Practical Industrial Internet of Things Security

Book description

Skillfully navigate through the complex realm of implementing scalable, trustworthy industrial systems and architectures in a hyper-connected business world.

Key Features

  • Gain practical insight into security concepts in the Industrial Internet of Things (IIoT) architecture
  • Demystify complex topics such as cryptography and blockchain
  • Comprehensive references to industry standards and security frameworks when developing IIoT blueprints

Book Description

Securing connected industries and autonomous systems is a top concern for the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security is an intricate discipline that directly ties to system reliability as well as human and environmental safety. Practical Industrial Internet of Things Security enables you to develop a comprehensive understanding of the entire spectrum of securing connected industries, from the edge to the cloud.

This book establishes the foundational concepts and tenets of IIoT security by presenting real-world case studies, threat models, and reference architectures. You'll work with practical tools to design risk-based security controls for industrial use cases and gain practical know-how on the multi-layered defense techniques including Identity and Access Management (IAM), endpoint security, and communication infrastructure. Stakeholders, including developers, architects, and business leaders, can gain practical insights in securing IIoT lifecycle processes, standardization, governance and assess the applicability of emerging technologies, such as blockchain, Artificial Intelligence, and Machine Learning, to design and implement resilient connected systems and harness significant industrial opportunities.

What you will learn

  • Understand the crucial concepts of a multi-layered IIoT security framework
  • Gain insight on securing identity, access, and configuration management for large-scale IIoT deployments
  • Secure your machine-to-machine (M2M) and machine-to-cloud (M2C) connectivity
  • Build a concrete security program for your IIoT deployment
  • Explore techniques from case studies on industrial IoT threat modeling and mitigation approaches
  • Learn risk management and mitigation planning

Who this book is for

Practical Industrial Internet of Things Security is for the IIoT community, which includes IIoT researchers, security professionals, architects, developers, and business stakeholders. Anyone who needs to have a comprehensive understanding of the unique safety and security challenges of connected industries and practical methodologies to secure industrial assets will find this book immensely helpful. This book is uniquely designed to benefit professionals from both IT and industrial operations backgrounds.

Publisher resources

View/Submit Errata

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Practical Industrial Internet of Things Security
  3. Dedication
  4. Packt Upsell
    1. Why subscribe?
  5. Foreword
  6. Contributors
    1. About the author
    2. About the reviewer
    3. Packt is searching for authors like you
  7. Disclaimer
  8. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the color images
      2. Conventions used
    4. Get in touch
      1. Reviews
  9. An Unprecedented Opportunity at Stake
    1. Defining the Industrial IoT
      1. Industrial IoT, Industrial Internet, and Industrie 4.0
      2. Consumer versus Industrial IoT
    2. Industrial IoT security – a business imperative
    3. Cybersecurity versus cyber-physical IoT security
      1. What is a cyber-physical system?
    4. Industrial "things," connectivity, and operational technologies
      1. Operational technology
      2. Machine-to-Machine
      3. An overview of SCADA, DCS, and PLC
      4. Industrial control system architecture
        1. ICS components and data networks
        2. ICS network components
          1. Fieldbus protocols
    5. IT and OT convergence – what it really means
    6. Industrial IoT deployment architecture
    7. Divergence in IT and OT security fundamentals
      1. Operational priorities
      2. Attack surface and threat actors
        1. Interdependence of critical infrastructures
    8. Industrial threats, vulnerabilities, and risk factors
      1. Threats and threat actors
      2. Vulnerabilities
        1. Policy and procedure vulnerabilities
        2. Platform vulnerabilities
        3. Software platform vulnerabilities
        4. Network vulnerability
      3. Risks
    9. Evolution of cyber-physical attacks
    10. Industrial IoT use cases – examining the cyber risk gap
      1. Energy and smart grids
      2. Manufacturing
      3. Cyberattack on industrial control systems – Stuxnet case study
        1. Event flow
        2. Key points
        3. Risk gap summary
      4. Smart city and autonomous transportation
      5. Healthcare and pharmaceuticals
      6. The ransomware attack on the healthcare enterprise – "WannaCry" case study
        1. Cyber risk gap summary
    11. Summary
  10. Industrial IoT Dataflow and Security Architecture
    1. Primer on IIoT attacks and countermeasures
      1. Attack surfaces and attack vectors
        1. OWASP IoT attack surfaces
      2. Attack trees
      3. Fault tree analysis
      4. Threat modeling
        1. STRIDE threat model
        2. DREAD threat model
    2. Trustworthiness of an IIoT system
    3. Industrial big data pipeline and architectures
    4. Industrial IoT security architecture
      1.  Business viewpoint
      2.  Usage viewpoint
      3. Functional viewpoint
      4. Implementation viewpoint
      5. IIoT architecture patterns
        1. Pattern 1 – Three-tier architectural model
        2. Pattern 2 – Layered databus architecture
      6. Building blocks of industrial IoT security architecture
      7. A four-tier IIoT security model
    5. Summary
  11. IIoT Identity and Access Management
    1. A primer on identity and access control
      1. Identification
      2. Authentication
      3. Authorization
      4. Account management
    2. Distinguishing features of IAM in IIoT
      1. Diversity of IIoT endpoints
      2. Resource-constrained and brownfield considerations
      3. Physical safety and reliability
      4. Autonomy and scalability
      5. Event logging is a rarity
      6. Subscription-based models
      7. Increasing sophistication of identity attacks
      8. Risk-based access control policy
    3. Identity management across the device lifecycle
    4. Authentication and authorization frameworks for IIoT
      1. Password-based authentication
      2. Biometrics
      3. Multi-factor authentication
      4. Key-based authentication
        1. Symmetric keys
        2. Asymmetric keys
      5. Zero-knowledge keys
      6. Certificate-based authentication
    5. Trust models – public key infrastructures and digital certificates
    6. PKI certificate standards for IIoT
      1. ITU-T X.509
      2. IEEE 1609.2
      3. Certificate management in IIoT deployments
    7. Extending the OAuth 2.0 authorization framework for IoT access control
    8. IEEE 802.1x
    9. Identity support in messaging protocols
      1. MQTT
      2. CoAP
      3. DDS
      4. REST
    10. Monitoring and management capabilities
      1. Activity logging support
      2. Revocation support and OCSP
    11. Building an IAM strategy for IIoT deployment
      1. Risk-based policy management
    12. Summary
  12. Endpoint Security and Trustworthiness
    1. Defining an IIoT endpoint
      1. Motivation and risk-based endpoint protection
      2. Resource-constrained endpoint protection
      3. Brownfield scenario considerations
    2. Endpoint security enabling technologies
    3. IIoT endpoint vulnerabilities
      1. Case study – White hack exposes smart grid meter vulnerability
        1. Use case
        2. Developing the exploit
        3. Demonstration
    4. Establishing trust in hardware
      1. Hardware security components
      2. Root of trust – TPM, TEE, and UEFI
      3. Securing secrets, or sealing
    5. Endpoint identity and access control
    6. Initialization and boot process integrity
    7. Establishing endpoint trust during operations
      1. Secure updates
      2. A trustworthy execution ecosystem
    8. Endpoint data integrity
      1. Endpoint configuration and management
      2. Endpoint visibility and control
    9. Endpoint security using isolation techniques
      1. Process isolation
      2. Container isolation
      3. Virtual isolation
      4. Physical isolation
    10. Endpoint physical security
    11. Machine learning enabled endpoint security
    12. Endpoint security testing and certification
    13. Endpoint protection industry standards
    14. Summary
  13. Securing Connectivity and Communications
    1. Definitions – networking, communications, and connectivity
    2. Distinguishing features of IIoT connectivity
      1. Deterministic behavior
      2. Interoperability – proprietary versus open standards
      3. Performance characteristics – latency, jitter, and throughput
      4. Legacy networks with disappearing air gaps
      5. Access to resource-constrained networks
      6. Massive transition by connecting the unconnected
    3. IIoT connectivity architectures
      1. Multi-tier IIoT-secured connectivity architecture
      2. Layered databus architecture
    4. Controls for IIoT connectivity protection
      1. Secure tunnels and VPNs
      2. Cryptography controls
      3. Network segmentation
      4. Industrial demilitarized zones
      5. Boundary defense with firewalls and filtering
      6. Comprehensive access control
      7. Core and edge gateways
      8. Unidirectional gateway protection
      9. Asset discovery, visibility, and monitoring
      10. Physical security – the first line of defense
    5. Security assessment of IIoT connectivity standards and protocols
    6. Fieldbus protocols
    7. Connectivity framework standards
      1. Data Distribution Service
        1. DDS security
      2. oneM2M
        1. oneM2M security
      3. Open Platform Communications Unified Architecture (OPC UA)
        1. OPC UA security
      4. Web services and HTTP
        1. Web services and HTTP security
    8. Connectivity transport standards
      1. Transmission Control Protocol (TCP)
        1. TCP security
      2. User Datagram Protocol (UDP)
        1. UDP security
      3. MQTT and MQTT-SN
        1. MQTT security
      4. Constrained Application Protocol (CoAP)
        1. CoAP security
      5. Advanced Message Queuing Protocol (AMQP)
    9. Connectivity network standards
    10. Data link and physical access standards
      1. IEEE 802.15.4 WPAN
      2. IEEE 802.11 wireless LAN
      3. Cellular communications
      4. Wireless wide area network standards
        1. IEEE 802.16 (WiMAX)
        2. LoRaWAN
    11. Summary
  14. Securing IIoT Edge, Cloud, and Apps
    1. Defining edge, fog, and cloud computing
    2. IIoT cloud security architecture
      1. Secured industrial site
      2. Secured edge intelligence
      3. Secure edge cloud transport
      4. Secure cloud services
    3. Cloud security – shared responsibility model
    4. Defense-in-depth cloud security strategy
    5. Infrastructure security
    6. Identity and access management
    7. Application security
      1. Microservice architecture
      2. Container security
      3. Credential store and vault
    8. Data protection
      1. Data governance
    9. Data encryption
      1. Key and digital certificate management
    10. Securing the data life cycle
    11. Cloud security operations life cycle
      1. Business continuity plan and disaster recovery
      2. Secure patch management
      3. Security monitoring
      4. Vulnerability management
      5. Threat intelligence
      6. Incident response
    12. Secure device management
    13. Cloud security standards and compliance
    14. Case study of IIoT cloud platforms
      1. Case study 1 – Predix IIoT platform 
      2. Case study 2 – Microsoft Azure IoT 
      3. Case study 3 – Amazon AWS IoT 
    15. Cloud security assessment
    16. Summary
  15. Secure Processes and Governance
    1. Challenges of unified security governance
    2. Securing processes across the IIoT life cycle
      1. Business cases
      2. System definitions
      3. Development
      4. Deployment
        1. Evaluating security products
      5. Operations
    3. Understanding security roles
      1. Solution provider
      2. Hardware manufacturers
      3. Industry governance
      4. Solution owner
    4. Elements of an IIoT security program
      1. Risk assessment
      2. Regulatory compliance
      3. Security policy
      4. Security monitoring
      5. Security analysis
      6. Incident response and management
      7. Security audits
    5. Security maturity model
    6. Implementing an IIoT security program
      1. Establishing an IIoT security team
      2. Deciding on regulatory compliance
      3. Assessing and managing risks
      4. Managing third-party security
      5. Enforcing the security policy
      6. Continuous monitoring and analysis
      7. Conducting security training
      8. Implementing incident management
      9. Defining security audits
      10. Security revisions and maturity
    7. Summary
  16. IIoT Security Using Emerging Technologies
    1. Blockchain to secure IIoT transactions
      1. Public and private blockchains
      2. Digital identity with blockchains
      3. Securing the supply chain
      4. Blockchain challenges
    2. Cognitive countermeasures – AI, machine learning, and deep learning
      1. Practical considerations for AI-based IIoT security
    3. Time-sensitive networking – Next-gen industrial connectivity
      1. Time synchronization
      2. Traffic scheduling
      3. Network and system configuration
      4. TSN security 
    4. Other Promising Trends
    5. Summary
  17. Real-World Case Studies in IIoT Security
    1. Analysis of a real-world cyber-physical attack
      1. Background and impact
      2. The sequence of events
        1. Exploit loopholes to perform the attack
        2. Trigger the attack with impact
        3. Impair operations and delay recovery
      3. Inside the attack anatomy
        1. Reconnaissance
        2. Spear phishing
        3. Credential theft
        4. Data exfiltration
        5. Remote access exploit
        6. Impair recovery – Malicious firmware, TDOS, and UPS failure
      4. Cyber-physical defense – Lessons learned
    2. Case study 2 – Building a successful IIoT security program
      1. Background
      2. Defining the security program
      3. Implementation
      4. Concluding remarks
    3. Case study 3 – ISA/IEC 62443 based industrial endpoint protection
      1. Background
      2. Solution
      3. Concluding remarks
    4. Summary
  18. The Road Ahead
    1. An era of decentralized autonomy
    2. Endpoint security
    3. Standards and reference architecture
    4. Industrial collaboration
    5. Interoperability
    6. Green patches in brownfield
    7. Technology trends
    8. Summary
  19. I
  20. II
    1. Security standards – quick reference
      1. Device endpoint security
      2. Industrial connectivity infrastructure security
      3. Edge-cloud security
  21. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Practical Industrial Internet of Things Security
  • Author(s): Sravani Bhattacharjee
  • Release date: July 2018
  • Publisher(s): Packt Publishing
  • ISBN: 9781788832687