New Threats for Old Manufacturing Problems: Secure IoT-Enabled Monitoring of Legacy Production Machinery

The digitization of manufacturing through the introduction of Industrie 4.0 technologies creates additional business opportunities and technical challenges. The integration of such technologies on legacy production machinery can upgrade them to become part of the digital and smart manufacturing environment. A typical example is that of industrial monitoring and maintenance, which can benefit from internet of things (IoT) solutions. This paper presents the development of an-IoT-enabled monitoring solution for machine tools as part of a remote maintenance approach. While the technical challenges pertaining to the development and integration of such solutions in a manufacturing environment have been the subject of relevant research in the literature, the corresponding new security challenges arising from the introduction of such technologies have not received equal attention. Failure to adequately handle such issues is a key barrier to the adoption of such solutions by industry. This paper aims to assess and classify the security aspects of integrating IoT technology with monitoring systems in manufacturing environments and propose a systematic view of relevant vulnerabilities and threats by taking an IoT architecture point of view. Our analysis has led to proposing a novel modular approach for secure IoT-enabled monitoring for legacy production machinery. The introduced approach is implemented on a case study of machine tool monitoring, highlighting key findings and issues for further research

Adding Digital Forensic Readiness as a Security Component to the IoT Domain

The unique identities of remote sensing, monitoring, self-actuating, self–adapting and self-configuring “things” in Internet of Things (IoT) has come out as fundamental building blocks for the development of “smart environments”. This experience has begun to be felt across different IoT-based domains like healthcare, surveillance, energy systems, home appliances, industrial machines, smart grids and smart cities. These developments have, however, brought about a more complex and heterogeneous environment which is slowly becoming a home to cyber attackers. Digital Forensic Readiness (DFR) though can be employed as a mechanism for maximizing the potential use of digital evidence while minimizing the cost of conducting a digital forensic investigation process in IoT environments in case of an incidence. The problem addressed in this paper, therefore, is that at the time of writing this paper, there still exist no IoT architectures that have a DFR capability that is able to attain incident preparedness across IoT environments as a mechanism of preparing for post-event response process. It is on this premise, that the authors are proposing an architecture for incorporating DFR to IoT domain for proper planning and preparing in the case of security incidents. It is paramount to note that the DFR mechanism in IoT discussed in this paper complies with ISO/IEC 27043: 2015, 27030:2012 and 27017: 2015 international standards. It is the authors’ opinion that the architecture is holistic and very significant in IoT forensics

Threat modeling for communication security of IoT-enabled digital logistics

The modernization of logistics through the use of Wireless Sensor Network (WSN) Internet of Things (IoT) devices promises great efficiencies. Sensor devices can provide real-time or near real-time condition monitoring and location tracking of assets during the shipping process, helping to detect delays, prevent loss, and stop fraud. However, the integration of low-cost WSN/IoT systems into a pre-existing industry should first consider security within the context of the application environment. In the case of logistics, the sensors are mobile, unreachable during the deployment, and accessible in potentially uncontrolled environments. The risks to the sensors include physical damage, either malicious/intentional or unintentional due to accident or the environment, or physical attack on a sensor, or remote communication attack. The easiest attack against any sensor is against its communication. The use of IoT sensors for logistics involves the deployment conditions of mobility, inaccesibility, and uncontrolled environments. Any threat analysis needs to take these factors into consideration. This paper presents a threat model focused on an IoT-enabled asset tracking/monitoring system for smart logistics. A review of the current literature shows that no current IoT threat model highlights logistics-specific IoT security threats for the shipping of critical assets. A general tracking/monitoring system architecture is presented that describes the roles of the components. A logistics-specific threat model that considers the operational challenges of sensors used in logistics, both malicious and non-malicious threats, is then given. The threat model categorizes each threat and suggests a potential countermeasure