CYBERSECURITY
SECURING THE IOT BY DESIGN Joe Lomako offers advice on the preventative measures that can be taken to secure processes against cyber attacks.
A
s devices, systems and processes become increasingly digitised and interconnected, the Internet of Things (IoT) offers opportunities for industry. However, the same technologies which enable value creation, also provide new attack surfaces for cyber criminals. In the IoT age, every wireless-enabled product represents a potential threat to data security and privacy, but proactive, robust security planning enables a manufacturer to manage cybersecurity risk to mitigate attacks. Preventative security measures should begin at the design phase, or even the concept phase, employing the principle of ‘Secure by Design’. Although, as the name suggests, this is aimed at the design stage, it is important to understand that security is a continuous process. So, the Secure by Design principal is sensible. However, that in itself has to be defined. This process should therefore begin with an assessment of the business
impact and probability of risks. Without clearly understanding and prioritising risks, it is not possible to determine the appropriate security requirements for that product and indeed of the IoT system as a whole.
Evaluation After risks are understood, the next step is to evaluate the hardware and software – the ‘attack surface’. Testing of the individual components against requirements determined by the risk assessment is the foundation of a secure product. Security is very difficult to install as a software add-on after product development. Every aspect must therefore be assessed for vulnerabilities, including device hardware (chipsets, sensors and actuators), wireless communication modules and protocols, device firmware (OS and embedded applications), cloud platforms and applications. Following component testing, an endto-end assessment should be performed to determine the attack resilience of the individual components and support services. It is important that this process is continuous. The questions, ‘have we found every vulnerability?’ or ‘have we introduced new vulnerabilities?’ are always in the air. Thus, implementing a
process of security validation for updates during the product lifecycle is also important. There is often a perception that because a system is complex that it is automatically secure. Unfortunately this is not always the case. The introduction of the NIS Directive (security of network & information systems) in Europe is intended to improve this situation, but uptake is slow, as is the introduction of the standards required to assist in improving cyber security. However, standards do exist, or are being developed by international organisations, aimed at providing baseline protection which would help to deliver basic security provisions for a first line in cyber defence. The two main standards for IoT devices are NIST 8259 (US) and Draft EN 303 645 (EU). The scope of the NIST has been written with the intent to address a wide range of IoT type products, which have at least one transducer. So, it follows that it can apply to Industry 4.0 products. More importantly this standard has been mandated in California under State Bill No. 327, and it will likely pervade across the US. However, the scope of the Draft EN 303 645 standard is aimed only at consumer IoT devices, so is not applicable for industrial products, although the general principles therein can certainly be applied generically to afford some modicum of protection.
Taking control
Every wireless device represents a potential threat to data security.
12
September 2020
www.controlengeurope.com
There is some debate that the present cyber security standards are lacking detail and do not adequately cover the scope of typical industrial applications. So, manufacturers should consider their own programmes and a starting point would be: • Think ‘Secure by design’ and take a proactive approach to cybersecurity recognising that attacks are ‘when not if’. Control Engineering Europe
