.10.2017
Automatic Event Correlation for Incident Detection
• Keeps track of system events, their dependencies, their occurrence:
• Dynamically learns the normal system behavior
• Detects deviation from system model:
• e.g., irregularities in CPS process flow due to intrusion
Normal System Behavior
1. Client tries to log into an online shop on a web server
2. Connection through firewall
3. Web server checks credentials through database query
4. Database query result
5. Response through firewall: access acceptance or denial
6. Client receives response
ÆCID
OUR APPROACH

28. 2830.10.2017
• Point anomalies
• Client access with unknown
user agent (e.g., Internet
Explorer instead of Firefox)
• Whitelisting: only Firefox is allowed, any other triggers an alarm
• Blacklisting: list of prohibited tools, vulnerable to incompleteness
• Anomalous event parameter
• E.g., Access outside working hours
• Anomalous event frequency
• E.g., Data theft: unusual database access from a single client in a short
time-window
• Anomalous event sequence
• E.g., SQL-Injection: Access-chain violation:
• Firewall/Webserver/Database-Server
ÆCID
DETECTABLE ANOMALIES

29. 2930.10.2017
SITUATIONAL AWARENESS & INCIDENT RESPONSE
• Modern attack campaigns target specific CPS, and leverage:
• weaknesses in the organization’s business processes,
• vulnerabilities of several systems.
• To hit their target, attackers harness multiple attack vectors and apply a
wide variety of tools to achieve their malicious objectives
• Need for advanced TI solutions to establish Situational Awareness, and
respond to wide-spread threats and cyber attacks on a daily basis.

30. 3030.10.2017
Collaborative Analysis Engine for Situational
Awareness & Incident Response
• Integrated Cyber Threat Intelligence (TI) framework to enable
organizations to consume and efficiently apply TI:
• efficiently use information about vulnerabilities, attacks, weaknesses,
exploits etc., to steer internal security management.
• Framework offering a TI toolchain utilizing modern approaches for the
automation of:
• Selection
• Interpretation
• Application
of TI information specifically in CPS-enabled
critical environments
• Usability and human-computer interaction (HCI) aspects for targeted
development.
CÆSAIR
OUR APPROACH

31. 3130.10.2017
CÆSAIR
DASHBOARD

32. Functional
Level
System
Level
HW/SW
Level
TRUSTFUL IOT ECOSYSTEMS
• IoT ecosystems involve many different actors
• Data and services need to be exchanged
across platforms
• Trust is a prerequisite to enable cross-platform
applications

33. 3330.10.2017
• Data Market Austria aims to
create a data innovation
environment by building a
community of stakeholders
around the Data-Services
Ecosystem that operate in a
clearly regulated environment
• Democratic trusted
membership model through
Smart Contracts
• Decentralized brokerage of
Datasets and Services through
Smart Contracts
• Open provenance for Datasets
and transactions related to
Datasets and Services
DATA MARKET AUSTRIA
TRUSTFUL MARKETPLACE FOR (IOT) DATA
Bootnode
Member
Node
Candidate
Node Service
Dataset
User (Actor)
Externally Owned Account (EOA):
0x168bc315a2ee09042d83d7c5811b533620531f67
Terms of Use
Dataset Contract
Terms of Service
Service Contract
Membership Contract

34. Interoperability and mediation framework
for the future IoT ecosystem supporting next-generation
cross-platform IoT applications
SYMBIOTE
IOT PLATFORM INTEROPERABILITY

35. SYMBIOTE
KEY FEATURES
Hierarchical,
adaptive and
dynamic IoT
environments
Unified and
secure access
to physical and
virtualized IoT
devices
Device
discovery
across
platforms
Security:
access
scopes and
identity
management
Platform
federation for
collaborative
sensing /
actuation tasks
Seamless
roaming of
smart devices
across smart
spaces

36. 3630.10.2017
SECURITY IS A KEY ISSUE TO YOUR BUSINESS
Your brand will be held
responsible for all security
issues!

37. THANK YOU!
Dr. MARIO DROBICS
Senior Research Engineer
Center for Digital Safety & Security
Information Management
AIT Austrian Institute of Technology GmbH
Donau-City-Straße 1 | 1220 Wien, Austria
T +43 50550-4810 | M +43 664 8251007
mario.drobics@ait.ac.at | www.ait.ac.at