A Self-tuning Cyber-Attacks Location Identification Approach for Industrial Internet of Things

New generation Industrial Automation and Control Systems (IACS) are providing advanced connectivity features, enabling new automation applications, services and business models in the Industrial Internet of Things (IIoT) era. Nevertheless, due to the extended attack surface and increasing number of cyber-attacks against industrial equipment, security concerns arise. Hence, these systems should provide enough protection and resiliency against cyber-attacks throughout their entire lifespan, which, in the case of industrial systems, may last several decades. A sound and complete management of security issues and software updates is fundamental to achieve such goal, since leading-edge security countermeasures implemented in the development phase may eventually become out-of-date. In this article, a review of the IEC 62443 industrial security standard concerning the security maintenance of IIoT systems and components is given, along with guidelines for the implementation of such processes. As concluded, the security issues and software updates management shall jointly be addressed by the asset owner, service providers and product suppliers. These security processes should also be compatible with the safety procedures established by safety standards.

Download Full-text

Threats in Cyber Safety - Outline of the Problem

System Safety Human - Technical Facility - Environment ◽

10.2478/czoto-2020-0043 ◽

2020 ◽

Vol 2 (1) ◽

pp. 349-356

Author(s):

Wojciech Gliń ◽

Renata Stasiak-Betlejewska

Keyword(s):

Internet Of Things ◽

Industry 4.0 ◽

Cyber Attacks ◽

Industrial Internet Of Things ◽

Industrial Networks ◽

Cyber Threats ◽

Industrial Internet ◽

Cyber Safety ◽

The Web

AbstractCurrently, the industry is called as Industry 4.0, Internet of Things, Industrial Internet of Things, where devices, machines, information, organizations and people are connected to the network. Every day meet new solutions for Industry 4.o can be met, but in parallel with these solutions there are also threats in the field of security of industrial networks. Such threats have been called cyber-attacks or cyber threats. Cybersecurity is the global name of a field aimed at counteracting all types of threats on the web. Cybersecurity is to raise awareness, inform, control and introduce solutions to counteract cyber threats. Enterprises, organizations dealing with the promotion of Industry 4.0, IoT, IIoT, form the appropriate groups, departments, companies whose goal is to counteract all types of cyber-attacks. At present, the thesis can be formulated that cybersecurity of the broadly understood network is more important than the implementation of Industry 4.0. The publication will attempt to present the threats that cybersecurity enterprises must face and the ways and methods to counter them.

Download Full-text

Secure Data of Industrial Internet of Things in a Cement Factory Based on a Blockchain Technology

Applied Sciences ◽

10.3390/app11146376 ◽

2021 ◽

Vol 11 (14) ◽

pp. 6376

Author(s):

Samir M. Umran ◽

Songfeng Lu ◽

Zaid Ameen Abduljabbar ◽

Jianxin Zhu ◽

Junjun Wu

Keyword(s):

Internet Of Things ◽

Low Power ◽

Cyber Security ◽

Cyber Attacks ◽

Industrial Internet Of Things ◽

Sensors And Actuators ◽

Cement Factory ◽

Blockchain Technology ◽

Industrial Internet ◽

And Control

The Industrial Internet of Things (IIoT) has become a pivotal field of development that can increase the efficiency of real-time collection, recording, analysis, and control of the entire activities of various machines, and can actively enhance quality and reduce costs. The traditional IIoT depends on centralized architectures that are vulnerable to several kinds of cyber-attacks, such as bottlenecks and single points of failure. Blockchain technology has emerged to change these architectures to a decentralized form. In modern industrial settings, blockchain technology is utilized for its ability to provide high levels of security, low computational complexity, P2P communication, transparent logs, and decentralization. The present work proposes the use of a private blockchain mechanism for an industrial application in a cement factory, which offers low power consumption, scalability, and a lightweight security scheme; and which can play an efficient role in controlling access to valuable data generated by sensors and actuators. A low-power ARM Cortex-M processor is utilized due to its efficiency in terms of processing cryptographic algorithms, and this plays an important part in improving the computational execution of the proposed architecture. In addition, instead of proof of work (PoW), our blockchain network uses proof of authentication (PoAh) as a consensus mechanism to ensure secure authentication, scalability, speed, and energy efficiency. Our experimental results show that the proposed framework achieves high levels of security, scalability and ideal performance for smart industrial environments. Moreover, we successfully realized the integration of blockchain technology with the industrial internet of things devices, which provides the blockchain technology features and efficient resistance to common cyber-security attacks.

Download Full-text

Analysis of Security Issues and Countermeasures for the Industrial Internet of Things

Applied Sciences ◽

10.3390/app11209393 ◽

2021 ◽

Vol 11 (20) ◽

pp. 9393

Author(s):

Shantanu Pal ◽

Zahra Jadidi

Keyword(s):

Internet Of Things ◽

Large Scale ◽

Security Analysis ◽

Cyber Attacks ◽

Security Requirements ◽

Future Research ◽

The Internet ◽

Industrial Internet Of Things ◽

Security Issues ◽

Industrial Internet

Industrial Internet of Things (IIoT) can be seen as an extension of the Internet of Things (IoT) services and applications to industry with the inclusion of Industry 4.0 that provides automation, reliability, and control in production and manufacturing. IIoT has tremendous potential to accelerate industry automation in many areas, including transportation, manufacturing, automobile, marketing, to name a few places. When the benefits of IIoT are visible, the development of large-scale IIoT systems faces various security challenges resulting in many large-scale cyber-attacks, including fraudulent transactions or damage to critical infrastructure. Moreover, a large number of connected devices over the Internet and resource limitations of the devices (e.g., battery, memory, and processing capability) further pose challenges to the system. The IIoT inherits the insecurities of the traditional communication and networking technologies; however, the IIoT requires further effort to customize the available security solutions with more focus on critical industrial control systems. Several proposals discuss the issue of security, privacy, and trust in IIoT systems, but comprehensive literature considering the several aspects (e.g., users, devices, applications, cascading services, or the emergence of resources) of an IIoT system is missing in the present state of the art IIoT research. In other words, the need for considering a vision for securing an IIoT system with broader security analysis and its potential countermeasures is missing in recent times. To address this issue, in this paper, we provide a comparative analysis of the available security issues present in an IIoT system. We identify a list of security issues comprising logical, technological, and architectural points of view and consider the different IIoT security requirements. We also discuss the available IIoT architectures to examine these security concerns in a systematic way. We show how the functioning of different layers of an IIoT architecture is affected by various security issues and report a list of potential countermeasures against them. This study also presents a list of future research directions towards the development of a large-scale, secure, and trustworthy IIoT system. The study helps understand the various security issues by indicating various threats and attacks present in an IIoT system.

Download Full-text

An Integrated Legacy of Modbus Devices to Industrial Internet of Things: Approach for Smart Industries

10.31219/osf.io/54tje ◽

2020 ◽

Author(s):

Karthik Muthineni

Keyword(s):

Internet Of Things ◽

Industrial Revolution ◽

Digital Technologies ◽

Industrial Internet Of Things ◽

Intelligent Decision Making ◽

Internet Of Everything ◽

Industrial Internet ◽

Intelligent Decision ◽

Network Platform ◽

Smart Factories

The new industrial revolution Industry 4.0, connecting manufacturing process with digital technologies that can communicate, analyze, and use information for intelligent decision making includes Industrial Internet of Things (IIoT) to help manufactures and consumers for efficient controlling and monitoring. This work presents the design and implementation of an IIoT ecosystem for smart factories. The design is based on Siemens Simatic IoT2040, an intelligent industrial gateway that is connected to modbus sensors publishing data onto Network Platform for Internet of Everything (NETPIE). The design demonstrates the capabilities of Simatic IoT2040 by taking Python, Node-Red, and Mosca into account that works simultaneously on the device.

Download Full-text

MONITORING AND PREDICTIVE ANALYTICS OF TECHNOLOGICAL EQUIPMENT ON THE BASED OF INDUSTRIAL INTERNET OF THINGS

ВЕСТНИК ВОРОНЕЖСКОГО ГОСУДАРСТВЕННОГО ТЕХНИЧЕСКОГО УНИВЕРСИТЕТА ◽

10.36622/vstu.2020.16.5.001 ◽

2020 ◽

pp. 7-12

Author(s):

С.Л. Добрынин ◽

В.Л. Бурковский

Keyword(s):

Internet Of Things ◽

Data Acquisition ◽

Predictive Analytics ◽

Actual State ◽

Monitoring And Control ◽

Industrial Internet Of Things ◽

Machining Time ◽

Industrial Internet ◽

Acquisition Device ◽

Data Acquisition Device

Произведен обзор технологий в рамках концепции четвертой промышленной революции, рассмотрены примеры реализации новых моделей управления технологическими процессами на базе промышленного интернета вещей. Описано техническое устройство основных подсистем системы мониторинга и контроля, служащей для повышения осведомленности о фактическом состоянии производственных ресурсов в особенности станков и аддитивного оборудования в режиме реального времени. Архитектура предлагаемой системы состоит из устройства сбора данных (УСД), реализующего быстрый и эффективный сбор данных от станков и шлюза, передающего ликвидную часть информации в облачное хранилище для дальнейшей обработки и анализа. Передача данных выполняется на двух уровнях: локально в цехе, с использованием беспроводной сенсорной сети (WSN) на базе стека протоколов ZigBee от устройства сбора данных к шлюзам и от шлюзов в облако с использованием интернет-протоколов. Разработан алгоритм инициализации протоколов связи между устройством сбора данных и шлюзом, а также алгоритм выявления неисправностей в сети. Расчет фактического времени обработки станочных подсистем позволяет более эффективно планировать профилактическое обслуживание вместо того, чтобы выполнять задачи обслуживания в фиксированные интервалы без учета времени использования оборудования We carried out a review of technologies within the framework of the concept of the fourth industrial revolution; we considered examples of the implementation of new models of process control based on the industrial Internet of things. We described the technical structure of the main subsystems of the monitoring and control system to increase awareness of the actual state of production resources in particular machine tools and additive equipment in real time. The architecture of the proposed system consists of a data acquisition device (DAD) that implements fast and efficient data collection from machines and a gateway that transfers the liquid part of information to the cloud storage for further processing and analysis. We carried out the data transmission at two levels, locally in the workshop, using a wireless sensor network (WSN) based on ZigBee protocol stack from the data acquisition device to the gateways and from the gateways to the cloud using Internet protocols. An algorithm was developed for initializing communication protocols between a data acquisition device and a gateway, as well as an algorithm for detecting network malfunctions. Calculating the actual machining time of machine subsystems allows us to more efficiently scheduling preventive maintenance rather than performing maintenance tasks at fixed intervals without considering equipment usage

Download Full-text