Політика безпеки для промислового Інтернету речей та оцінка її дієвості

Робота обсягом 130 сторінок містить 35 ілюстрацій, 35 таблиць, 6 літературних посилань та 2 додатки. Метою даної кваліфікаційної роботи є розробка загального каркаса та конкретних рішень політики безпеки типової мережі промислового Інтернету речей та розробка методики оцінки дієвості політики. Об’єктом дослідження є промисловий Інтернет речей. Предметом дослідження є склад політики безпеки, яка призначена для попередження та зменшення ризиків притаманних мережам промислового Інтернету речей та методи оцінювання дієвості політики безпеки. Результати роботи викладені у вигляді опису розробленої політики безпеки, створенні нової методики для оцінки дієвості політики безпеки, використанні регресійної моделі для оцінки зменшення ризиків проведення типових атак на промисловий IoT задля забезпечення безпеки мереж цього типу та кодів програмного модуля, який реалізує відповідну методику оцінки. Методи дослідження: ознайомлення та опрацювання літератури, що представлено монографічними та журнальними матеріалами, електронними ресурсами, які стосуються досліджуваної теми, аналіз різних вразливостей та атак на промисловий IoT, структурування одержаних результатів. Результати роботи можуть бути використані при побудові захищених мереж промислового IoT.The work volume 130 pages contains 35 illustrations, 35 tables, 6 literary references and 2 appendices. The purpose of this qualification work is development a common framework and specific security policy solutions for a typical Industrial Internet of Things network and development a method for evaluating policy effectiveness. The object of research is the Industrial Internet of Things. The subject of research is the composition of a security policy designed to prevent and reduce the risks inherent in the Industrial Internet of Things networks and methods for evaluating the effectiveness of security policy. The results of the work are presented in the form of a description of the security policy developed, creating a new method for evaluating the effectiveness of security policy, the use of a regression model to reduce the risk of typical attacks on industrial IoT to ensure the security of networks of this type and program module codes that implements the appropriate assessment method. Research methods: familiarization and processing of the literature, represented by monographic and journal materials, electronic resources related to the topic under study, analysis of various vulnerabilities and attacks on industrial IoT, structuring the results. The results of the work can be used in the construction of secure networks of industrial IoT

Enhancing Security in Internet of Healthcare Application using Secure Convolutional Neural Network

The ubiquity of Internet of Things (IoT) devices has completely changed the healthcare industry by presenting previously unheard-of potential for remote patient monitoring and individualized care. In this regard, we suggest a unique method that makes use of Secure Convolutional Neural Networks (SCNNs) to improve security in Internet-of-Healthcare (IoH) applications. IoT-enabled healthcare has advanced as a result of the integration of IoT technologies, giving it impressive data processing powers and large data storage capacity. This synergy has led to the development of an intelligent healthcare system that is intended to remotely monitor a patient's medical well-being via a wearable device as a result of the ongoing advancement of the Industrial Internet of Things (IIoT). This paper focuses on safeguarding user privacy and easing data analysis. Sensitive data is carefully separated from user-generated data before being gathered. Convolutional neural network (CNN) technology is used to analyse health-related data thoroughly in the cloud while scrupulously protecting the privacy of the consumers.The paper provide a secure access control module that functions using user attributes within the IoT-Healthcare system to strengthen security. This module strengthens the system's overall security and privacy by ensuring that only authorised personnel may access and interact with the sensitive health data. The IoT-enabled healthcare system gets the capacity to offer seamless remote monitoring while ensuring the confidentiality and integrity of user information thanks to this integrated architecture

Defense in Depth of Resource-Constrained Devices

The emergent next generation of computing, the so-called Internet of Things (IoT), presents significant challenges to security, privacy, and trust. The devices commonly used in IoT scenarios are often resource-constrained with reduced computational strength, limited power consumption, and stringent availability requirements. Additionally, at least in the consumer arena, time-to-market is often prioritized at the expense of quality assurance and security. An initial lack of standards has compounded the problems arising from this rapid development. However, the explosive growth in the number and types of IoT devices has now created a multitude of competing standards and technology silos resulting in a highly fragmented threat model. Tens of billions of these devices have been deployed in consumers\u27 homes and industrial settings. From smart toasters and personal health monitors to industrial controls in energy delivery networks, these devices wield significant influence on our daily lives. They are privy to highly sensitive, often personal data and responsible for real-world, security-critical, physical processes. As such, these internet-connected things are highly valuable and vulnerable targets for exploitation. Current security measures, such as reactionary policies and ad hoc patching, are not adequate at this scale. This thesis presents a multi-layered, defense in depth, approach to preventing and mitigating a myriad of vulnerabilities associated with the above challenges. To secure the pre-boot environment, we demonstrate a hardware-based secure boot process for devices lacking secure memory. We introduce a novel implementation of remote attestation backed by blockchain technologies to address hardware and software integrity concerns for the long-running, unsupervised, and rarely patched systems found in industrial IoT settings. Moving into the software layer, we present a unique method of intraprocess memory isolation as a barrier to several prevalent classes of software vulnerabilities. Finally, we exhibit work on network analysis and intrusion detection for the low-power, low-latency, and low-bandwidth wireless networks common to IoT applications. By targeting these areas of the hardware-software stack, we seek to establish a trustworthy system that extends from power-on through application runtime

Intelligent Embedded Vision for Summarization of Multi-View Videos in IIoT

Nowadays, video sensors are used on a large scale for various applications including security monitoring and smart transportation. However, the limited communication bandwidth and storage constraints make it challenging to process such heterogeneous nature of Big Data in real time. Multi-view video summarization (MVS) enables us to suppress redundant data in distributed video sensors settings. The existing MVS approaches process video data in offline manner by transmitting it to the local or cloud server for analysis, which requires extra streaming to conduct summarization, huge bandwidth, and are not applicable for integration with industrial internet of things (IIoT). This paper presents a light-weight CNN and IIoT based computationally intelligent (CI) MVS framework. Our method uses an IIoT network containing smart devices, Raspberry Pi (clients and master) with embedded cameras to capture multi-view video (MVV) data. Each client Raspberry Pi (RPi) detects target in frames via light-weight CNN model, analyzes these targets for traffic and crowd density, and searches for suspicious objects to generate alert in the IIoT network. The frames of each client RPi are encoded and transmitted with approximately 17.02% smaller size of each frame to master RPi for final MVS. Empirical analysis shows that our proposed framework can be used in industrial environments for various applications such as security and smart transportation and can be proved beneficial for saving resources

Securing IT/OT Links for Low Power IIoT Devices:Design considerations for industry 4.0

Manufacturing is facing a host of new security challenges due to the convergence of information technology (IT) and operational technology (OT) in the industry. This article addresses the challenges that arise due to the use of low power Industrial Internet of Things (IIoT) devices in modular manufacturing systems of Industry 4.0. First, we analyze security challenges concerning the manufacturing execution system (MES) and programmable logic controllers (PLC) in IIoT through a selective literature review. Second, we present an exploratory case study to determine a protocol for cryptographic key management and key exchange suitable for the Smart Production Lab of Aalborg University (a learning cyber-physical factory). Finally, we combine the findings of the case study with a quality function deployment (QFD) method to determine design requirements for Industry 4.0. We identify specific requirements from both the high-level domain of factory capabilities and the low-level domain of cryptography and translate requirements between these domains using a QFD analysis. The recommendations for designing a secure smart factory focus on how security can be implemented for low power and low-cost IIoT devices. Even though there have been a few studies on securing IT to OT data exchange, we conclude that the field is not yet in a state where it can be applied in practice with confidence

Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture