Embed Size (px)
Citation preview
IoT Security
John Patrick LitaInformation Security Consultant
Agenda
• IOT How it Starts
• The internet of Things
• Purpose of IoT
• IOT Challenges
• The Stuxtnet
• IOT Landscape
2
How it start
Image from: http://asmarterplanet.com/blog/2014/09/ramping-up.html
3
Effect of the Internet
Image from: https://foxxr.com/internet-marketing/social-media-marketing/
4
Internet Usage and Population Statistics
Source: www.internetlivestats.com/internet-users-by-country/
5
IOT Connected worldwide
https://iot-analytics.com/10-internet-of-things-applications/
6
Example of IoT Revolution
Industrial Automation Health Care Automation Smart Cars
Smart City Smart House Human no smart
7
What is IoT? 8
The internet of things (IoT) is the
network of physical devices, vehicles,
buildings and other items—embedded
with electronics, software, sensors,
actuators, and network connectivity
that enable these objects to collect
and exchange data.
The Internet of Things
• The term Internet of Things
was first used by Kevin
Ashton in 1999.
• uniquely identifiable through
its embedded computing
system but is able to
interoperate within the
existing Internet
infrastructure
9
IOT Characteristics
Ambient Intelligence
Flexible Structure
Semantic Sharing
Complex Access
Technology
Event Driven
10
Technology Implementation
RFID Sensor Smart Tech Nano Tech
To identify
and track
the data
of things
To collect
and process
the data to
detect the
changes in
the physical
status of
things
To enhance
the power
of the
network by
devolving
processing
capabilities
to different
part of the
network.
To make the
smaller and
smaller
things have
the ability
to connect
and interact.
11
Purpose of Internet of Things
IOT Application
Management
Retail
Logistics
Health Care
Food
Education
12
Management
• Waste Management
• Data Management
• Production Management
• Urban Management
• Energy Management
• Transportation
Management
13
Health Management
• Your Medical Record is stored as Data
• Track your Drug Usage / Dosage
• Web Application for Hospital / Pharmacy
• Efficiency delivering emergency treatment
more faster
• Manage your Check-up using a mobile
application
14
Traffic Management
• Reduce Traffic Congestion
• Sensors connected to traffic signal keeping sending information to a central server o number of vehicles piling
• Analytics platform get real-time data from sensors, traffic signals within 2 km of intended junction & GIS Mapping of roads
• Save Life on road
• A message is sent to the ambulance display panel in front of the driver informing him which the road to take
• A message is also sent to hospital system prompting them to get ready including auto message to the doctor’s phone to rush back if he is out
• Help Prevent and Catch crime
• All information from CCTV, Sensors on the road, criminal database and information from police command centre is continuously fed to analytics platform which keeps analysing the information and take decisions
• Police squad is dispatched to site to check bad contents and take necessary actions
Source: http://www.cisco.com/web/IN/about/network/smart_traffic.html
15
Food Management
• Cutting waste when storing crops, by continuously monitoring for microscopic pests that will spoil then
• Monitoring the activities of livestock, ensuring optimum diary yields
• Nutrition calculations
• Control food quality, health and safety
• Prevent over production and shortage
• Cab produce affordable food because of less in transpiration (No man in the middle), Direct Buyers to Sellers
16
Education Management
• School Administration• Attendance Management• Voting System• Enrolment System
• School Security• Monitoring the numbers of people inside the school building• Monitoring the Entrance and the presence of any individual
for emergency purpose
• Teaching Management• Video presentation• Information Management• Foreign Language learning• Time paced and long distance education
Source:
http://www.systech.com/the-implications-of-the-internet-of-things-for-education
http://blogs.princeton.edu/etc/2012/02/24/the-internet-of-things/
17
IOT Timeline 18
IOT Challenges 19
5 Key Challenges for the Industrial Internet of Things (IIoT)
Key Challenge #1: Settling on Device Capabilities
•The real risk to what we call ‘manufacturing integrity’ is when products and services that may be well suited for a typical office setting are presented as solving the same problems in a manufacturing environment without completely understanding the associated requirements (environmental, hazardous areas, reliability and availability of services, etc.)
Key Challenge #2: Supply Chain Concerns
•Functionality is not the only focus that manufacturers will need to address in the coming years. Cost and industrial reliability will also play a part as early adopters vie to make the transition to IIoT. As embedded systems increasingly make their way into enterprises, the onus will be on manufacturers to maintain the integrity of their supply chains.
Source: www.tripwire.com/state-of-security/featured/5-key-challenges-for-the-industrial-internet-of-things-iiot/
20
5 Key Challenges for the Industrial Internet of Things (IIoT)
Key Challenge #3: Security
• IIoT devices are in no way exempt from this. For example, according to Carr, “the brief period of time it takes to plug in a laptop (that has an internet connection) to a flow computer in order to download a software upgrade is all it takes to upload malicious malware such as BlackEnergy or Stuxnet.”
Key Challenge #4: Bridging the Gaps that Divide Us
• Security is a significant concern when it comes to implementing IoT. However, as with any new technology, technical problems are ultimately no match for issues that divide people and prevent us from working and adapting together.
• And IT engineers and architects must understand the difference between business processes and manufacturing processes
Key Challenge #5: Safety
• The fifth and final key challenge enterprises face when implementing IIoT is safety. This concern relates to how the deep integration of connected devices and physical controls are introducing new methods of attack.
Source: www.tripwire.com/state-of-security/featured/5-key-challenges-for-the-industrial-internet-of-things-iiot/
21
Video Presentation:Stuxnet explanation and Demo
https://www.youtube.com/watch?v=RS2WGRP7DpA
22
IOT Landscape 23
References:
• http://www.slideshare.net/MhaeLyn/iot-30545508
• http://asmarterplanet.com/blog/2014/09/ramping-up.html
• https://foxxr.com/internet-marketing/social-media-marketing
• https://iot-analytics.com/10-internet-of-things-applications/
• http://www.cisco.com/web/IN/about/network/smart_traffic.html
• http://www.systech.com/the-implications-of-the-internet-of-things-for-education
• www.tripwire.com/state-of-security/featured/5-key-challenges-for-the-industrial-internet-of-things-iiot/
• http://blogs.princeton.edu/etc/2012/02/24/the-internet-of-things/
Youtube Video Stuxnet Explanation and Demonstration:
• https://www.youtube.com/watch?v=RS2WGRP7DpA
24
