trustworthy iot for - ocg · iot becomes a key enabler in these industries • iot enabled...
TRANSCRIPT
TRUSTWORTHY IOT FOR INDUSTRIAL APPLICATIONSWhy we need a holistic approach towards IoT (security)
Dr. Mario Drobics
325.01.2018
Digitalization accelerates the industrial
processes and enables new businesses …
… but the use of IoT in the cyber-physical world also
raises new threats on object, persons and businesses
To enable the full
potential of IoT we
need a holistic
approach
425.01.2018
• Gartner estimates 8.4B connected things will be in use worldwide in 2017,
up 31% from 2016, and will reach 20.8 billion by 2020.
• Internet of Things (IoT) sensors and devices are expected to exceed mobile
phones as the largest category of connected devices in 2018, growing at a
23% compound annual growth rate (CAGR) from 2015 to 2021.
• Ericsson predicts there will be a total of approximately 28B connected
devices worldwide by 2021, with nearly 16B related to IoT.
IOT WILL BE EVERYWHERE
Image Source: Ericsson Mobility Report; June 2016
Internet
Of
Things
525.01.2018
DRIVERS OF IOT DEVELOPMENTTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Internet
Of
Things
625.01.2018
Policies Standards
Use-Cases Domains
Applications Cloud
Devices IoT
IOT STACK Technolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
725.01.2018
OUTLOOK 2018Technolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
825.01.2018
OUTLOOK 2018 – EDGE/FOG COMPUTINGTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
Decentralization of computation & processing power
9
EDGE/FOG COMPUTING
Cloud
10^6 Data Centers
Fog
10^8 Nodes
Edge
10^10 Devices
25.01.2018
10
Decentralization of computation & processing power
• Supported by 5G development
Processing on network nodes close to the device (fog) or the device itself (edge)
Reduce amount of data sent to and processed in the cloud
Aggregation of local information across different nodes/devices
New services
Enables (close to) real-time applications using remote services (low latency)
( Infrastructure/Production/Mobility)
New devices
New physical layer elements for low-latency applications
Enrich devices with enhanced functionality ( AI, Immersion)
New business models
Selling processing power for local applications
Need for trust & specific security and management mechanisms
EDGE/FOG COMPUTING
25.01.2018
1125.01.2018
OUTLOOK 2018 – BLOCKCHAINTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
25.01.2018
1225.01.2018
Principal concept of blockchains is highly compatible with IoT
• Decentralized approach
• Many partners
• Limited trust between partners
• Need for interaction & exchange
• Ledger for transaction between “robots”
Blockchain is more than bitcoin & crypto currencies
• Shift from Proof-of-Work to Proof-of-Stake enables IoT devices to participate
Applications in the IoT context
• Distributed ledger for device registry (type, ownership, etc.)
• Documentation & validation of data across partners (e.g. for logistics)
• Smart contracts for service provision (e.g. selling sensor data)
Potentially disruptive impact on existing business models of intermediaries
BLOCKCHAIN
1325.01.2018
OUTLOOK 2018 – ARTIFICIAL INTELLIGENCETechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
1425.01.2018
Centralized AI services become widely available
• Preconfigured applications for specific domains readily available
• Localized services support low-latency responses ( Edge/Fog)
IoT provides relevant input to connect AI to the world
AI can also create the “meaning” to interpret the different IoT inputs
Applications
• Automate IoT maintenance and operation (e.g. prescriptive maintenance)
• Network security (e.g. network anomaly detection)
• Simplifies user-interaction within complex (IoT) environments by providing an
“integrated view” Immersion
ARTIFICIAL INTELLIGENCE
1525.01.2018
OUTLOOK TO 2018 - IMMERSIONTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
1625.01.2018
IMMERSION
Omnipresent IoT devices and AI powered processing enable
new types of interaction
• Interfaces become ubiquitous available
• Interfaces become situation aware and self-responding
• Interfaces access not only a single app, but an ecosystem
Border between interface and real-world dissolves
Enabled by high volume wireless networks (5g)
Applications
• Augmented reality for production processes
• Situation aware support for maintenance tasks
In 2018, Smart Home will be the showcase for more immersive interaction
1725.01.2018
Immersion
New Interaction
Example Philips Hue (not yet useful approach):
• Synchronization of lighting to videos
• Integration of Razor‘s Chroma lights
Automation
What can I help you
with?
Detected you might
be cold …
Contents +
Infrastructure
• Cross-app collaboration
• Interactions across essentials in the
room
• Voice trend continued Digital
assistants
• Presence (“Heating, I am home”)
• Habits with weak “localized” AI
• Why did it play (this) music?
• Why was the room temperature raised?
AI
AI
interconnection
IMMERSION
1825.01.2018
OUTLOOK 2018 – PRIVACY (GDPR)Technolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
1925.01.2018
PRIVACY (GDPR)
GDPR forces significant changes in handling personal information
• Consent on collecting all data needs to be given
• Responsibilities need to be clear
• Mandatory notification regime in the event of personal data breaches
• Data needs to be secured (privacy by design and by default)
Challenge also for (IoT) services (e.g. AI, Immersion)
• Applies to consumer and industrial setting
(e.g. tracking of employees, tracking of products)
Need for new privacy-preserving solutions
• Methods & know-how for privacy-by-design
• Keeping data local ( Edge Computing)
• Alternative approaches ( Blockchain)
• Need for training (cyber range)
For consumers, IoT is the cloud; Smart home as privacy battleground
2025.01.2018
Thief or delivery?
Who ordered that?
Who killed them?
Convenience trend
• Automation, lowered control
• Intensified data collection
• Everyone talks to everyone via the
cloud
• Can we do the same more locally?
Personalization trend
• Protection against cross-app attacks
• Protection against sharing accounts of
delay lives (personal data, …)
• Data tracking will be more personal
Public data requests
• Do data requests pay of? Likely, yes
more data requests to be exptected
• Stealing personal data more likely
vs. Cloud
More local or not?
+
-
+
-
-
~
-
-
-
PRIVACY (GDPR)
2125.01.2018
Openness, transparency,
and a specified purpose Identity
privacy
Temporal and location privacy
Query privacy
Access controlSecurity Interoperability
Data minimization
Accountability
Security
Characteristics of a tentative privacy
framework for the IoT
IOT PRIVACY FRAMEWORK
CHARACTERISTICS
Source: Porambage et.al., “The Quest for Privacy in the Internet of Things”, IEEE Cloud Computing, Vol.3/2, 2016.
2225.01.2018
OUTLOOK 2018 – NET NEUTRALITYTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
2325.01.2018
NET NEUTRALITY
IoT relies strongly on free flow of information
Possible impacts due to loss of net neutrality
• Loss in variety
QoS only for premium services but IoT involves lot of crowd-sourced data
• Loss in innovation
Big players or operators can hamper small (independent) companies in
delivering their services
Scenario
• Smart heating services from small companies can be hampered by ISPs
to support their own solution
2425.01.2018
OUTLOOK 2018 – INFRASTRUCTURES,
PRODUCITON & MOBILITYTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
2525.01.2018
IoT becomes a key enabler in these industries
• IoT enabled infrastructure supported by low-power networks
(LoRaWAN, Sigfox, etc.)
• Use of IoT shifts from singular usage to large scale applications
• Composite digital twins will gain momentum
• IoT together with AI enable to provide context-sensitive information for
highly complex systems (right information at the right place & time)
Transformation of technical- and business processes
• Reduced time-to-market
• Increased quality
• New services & businesses
INFRASTRUCTURES,
PRODUCTION & MOBILITY
TRANSFORMATION OF
INDUSTRIAL & BUSINESS PROCESSES
26
Industry 3.0 Pyramid Factory Model Industry 4.0 Smart Factory Model
Image Source: Plattform Industrie 4.0 – RAMI 4.0
25.01.2018
2725.01.2018
DIGITAL INFRASTRUCTURES
Connected
CarsIndustry
4.0
Smart
grid eHealth
Smart
City
Digital
TransportCommunication
Finance Supply
chain
Energy
Industry 4.0
IoT Communication
Supply Chains
Finance
2825.01.2018
OPPORTUNITIES OF INDUSTRIAL IOT
TechnicalLevel
ProcessLevel
BusinessLevel
Flexible business models
New value chains
Traceability
Better protection of
IP
Higher throughput
Optimized production
Better maintenance
Individualized production
Increased product quality
Faster development
cycles
Continuous product
improvement
CustomerInsights
Increased robustness of
production processes
Intelligent
Support
2925.01.2018
CHALLENGES OF INDUSTRIAL IOT
•Merging products and services
•Enabling multiple value chains
•Acting simultaneously as producer and customerNew business models
•Understanding user needs by getting operational data
•Ensuring operation and interoperability over lifetime
•Providing product and security updates over lifetime
Management of products and services over lifetime
•Batch size 1
•Production on demand (what, where and when)
•Tracking products from production to delivery
Individualization & traceability of
(production) processes
•Integration with legacy systems
•Ensuring semantic interoperability across manufacturers & suppliers
•Enabling high scalability of components in operation
Interoperability and scalability of systems
•Roll-out usable & scalable security
•Ensuring trust & privacy during production across manufacturers & suppliers
Safety & security in distributed environments
•Synchronize operation of production facilities in millisecond range
•Synchronize production between production plants across countries and manufacturers
Synchronizing on micro and macro level
TechnicalLevel
ProcessLevel
BusinessLevel
3025.01.2018
INDUSTRY 4.0 –
OPPORTUNITIES FOR VALUE CREATION
Image Source: AVL
3125.01.2018
OUTLOOK 2018 – SAFETY CRITICALTechnolo
gic
al
De
ve
lopm
ent
Users
& S
ocie
ty
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
3225.01.2018
• IoT is becoming widely applied in safety-critical environments
• Combination of IT and OT raises new challenges
• IoT affects both IT and OT
• Different regulations, needs and tools
• Complexity of IoT networks requires specific security approaches
Combined approach towards safety & security
Specific tools & methods to ensure safety & security
Security and safety must be ensured along the product lifecycle
IOT BECOMES SAFETY-CRITICAL
3325.01.2018
Protected using
IoT..
..but also
endangered by
unsecure IoTConnecting the virtual
and physical world
raises now threats
3425.01.2018
The connection of virtual and physical world, raises new dangers:
• 2013, Austrian PowerGrid almost shut down by misguided control
command from German gas system
• 2015, German steel mill in Germany was
hacked causing massive damage
• 2015, Jeep Cherokee hacked,
including steering and braking system
• 2016, Ukraine power grid was
hacked and partially taken down
• 2016, DDoS attack by botnet of
hacked IoT devices
• 2018, ???
IOT BECOMES SAFETY-CRITICAL
Image Source: https://www.sentryo.net/cyberattack-on-a-german-steel-mill/
3525.01.2018
The New Model for Digital Security
SAFETY, RELIABILITY AND PRIVACY:
DIGITAL SECURITY IMPERATIVES
Privacy
Safety
Reliability
Confidentiality
Integrity
Availability
People
En
viro
nm
en
tD
ata
Lifecycle Management
IoT
3625.01.2018
SAFETY & SECURITY CO-DESIGN
IEC TC65 WG20 “Industrial-process measurement, control and automation – Framework to bridge the requirements for safety and security”
3725.01.2018
BALANCE OF RISK AND RESILIENCE
RISK
• Governance
• Compliance
• Control
• Protection
RESILIENCE
• Reliability
• Speed
• Assurance
• Openness
Privacy
Safety Value
Costs
3825.01.2018
• Fit-for-Purpose
• Physical
• Safety
• Embedded
• Variety of Types
• High Velocity
• Dynamic Network Graphs
• Myriad Platforms
• Age
• Protocols, Types
• Varied Vendors
• Millions of Devices
• Multiple Networks
• Big Data, BIG Data
• Longer Supply Chains
Scale Diversity
FunctionDynamics
WHAT IS DIFFERENT ABOUT IOT
SECURITY?
IoT
3925.01.2018
PERMEATION OF TRUST
Source: Industrial Internet Consortium Security Working Group, “Industrial Internet of Things Volume G4: Security Framework,” 2016.
4025.01.2018
• Detect incidents
• Confirm andprioritize risks
• Contain incidents
• Remediate
• Design / modelpolicy change
• Investigate incidents / retrospective analysis
• Harden systems
• Isolate systems
• Prevent attacks
• Risk-prioritizedexposure assessment
• Anticipatethreats/attacks
• Baseline systems andsecurity posture
Predict Prevent
DetectRespond
ADAPTIVE SECURITY ARCHITECTURE
Adaptive
Security
4125.01.2018
SECURITY IS A KEY ISSUE TO YOUR BUSINESS
Your brand will be held
responsible for all security
issues!
4225.01.2018
HOLISTIC APPROACH TOWARDS IOT
Regulations & standardsto support trust across platforms
Information & competence
to raise awareness and provide support
Integrated training and education
to empower people & companies
Tools and methodsto enable safe & secure solutions
• 180+ experts (1/3 with PhD): 51% Scientists, 39% Engineers, 10% Admin
• 50% of new employees with international education
• 30+ EU running projects
• Strategic partners:
New Sensor Technologies
Intelligent Cameras & Video Analytics
43
AIT – CENTER FOR DIGITAL SAFETY & SECURITY
Dependable Systems Engineering
Video Analytics
Digital Identity Management
Design & Dev. of Embedded Vision Systems
Safety & Security Co-Engineering
Automated Test Case Generation
V&V of Complex Systems
Runtime Verification
Predictive System Health Monitoring
Late-stage software customization
Automated Backdoor Analysis
Adaptive Systems Analysis
Security for Industrial Control Systems
Cyber Attack Information System (CAIS)
Cyber Incident Information Sharing (CIIS)
Cloud Security
Risk Management
Security by Design
Cryptography
Cyber Range
Data Science
Machine Learning
Scalable Data Analytics
Blockchain Technologies
Physical Layer Security
Wireless M2M Communication
5G & Broadband Technologies
Optical Quantum Technologies
Crisis and Disaster Management
IoT Sensor Networks
Command & Control Systems
Community Engagement
Environmental Management
Opt. Sensor Systems for Industrial Processes
3D Scene and Motion Analysis
Situational Awareness & Decision Support
Cyber Security
Highest System ReliabilitySurveillance and Protection Critical Cyber Infrastructures
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
THANK YOU!
Dr. MARIO DROBICSSenior Research Engineer
Center for Digital Safety & Security
Information Management
AIT Austrian Institute of Technology GmbH
Donau-City-Straße 1 | 1220 Wien, Austria
T +43 50550-4810 | M +43 664 8251007
[email protected] | www.ait.ac.at