Industrial companies are increasingly implementing the Internet of Things (IoT) on the factory floor and in the field. Such largescale end-to-end Internet Protocol (IP) connectivity will doubtless facilitate many more capabilities at the edge of these networks, but at the same time, it presents a huge security threat. IIoT enabled Operations Technology (OT) offers a much larger surface prone to cyber-attack than the IT space where by comparison the volumes of data are lower and its comings and goings can be more precisely controlled.
In the industrial sector, huge amounts of data are being processed at the edge and sent back to the cloud for further analysis and used by different applications. These applications as well as the operating systems they reside on, communicate with physical devices through device drivers and firmware. Attackers can exploit these special classes of software to subvert and compromise hardware. Every single device and sensor in the IoT represents a potential risk but today significant numbers of IoT devices are not being used with security in mind. Many are easily available for physical access.
It’s therefore not surprising that for many companies, security is a major and growing priority even though a few may still prefer to delay the harnessing of the full potential benefits of the IIoT if it means security pressure points can be postponed a little while longer. Inevitably, however, all industrial companies will need to take ongoing action to more securely share and analyse critical real-time data. This has to be the end game.
For this to happen it is important to not only secure assets, but also secure the communication links themselves. After all, IIoT networks may span many miles with potentially hundreds of thousands of data points.
Figure 1. (MQTT Diagram) shows a simple sensor setup which is connected via ISO standard MQTT (Message Queuing Telemetry Transport). This is a widely used protocol in IoT and located on the application layer, such as HTTP, FTP, or DNS on top of TCP/IPN Ethernet.
It is a simple subscribe and publish protocol that allows a sensor, or publisher, to publish its data as a topic. In this example, we have the topic “Factory 1, floor 1, robot 3, oil temperature”, which is regularly published by one sensor. If another client is working as a process monitor, it can subscribe to “Factory 1, floor 1, robot 3, #” and then get all that data.
Now, let’s apply our first security rule here, where every access should be authenticated…