The need of unified approaches to protect the Industrial Internet of Things.
We are living in the era of the 4th industrial revolution (or Industry 4.0 as it is occasionally called), which, in essence, is the transformation of the traditional manufacturing and industrial practices, using modern smart technology.
As shown in Figure 1, smart factories consist of different cyber-physical systems that are able to monitor physical processes and also make decentralized decisions. They mainly contain smart sensors, which are devices that generate data and also allow further functionality: from self-monitoring and self-configuration to monitoring of more complex processes. In addition, these sensors can communicate and cooperate with each other, as well as with humans both internally and across organizational services offered and used, for example, by other federated partners.
These mechanisms boost productivity and competitiveness and also increase profitability, but at the same time increase the security risks for the smart factory itself. The problem in general lies in the interconnection of the factory objects and the establishment of the networks between them, either internally or with the outside world, which open windows of opportunity for attackers, adversaries, or any other malicious parties in general. So, in the case of smart factories, the shift from traditional closed systems like SCADA into Internet-based systems expanded the attack surface dramatically, including threats like interference, disruption or denial of process controls, theft of intellectual property, loss of sensitive corporate data, hostile alterations to data, and industrial espionage.
There are many examples, as shown in Figure 2, where adversaries were able to hack into the Industrial IoT infrastructure and either corrupt or shut down the OT environment. Indeed, recent years have witnessed an increase in security incidents and attacks targeting manufacturing industry, placing it on the first places of the most targeted industries (only after financial services and information and communication technology industry), while also a high percentage of manufacturers reported financial or other business losses due to cyber-attacks in 2018 according to Kaspersky. The problem in general lies in the interconnection of the different (factory) objects and the establishment of networks between them, either internally or with the outside world, which open windows of opportunity for attackers, adversaries, or any other malicious parties in general. In principle, organisations must be capable of protecting a vast array of technology along the supply chain, whereas a would-be cyber-attack must only be able to pinpoint the weakest link.
The need to improve cybersecurity of Industry 4.0 is more important than ever, since the potential impact of relevant threats could range from production downtimes, to damaging equipment as well as ensuing financial and reputational losses. To counter-act against threats, we need to develop fully integrated strategic approaches that bridge many different technologies and concepts, including hardware-enabled security and protection, access control and authentication mechanisms, end-to-end encryption, and behavioral analytical models based on machine learning and deep learning techniques. These mechanisms enable many different properties, such as accountability, privacy-preserving, reliability and trustworthiness. Overall, cybersecurity is not only essential as a few stand-alone components as was used to be, but rather it should be integrated as part of the system and should be considered as a systems problem.
In principle, C4IIoT tries to tackle exactly this problem by implementing an IoT architecture that aims to provide end-to-end security. To achieve this, it bridges many different technologies and concepts, including cyber assurance and protection, machine (deep) learning (ML/DL) methods, edge/cloud computing, blockchain and Big Data technologies. These mechanisms enable many different properties, such as accountability, privacy-preserving, reliability and trustworthiness. Another important feature of C4IIoT is that all the mechanisms are carefully orchestrated across all infrastructure elements involved within an IIoT system (e.g., IIoT devices, field gateways, cloud resources) and is based upon analysis of various data flows (e.g., IIoT device data, encrypted network flows). This allows us to establish end-to-end protection, from the IoT devices, up to the back-end cloud layer. It also provides mechanisms to analyse and correlate data from different data sources, including log files from the IoT devices themselves, as well as the traffic that is exchanged between them.
The main objectives of C4IIoT are:
Objective 1: Develop, validate, demonstrate, and support a holistic and disruptive security-enabling solution for prevention & protection against attacks targeting modern IoT components, complex Industrial IoT infrastructures and emerging technologies.
Objective 2: Explore recent progress and converge very diverse and novel ICT engineering paradigms in cyber assurance and protection, machine (deep) learning, edge/cloud computing, blockchain and Big Data technologies, to establish an end-to-end (edge-to-cloud) Cybersecurity 4.0 framework to provide breakthroughs in the fight against Industrial IoT cyber-attacks.
Objective 3: Leverage innovative secure execution environments, empowered by novel mechanisms related to security, privacy, accountability and trustworthiness, to offer almost real-time malicious and anomalous behaviour anticipation, detection, tracking, mitigation, and end user informing, within evolving IIoT applications and processes.
Objective 4: Allow a secure exploration of IIoT’s full potential in the automotive industry and realize societal and industrial opportunities by validating C4IIOT framework in real-world settings.
Objective 5: Consolidate international and European links, raise awareness, collaborate with standardizations bodies and ensure transferability of project’s results.
Objective 6: Boost the effectiveness of the European Security Union against cyber-attacks in Industrial IoT infrastructures, by offering almost ready to market solutions (TRL 6) and by ensuring business continuity and long-term sustainability.
The time plan of our project is shown in Figure 3. We are now in M18, and we have completed the project set-up phase, including project requirements and preliminary business models, as well as the Minimum Viable Project and the 1st Integrated version. By next May, we will also have defined the exploitation and standardization landmark. The Final version of C4IIoT will be released by November 2011. This will include the whole architecture and the execution of our demonstrators. Finally, by May 2022 will have the complete release, including any final assessment, impact analysis, as well as business plans.