Securing Real-Time Internet-of-Things

Modern embedded and cyber-physical systems are ubiquitous. A large number of critical cyber-physical systems have real-time requirements (e.g., avionics, automobiles, power grids, manufacturing systems, industrial control systems, etc.). Recent developments and new functionality requires real-time embedded devices to be connected to the Internet. This gives rise to the real-time Internet-of-things (RT-IoT) that promises a better user experience through stronger connectivity and efficient use of next-generation embedded devices. However RT- IoT are also increasingly becoming targets for cyber-attacks which is exacerbated by this increased connectivity. This paper gives an introduction to RT-IoT systems, an outlook of current approaches and possible research challenges towards secure RT- IoT frameworks

Determining the performance costs in establishing cryptography services as part of a secure endpoint device for the Industrial Internet of Things

Endpoint devices are integral in the realisation of any industrial cyber-physical system (ICPS) application. As part of the work of promoting safer and more secure industrial Internet of Things (IIoT) networks and devices, the Industrial Internet Consortium (IIC) and the OpenFog Consortium have developed security framework specifications detailing security techniques and technologies that should be employed during the design of an IIoT network. Previous work in establishing cryptographic services on platforms intended for wireless sensor networks (WSN) and the Internet of Things (IoT) has concluded that security mechanisms cannot be implemented using software libraries owing to the lack of memory and processing resources, the longevity requirements of the processor platforms, and the hard real-time requirements of industrial operations. Over a decade has passed since this body of knowledge was created, however, and IoT processors have seen a vast improvement in the available operating and memory resources while maintaining minimal power consumption. This study aims to update the body of knowledge regarding the provision of security services on an IoT platform by conducting a detailed analysis regarding the performance of new generation IoT platforms when running software cryptographic services. The research considers execution time, power consumption and memory occupation and works towards a general, implementable design of a secure, IIoT edge device. This is realised by identifying security features recommended for IIoT endpoint devices; identifying currently available security standards and technologies for the IIoT; and highlighting the trade-offs that the application of security will have on device size, performance, memory requirements and monetary cost.Dissertation (MSc)--University of Pretoria, 2017.Electrical, Electronic and Computer EngineeringMScUnrestricte

A critical review of intrusion detection systems in the internet of things : techniques, deployment strategy, validation strategy, attacks, public datasets and challenges

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack on the end nodes. To this end, Numerous IoT intrusion detection Systems (IDS) have been proposed in the literature to tackle attacks on the IoT ecosystem, which can be broadly classified based on detection technique, validation strategy, and deployment strategy. This survey paper presents a comprehensive review of contemporary IoT IDS and an overview of techniques, deployment Strategy, validation strategy and datasets that are commonly applied for building IDS. We also review how existing IoT IDS detect intrusive attacks and secure communications on the IoT. It also presents the classification of IoT attacks and discusses future research challenges to counter such IoT attacks to make IoT more secure. These purposes help IoT security researchers by uniting, contrasting, and compiling scattered research efforts. Consequently, we provide a unique IoT IDS taxonomy, which sheds light on IoT IDS techniques, their advantages and disadvantages, IoT attacks that exploit IoT communication systems, corresponding advanced IDS and detection capabilities to detect IoT attacks. © 2021, The Author(s)

Towards a secure data exchange in IIoT

Industrial Internet of Things (IIoT) plays a central role in the Fourth Industrial Revolution, with many specialists working towards implementing large scalable, reliable and secure industrial environments. However, existing environments are lacking security standards and have limited resources per component which results in various security breaches, e.g., trust in between the components, partner factories or remote control units with the system. Due to the resilience and its security properties, combining blockchain-based solutions with IIoT environments is gaining popularity. Despite that, chain-structured classic blockchain solutions are extremely resource-intensive and are not suitable for power-constrained IoT devices. To mitigate the referred security challenges, a secure architecture is proposed by using a DAG-structured asynchronous blockchain that can provide system security and transactions efficiency at the same time. Use-cases and sequence diagrams were created to model the solution. The achieved results are robust, supported by an extensive security evaluation, which foster future developments over the proposed architecture. Therefore, as the proposed architecture is generic and flexible, its deployment in diverse customized industrial environments and scenarios, as well as the incorporation of future hardware and software, is possible.info:eu-repo/semantics/publishedVersio

Security for the Industrial IoT: The Case for Information-Centric Networking

Industrial production plants traditionally include sensors for monitoring or documenting processes, and actuators for enabling corrective actions in cases of misconfigurations, failures, or dangerous events. With the advent of the IoT, embedded controllers link these `things' to local networks that often are of low power wireless kind, and are interconnected via gateways to some cloud from the global Internet. Inter-networked sensors and actuators in the industrial IoT form a critical subsystem while frequently operating under harsh conditions. It is currently under debate how to approach inter-networking of critical industrial components in a safe and secure manner. In this paper, we analyze the potentials of ICN for providing a secure and robust networking solution for constrained controllers in industrial safety systems. We showcase hazardous gas sensing in widespread industrial environments, such as refineries, and compare with IP-based approaches such as CoAP and MQTT. Our findings indicate that the content-centric security model, as well as enhanced DoS resistance are important arguments for deploying Information Centric Networking in a safety-critical industrial IoT. Evaluation of the crypto efforts on the RIOT operating system for content security reveal its feasibility for common deployment scenarios.Comment: To be published at IEEE WF-IoT 201

Towards NFC payments using a lightweight architecture for the Web of Things

The Web (and Internet) of Things has seen the rapid emergence of new protocols and standards, which provide for innovative models of interaction for applications. One such model fostered by the Web of Things (WoT) ecosystem is that of contactless interaction between devices. Near Field Communication (NFC) technology is one such enabler of contactless interactions. Contactless technology for the WoT requires all parties to agree one common definition and implementation and, in this paper, we propose a new lightweight architecture for the WoT, based on RESTful approaches. We show how the proposed architecture supports the concept of a mobile wallet, enabling users to make secure payments employing NFC technology with their mobile devices. In so doing, we argue that the vision of the WoT is brought a step closer to fruition