This presentation was originally delivered during the IoT Integrator Summit on Securing Edge Computing, which took place from July 14-16, 2020. You can view the full event summary and as well as access additional sessions from the IoT Integrator Summit here.
In this session recording, you will learn about IoT deployment methods and architectures that provide the highest levels of security.
Watch the video or peruse the notes from the session below.
The deployment of IoT devices in industrial settings presents many unique security challenges. In many cases, the complexity of integration and approvals for connectivity can seriously challenge the business case for adopting new technologies. Barriers to implementation also limit access to powerful cloud-based applications.
The use of well-defined security frameworks and deterministic security technology can dramatically reduce the risk introduced by connected devices and accelerate adoption.
This talk introduces two integration strategies that have been successfully deployed with minimal disruption to OT operations and with no increase to the plant’s exposure to external threats.
It also highlights the importance of emerging hardware-based security technology that can be used to provide high-assurance protection and protocol validation for connected IoT devices.
Looking for content from other IoT Integrator Summit Sessions?
Industrial IoT deployment connected devices
Traditionally, IoT devices are designed in a consistent way. This design is based on the idea that a company is running an industrial style network. These devices may include:
- Purdue Model
The Purdue Model is a hierarchical structure that defines segments. Each network layer has proxy servers to transition the data from one segment to the next. Using proxy servers means that there is no outside connection to the data. The main challenge of the Purdue Model is that there is a complicated approval process to get data from one layer to the next.
While cleverly designed, these devices can also become a challenge when operators try to establish direct connections to the cloud. This gives operators two choices: route the data through a complex security framework and then into the cloud or establish a direct connection to the cloud. When operators choose the latter, they are putting data at risk.
Best practices in industrial control systems security can be found in these guides: NIST 800-53 and NIST 800-82. These are used as a security framework checklist and list out policies and recommendations. While these guides are great for IoT deployments, they are not as useful for designs.
Benefits of cloud connectivity in IoT devices
Even though there are risks in connecting industrial systems to the cloud, there are also immense benefits.
- Vendors can remotely diagnose devices.
- Users can prepare for device downtime with predictive failure analysis.
- Optimal maintenance schedules make it easier to receive maintenance.
- Process optimization allows users to see how they are doing compared to others.
- Operators have access to enhanced vendor services.
- There are advanced support options from vendors through bundled packages.
IoT security framework
With so many security threats in cloud connectivity, many industrial IoT deployers use gateways to reduce risk. These gateways typically include the following components.
- Secure VPN
- Dual-factor authentication
- Secure remote connection
- Local application for pre-processing
- Firewall of local network
What many industrial IoT integrators don’t know is that using these security measures themselves have inherent risks. VPNs and firewalls may be advertised as completely secure and sealed off. There is still a backdoor entrance from the vendor's side of things that poses a security risk. While these challenges may seem impossible to overcome, there are things that businesses can do to protect data:
- Any pre-processing should be isolated from security measures.
- Implement strict flow control so that data only goes one way.
- Use recurring design patterns.
Design patterns for Industrial IoT deployments
There are a few different design patterns that IoT integrators can use to optimize and enhance their security gateways.
- External sensors (video, vibration or temperature processors) that watch the process but aren’t connected to the process have a straightforward pattern. These sensors can go through an external gateway and connect directly to the cloud. This pattern is simple because data from these sorts of external sensors is not sensitive and therefore would not pose a threat to the process if infiltrated.
- The internal integrated design pattern is most common in vendor machines and equipment. For example, a vendor may sell you a robot machine controller and want to monitor the parts for service and diagnostic purposes. The best way to set up your external gateway in this situation is to make sure that it is a one-way system. The data should only go from the machine into the internet, not the other way around. This pattern should include an approval process to make sure that everything that is happening is supposed to be happening.
- External integrated design patterns are more complicated because they are a combination of the two prior patterns. An external integrated system would be in play if an external sensor wanted to send data externally to the cloud and internally to the process. In this case, there would be an internal and external gateway. The internal gateway would have to be programmed to only allow the needed data to get through to the equipment from the sensors. The external gateway would be the same in design as a in option two above.
Q & A From listeners
Brian Romansky answers questions directly from our listeners.
Q: Does Owl Cyber Defense meet IEC 62443 (specifically 33, 41, 42) requirements?
A: Owl Cyber Defense is not certified in IEC 62443, but meets and exceeds all of the requirements. Owl Cyber Defense, if certified, would meet a Level 4 certification which is the highest level for an individual device.
Q: Do you recommend the use of data diodes while connecting IIoT devices to the cloud to ensure unidirectional communication from the trusted zone to the untrusted zone?
A: Absolutely. If there is no reason for the cloud to have any control of the IIoT device, then data diodes can help ensure a one-way flow of data. This is considered best practice for IoT device frameworks.
Q: Do you recommend your data diode solution to work in HA mode to prevent any security issues due to hardware failure?
A: Owl Cyber Defense does offer products with automatic failover and high availability support. It really depends on the application. If you are using a sensor with a failure automation feature, then high availability is less critical because you will be alerted to the issues right away.
Q: Would you recommend ISA 100 compliance for any wireless devices from an IIoT standpoint?
A: Yes, ISA 100 certification is recommended. Owl Cyber Defense does not have the certification but meets all of the requirements. While these certifications are great for trust purposes, it all comes down to configuration. If the system is misconfigured, it doesn’t matter what certification someone has because the system will have security faults.
Read the Complete IoT Security Guide
Everything you need to know about securing your IoT or IIoT deployment.
Creating business value through innovation and delivering new products to new market segments are at the core of my professional development. I have a strong emphasis on a user centered approach to identifying business opportunities and new product features. My experience spans deep technical work in information security and image processing, new concept identification and evaluation, and execution of aggressive new business plans to create growth.
Specialties: disruptive innovation, user centered design, business model creation and validation, technology management and product execution.
About Owl Cyber Defense
Owl Cyber Defense leads the world in data diode and cross domain network cybersecurity. With a constant focus on customers in the military, government, critical infrastructure, and commercial communities, Owl develops market-first, one-way data transfer products to meet a variety of operational needs, from entry level to enterprise.