Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Title Page
Copyright and Credits
Practical Industrial Internet of Things Security
Dedication
Packt Upsell
Why subscribe?
PacktPub.com
Foreword
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Disclaimer
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
An Unprecedented Opportunity at Stake
Defining the Industrial IoT
Industrial IoT, Industrial Internet, and Industrie 4.0
Consumer versus Industrial IoT
Industrial IoT security – a business imperative
Cybersecurity versus cyber-physical IoT security
What is a cyber-physical system?
Industrial "things," connectivity, and operational technologies
Operational technology
Machine-to-Machine
An overview of SCADA, DCS, and PLC
Industrial control system architecture
ICS components and data networks
ICS network components
Fieldbus protocols
IT and OT convergence – what it really means
Industrial IoT deployment architecture
Divergence in IT and OT security fundamentals
Operational priorities
Attack surface and threat actors
Interdependence of critical infrastructures
Industrial threats, vulnerabilities, and risk factors
Threats and threat actors
Vulnerabilities
Policy and procedure vulnerabilities
Platform vulnerabilities
Software platform vulnerabilities
Network vulnerability
Risks
Evolution of cyber-physical attacks
Industrial IoT use cases – examining the cyber risk gap
Energy and smart grids
Manufacturing
Cyberattack on industrial control systems – Stuxnet case study
Event flow
Key points
Risk gap summary
Smart city and autonomous transportation
Healthcare and pharmaceuticals
The ransomware attack on the healthcare enterprise – "WannaCry" case study
Cyber risk gap summary
Summary
Industrial IoT Dataflow and Security Architecture
Primer on IIoT attacks and countermeasures
Attack surfaces and attack vectors
OWASP IoT attack surfaces
Attack trees
Fault tree analysis
Threat modeling
STRIDE threat model
DREAD threat model
Trustworthiness of an IIoT system
Industrial big data pipeline and architectures
Industrial IoT security architecture
 Business viewpoint
 Usage viewpoint
Functional viewpoint
Implementation viewpoint
IIoT architecture patterns
Pattern 1 – Three-tier architectural model
Pattern 2 – Layered databus architecture
Building blocks of industrial IoT security architecture
A four-tier IIoT security model
Summary
IIoT Identity and Access Management
A primer on identity and access control
Identification
Authentication
Authorization
Account management
Distinguishing features of IAM in IIoT
Diversity of IIoT endpoints
Resource-constrained and brownfield considerations
Physical safety and reliability
Autonomy and scalability
Event logging is a rarity
Subscription-based models
Increasing sophistication of identity attacks
Risk-based access control policy
Identity management across the device lifecycle
Authentication and authorization frameworks for IIoT
Password-based authentication
Biometrics
Multi-factor authentication
Key-based authentication
Symmetric keys
Asymmetric keys
Zero-knowledge keys
Certificate-based authentication
Trust models – public key infrastructures and digital certificates
PKI certificate standards for IIoT
ITU-T X.509
IEEE 1609.2
Certificate management in IIoT deployments
Extending the OAuth 2.0 authorization framework for IoT access control
IEEE 802.1x
Identity support in messaging protocols
MQTT
CoAP
DDS
REST
Monitoring and management capabilities
Activity logging support
Revocation support and OCSP
Building an IAM strategy for IIoT deployment
Risk-based policy management
Summary
Endpoint Security and Trustworthiness
Defining an IIoT endpoint
Motivation and risk-based endpoint protection
Resource-constrained endpoint protection
Brownfield scenario considerations
Endpoint security enabling technologies
IIoT endpoint vulnerabilities
Case study – White hack exposes smart grid meter vulnerability
Use case
Developing the exploit
Demonstration
Establishing trust in hardware
Hardware security components
Root of trust – TPM, TEE, and UEFI
Securing secrets, or sealing
Endpoint identity and access control
Initialization and boot process integrity
Establishing endpoint trust during operations
Secure updates
A trustworthy execution ecosystem
Endpoint data integrity
Endpoint configuration and management
Endpoint visibility and control
Endpoint security using isolation techniques
Process isolation
Container isolation
Virtual isolation
Physical isolation
Endpoint physical security
Machine learning enabled endpoint security
Endpoint security testing and certification
Endpoint protection industry standards
Summary
Securing Connectivity and Communications
Definitions – networking, communications, and connectivity
Distinguishing features of IIoT connectivity
Deterministic behavior
Interoperability – proprietary versus open standards
Performance characteristics – latency, jitter, and throughput
Legacy networks with disappearing air gaps
Access to resource-constrained networks
Massive transition by connecting the unconnected
IIoT connectivity architectures
Multi-tier IIoT-secured connectivity architecture
Layered databus architecture
Controls for IIoT connectivity protection
Secure tunnels and VPNs
Cryptography controls
Network segmentation
Industrial demilitarized zones
Boundary defense with firewalls and filtering
Comprehensive access control
Core and edge gateways
Unidirectional gateway protection
Asset discovery, visibility, and monitoring
Physical security – the first line of defense
Security assessment of IIoT connectivity standards and protocols
Fieldbus protocols
Connectivity framework standards
Data Distribution Service
DDS security
oneM2M
oneM2M security
Open Platform Communications Unified Architecture (OPC UA)
OPC UA security
Web services and HTTP
Web services and HTTP security
Connectivity transport standards
Transmission Control Protocol (TCP)
TCP security
User Datagram Protocol (UDP)
UDP security
MQTT and MQTT-SN
MQTT security
Constrained Application Protocol (CoAP)
CoAP security
Advanced Message Queuing Protocol (AMQP)
Connectivity network standards
Data link and physical access standards
IEEE 802.15.4 WPAN
IEEE 802.11 wireless LAN
Cellular communications
Wireless wide area network standards
IEEE 802.16 (WiMAX)
LoRaWAN
Summary
Securing IIoT Edge, Cloud, and Apps
Defining edge, fog, and cloud computing
IIoT cloud security architecture
Secured industrial site
Secured edge intelligence
Secure edge cloud transport
Secure cloud services
Cloud security – shared responsibility model
Defense-in-depth cloud security strategy
Infrastructure security
Identity and access management
Application security
Microservice architecture
Container security
Credential store and vault
Data protection
Data governance
Data encryption
Key and digital certificate management
Securing the data life cycle
Cloud security operations life cycle
Business continuity plan and disaster recovery
Secure patch management
Security monitoring
Vulnerability management
Threat intelligence
Incident response
Secure device management
Cloud security standards and compliance
Case study of IIoT cloud platforms
Case study 1 – Predix IIoT platform 
Case study 2 – Microsoft Azure IoT 
Case study 3 – Amazon AWS IoT 
Cloud security assessment
Summary
Secure Processes and Governance
Challenges of unified security governance
Securing processes across the IIoT life cycle
Business cases
System definitions
Development
Deployment
Evaluating security products
Operations
Understanding security roles
Solution provider
Hardware manufacturers
Industry governance
Solution owner
Elements of an IIoT security program
Risk assessment
Regulatory compliance
Security policy
Security monitoring
Security analysis
Incident response and management
Security audits
Security maturity model
Implementing an IIoT security program
Establishing an IIoT security team
Deciding on regulatory compliance
Assessing and managing risks
Managing third-party security
Enforcing the security policy
Continuous monitoring and analysis
Conducting security training
Implementing incident management
Defining security audits
Security revisions and maturity
Summary
IIoT Security Using Emerging Technologies
Blockchain to secure IIoT transactions
Public and private blockchains
Digital identity with blockchains
Securing the supply chain
Blockchain challenges
Cognitive countermeasures – AI, machine learning, and deep learning
Practical considerations for AI-based IIoT security
Time-sensitive networking – Next-gen industrial connectivity
Time synchronization
Traffic scheduling
Network and system configuration
TSN security 
Other Promising Trends
Summary
Real-World Case Studies in IIoT Security
Analysis of a real-world cyber-physical attack
Background and impact
The sequence of events
Exploit loopholes to perform the attack
Trigger the attack with impact
Impair operations and delay recovery
Inside the attack anatomy
Reconnaissance
Spear phishing
Credential theft
Data exfiltration
Remote access exploit
Impair recovery – Malicious firmware, TDOS, and UPS failure
Cyber-physical defense – Lessons learned
Case study 2 – Building a successful IIoT security program
Background
Defining the security program
Implementation
Concluding remarks
Case study 3 – ISA/IEC 62443 based industrial endpoint protection
Background
Solution
Concluding remarks
Summary
The Road Ahead
An era of decentralized autonomy
Endpoint security
Standards and reference architecture
Industrial collaboration
Interoperability
Green patches in brownfield
Technology trends
Summary
I
II
Security standards – quick reference
Device endpoint security
Industrial connectivity infrastructure security
Edge-cloud security
Other Books You May Enjoy
Leave a review - let other readers know what you think
← Prev
Back
Next →
← Prev
Back
Next →