analysis of cybersecurity threats in industry 4.0: the ... · analysis of cybersecurity threats in...
TRANSCRIPT
AnalysisofcybersecuritythreatsinIndustry4.0:thecaseofintrusion
detectionJuanEnriqueRubioRodrigoRomanJavierLopez
UniversityofMalaga
Outline
1. Introduction
2. Cyber-securitythreatsofIndustry4.0enablingtechnologies
3. Cyber-securityissuesinIndustry4.0innovativeservices
4. IntrusionDetectioninIndustry4.0
2
INTRODUCTION
3
ITandOTintegration
§ SCADA systems (Supervisory Control and DataAcquisition) are now present in most criticalinfrastructures.
§ Traditionally, these systems and industrialnetworks (Operational Technology) had to beisolated from other environments.
§ However, at present, they have beeninterconnected with external networks(Information Technology).
IT
OT
4
TowardsIndustry4.0
§ Digitization of all components within the industry to make theproductive processes digitally connected and distributed, providing ahighly integrated value chain
Interoperability
Virtualization
Decentralization
Realtime
Service Orientation
Modularity
Interactivity
5
Industry4.0innovativeservicesandsecurity
§ Creation of innovative services:q Novel cooperative infrastructuresq Cloudmanufacturingq Agents for decisionmakingq Advanced interactionsq …
§ The increase in security threats caused by the Industry 4.0technologies and its innovative services must be addressed
§ It is essential to study the requirements of intrusiondetection systems in the upcoming industrial context
6
CYBER-SECURITYTHREATSOFINDUSTRY4.0TECHNOLOGIES
7
Introduction:theIndustry4.0concept
Industry4.0
Cloudcomputing
Virtualization
BigData
IndustrialInternetofThings
8
Cyber-securitythreatsofIndustry4.0enablingtechnologies
Industrial Internet of Things
o Massive interconnection of machines,operators and the product itself
• The main concern are the attacksperpetrated against their availability,due to the scarcity of resources (CPU,memory or battery)
9
Cyber-securitythreatsofIndustry4.0enablingtechnologies
Cloud computing
o Processing of information retrieved by IIoT devices, cloud-basedmanufacturing
• The most common attack goes against its availability, by means of aDenial of service (DoS) attacks against the infrastructure
• Confidentiality problems arise when putting trust in the serviceprovider, who has total access to the stored data
10
Cyber-securitythreatsofIndustry4.0enablingtechnologies
Big Data
o Data analytics with the information extracted from theindustrial network to optimize operations and identifyanomalies
• Difficult to ensure the security of all components andnodes
• Confidentiality and Integrity of data are threatened ifappropriate measures are not applied, which is frequentin this context to improve efficiency
11
Cyber-securitythreatsofIndustry4.0enablingtechnologies
Virtualization
o VirtualrepresentationsofmachinesforsimulationsandAR/VRdevicestointeractwiththeproductionchain
• Themainchallengeisthesecureinformationexchangebetweenthephysicalassetsandtheirvirtualrepresentations
• Authenticationissuesexistwiththedisseminationofinformationovermultiplevulnerableplatforms(e.g.,smartphones)
12
CYBER-SECURITYTHREATSININDUSTRY4.0INNOVATIVESERVICES
13
Cyber-securitythreatsinIndustry4.0innovativeservices
Novelinfrastructures• Decentralizedarchitecturewhereanyelementcooperateswithanyother• Attacks could belaunched fromanyelement ofthe infrastructure,blurring the authenticationbarriers between the differentsubsystems
Retrofitting• IntegrationofIndustry4.0technologiestolegacysystems• New ways for attacks against legacy systems,exposing their information
Industrialdataspace• Secureexchangeofinformationbetweenindustrialpartners• Extraction ofcompetitive intelligence
14
Cyber-securitythreatsinIndustry4.0innovativeservices
Cloudmanufacturing• Productcustomizationinthecloud• Availability andconfidentiality ofbusiness dataaffected
Agents• Workflowplannersorself-organisingassemblysystems• Compromised agents toinfluence decisionsandthe overall workflow
Otherenhancedinteractions• DigitaltwinsandadvancedHMIs• They canbemanipulated tolaunch other attacks andextract information
15
Cyber-securitythreatsinIndustry4.0innovativeservices
Novelinfrastructures
Retrofitting IndustrialDataSpace
Cloudmanufacturing
Agents Otherinteractions
Availability Wideattacksurface
Singlepointoffailure
Cascadeeffects Wide attacksurface
Agentsasmalware
Denialofservice
Confidentiality Globaldatainlocalcontext
Exposureofsensing layer
Informationleakage
Businessprocessleakage
Agentdatainlocalcontext
Informationleakage
Integrity Behaviourmanipulation
Cross-cuttingattacks
Cascadeeffects Manipulationofcomponents
Tampereddata/agents
Disrupt decisionmakingprocesses
Authentication Complexity andmisconfiguration
Fakelegacy/sensinglayers
Biggerscopeofattacks
Managementissues
Attacksfrom/toagents
Privilegeescalation
16
INTRUSIONDETECTIONININDUSTRY4.0
17
IntrusionDetectioninIndustry4.0
§ Requirements for the design, deployment and managementof intrusion detection systems (IDS):
ü Coverage
ü Holism
• All interactions andelements ofan Industry 4.0
• Easily upgradablewith newdetection algorithms.
• Users,configurations,potential points offailure andcascadeeffects aretaken into account
• They must befamiliarizedwith the cooperative nature
18
IntrusionDetectioninIndustry4.0
§ Requirements for the design, deployment and managementof intrusion detection systems (IDS):
ü Intelligence
ü Symbiosis
§ The state of the art on IDS for the current industrial ecosystems donot fully cover the previouslymentioned requirements
• Behavioral analysis andinformationcorrelation toconsiderthe existence ofmoreadvanced attacks
• Close interactionwith other protectionmechanisms,such asprevention systems andforensics,aswell asthe Industry 4.0services
19
Conclusions
§ We have introduced the Industry 4.0 enabling technologiesand provided an overview of their threats
§ The main threats arisen as consequence of the integration ofthese novel technologies in the industrial ecosystems havebeen studied
§ Based on this, we have identified a set of requirements forfuture intrusion detection mechanisms in the industry.
20
ThanksAnalysisofcybersecuritythreatsinIndustry4.0:
thecaseofintrusiondetection
JuanEnriqueRubioRodrigoRomanJavierLopez
21