Practical security aspects of the internet of things

Industry 4.0 and with that the Internet of Things (IoT) are expected to revolutionize the industrial world. The vast amount of interconnected devices bear the great opportunity to collect valuable information for advancing decision making in management and technology to improve through-life management of a product. Cyber-physical systems and the Internet of Services will revolutionize our current world through fully interconnected communication where information and services are becoming ubiquitous. The availability of information across a system of systems can be very powerful when utilized properly and harnessed adequately. The vast network of small, power-sensitive and often deeply embedded devices that are streaming potentially commercially sensitive data over long periods of time poses an entirely different type of threat than known from the conventional PC world. Adequate and sensible measures need to be taken right at the design stage of IoT devices in order to take best advantage of Industry 4.0 technology. This chapter introduces a set of key security issues related to the implementation of IoT in an industrial mechanical engineering context. A real-world example concerning remote maintenance of CNC machine tools illustrates the different threat scenarios related to IoT in practice. The paper touches on Big Data and Cloud Manufacturing but will remain focused on improving security at the Edge of IoT, i.e. where data is collected, transmitted and eventually transferred back to the physical actuators. The aim of this chapter is to introduce a generic overview of real-world IoT security issues as well as giving a deeper technical example-supported insight into practical considerations for designing IoT systems for practical use in business.

[1]  Dooho Choi,et al.  Side Channel Attacks on Cryptographic Module: EM and PA Attacks Accuracy Analysis , 2015 .

[2]  T. Baines,et al.  Motivations for servitization: the impact of product complexity , 2016 .

[3]  Nikolaos Tapoglou,et al.  Cloud based platform for optimal machining parameter selection based on function blocks and real time monitoring , 2015 .

[4]  Vlad Trifa,et al.  Building the Web of Things: With examples in Node.js and Raspberry Pi , 2016 .

[5]  Alexey Melnikov,et al.  Simple Authentication and Security Layer (SASL) , 2006, RFC.

[6]  Dirk Schaefer,et al.  On Servitization of the Manufacturing Industry in the UK , 2016 .

[7]  Daniel Pakkala,et al.  Reference Architecture and Classification of Technologies, Products and Services for Big Data Systems , 2015, Big Data Res..

[8]  Bruno Rouzeyre,et al.  When Failure Analysis Meets Side-Channel Attacks , 2010, CHES.

[9]  Ashutosh Tiwari,et al.  The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing & other computational intelligence , 2016, 2016 IEEE Congress on Evolutionary Computation (CEC).

[10]  Yen-Kuang Chen,et al.  Challenges and opportunities of internet of things , 2012, 17th Asia and South Pacific Design Automation Conference.

[11]  Weidong Li,et al.  Cloud Manufacturing: Distributed Computing Technologies for Global and Sustainable Manufacturing , 2013 .

[12]  Jia Di,et al.  A Hardware Threat Modeling Concept for Trustable Integrated Circuits , 2007, 2007 IEEE Region 5 Technical Conference.

[13]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[14]  Rajkumar Roy,et al.  IoT security hardware framework for remote maintenance of legacy machine tools , 2017, ICC.

[15]  Sang Do Noh,et al.  Smart manufacturing: Past research, present findings, and future directions , 2016, International Journal of Precision Engineering and Manufacturing-Green Technology.

[16]  Zuraini Ismail,et al.  A Tree Model for Identification of Threats as the First Stage of Risk Assessment in HIS , 2012, J. Information Security.

[17]  Carmen C. Y. Poon,et al.  A review on body area networks security for healthcare , 2011 .