Guest post by Joe Barkai. Original story appeared here.
How Secure is the Internet of Things?
You may have heard me at a conference or read my response to questions concerning the security of the Internet of Things. When asked, I sometimes “refuse” to answer this question. This is not because I do not think that data security—and the closely-related data privacy—are not important; of course they are. But I want to highlight the point that data security and privacy are foundational issues that are not unique to IoT devices. Every enterprise must ensure that all data—IoT generated or not—is secured and that data privacy and ownership are handled properly.
But in light of the recent highly-publicized cyberattacks, and a session with Chris Valasek (who is best known for wirelessly hacking a Jeep wrangler) and Mark Weatherford (past deputy Undersecretary for Cybersecurity at the U.S. Department of Homeland Security), I thought I should provide a brief update.
CCTV Bots Attack the Internet
On October 21, a massive, highly-distributed cyberattack, involving millions of IP addresses and a malicious software, crippled web servers across the U.S., temporarily shutting down DNS services and rendering major Internet sites inaccessible.
Distributed denial-of-service (DDoS) are not new. But according to web security firm Sucury, this was the first time it had observed an attack powered solely by hacked CCTV devices. The company discovered attackers have compromised more than 25,000 digital video recorders and CCTV cameras, and are using them to launch DDoS attacks against websites.
Taxonomy of IoT Devices
Internet-connected devices, such as the CCTV devices involved in the DDoS cyberattack, are getting cheaper and more powerful. This trend inspires conceptual architectures that place smart, connected devices at the edge of the IoT network.
There are some perfectly good arguments as to why sophisticated devices with autonomous decision authority should reside at the edge of the network. For instance, moving decision-making devices closer to the industrial processes they control improves real-time control and reduces network traffic and information latency.
On the other hand, there are also equally convincing rationales to consider the use of less sophisticated and less autonomous edge devices.
First, devices that do not need to perform complex computational tasks are simpler and cheaper, consume less power, and are less prone to failures. And because of their low computation bandwidth and limited command and control reach, these devices are far less prone to hacking.
Much more importantly, however, many business decisions should not and cannot be performed at the edge device level. While command and control of a single machine can be done locally and autonomously, the type of deep insight that drives predictive analytics and long-term decisions is based on multiple inputs from the broader IoT and business network: multiple machines, multiple production lines, and in multiple locales. These types of analyses and decisions can only be carried out centrally.
There is no single “ideal” architectural. The power of the Internet of Things is in the ability to form a flexible decision-making architecture, and to move analytics and decision making as needed between edge devices (for example, for real-time control), and centralized cloud applications such as fleet optimization.
In my book The Outcome Economy: How the Industrial Internet of Things is Transforming Every Business, I propose a taxonomy of IoT devices, which can serve to determine the level of decision-authority that should be given to different edge devices. The following is a shorter version of this taxonomy description.
The basic building blocks of the Industrial IoT are single-task devices such as sensors, pumps, valves, and motors. These devices can measure and send discrete pieces of information (a sensor) or respond to a simple on/off command (a pump, a valve, or a motor).
An activity-aware object “understands” the physical world in terms of event and activity streams, where each event or activity is directly related to the task the object is to perform: turn on, measure, etc.
The operating model of activity-aware devices is typically a simple linear sequence of data collection and processing functions, such as a time or state series. These devices primarily measure and log data, but do not provide interactive, analytic, or self-governance capabilities.
A policy-aware device is an activity-aware object with an embedded policy model. A policy-aware device can sense and interpret events and activities and respond to them based on predefined operational and organizational policies.
The governance model of policy-aware devices consists of application-specific policies expressed as a set of rules that operate on event and activity streams to create actions. The model provides context-sensitive information about event handling and work-activity performance. In particular, it can issue warnings and alerts if it’s unable to comply with the policy or the operating model.
Many industrial devices, even simple ones, are policy-aware devices. For example, a thermostat in a cold-chain application is commanded to maintain a certain ambient temperature range. In other words, the thermostat has an autonomous decision-making capability to enable it to comply with the policy. An air-conditioning unit and an alarm system are other examples of policy-aware devices.
A process is a collection of related activities that are sequenced in time and space to accomplish a task or a combination of tasks. Process execution rules can be included for dynamic recombination of activities to support a broader range of interrelated activities, tasks, and sub-tasks, and have greater event-handling agility and decision capacity.
A process-aware device is aware of and “understands” the organizational processes that it is a part of. Moreover, it is also aware of other devices in its subnetwork operating in tandem to implement the process and can relate the occurrence of real-world activities and events of these processes to the user.
Cold-chain logistics, process automation and control, robots, and manufacturing execution systems (MES) are examples of process-aware applications.
The application model of process-aware objects is built around a dynamic context-aware workflow model that defines timing and ordering of work activities. Work processes (that is, sequence and timing of activities and events) communicate with others to accomplish predefined, high-level tasks.
Not Everything Than Can Be Connected, Should Be
Every industry survey stresses security concerns as one of the top hurdles in the way of broad adoption, and the publicity of IoT-generated DDoS attacks, which impacted both businesses and individuals, will further erode the confidence of consumers and corporations alike. There’s probably very little damage in curbing the enthusiasm of those that marvel the vision of connected refrigerators and toasters, but the participants in the Industrial IoT and the connected infrastructure overall, should intensify the conversation about standardization, certification and registration, and the delicate balance between enforcement and enticement.
These conversations are critical, but, as stated before, are not limited in scope to the Internet of Things.
While we work to encourage the use of standards, best practices, and better technology, let’s remember that not everything than can be connected, should be. Let’s focus on valuable scenarios rather than the digital chatting between coffee pots and toasters.
(Portions of this articles are from The Outcome Economy: How the Industrial Internet of Things is Transforming Every Business)