iira and rami 4.0 secure iiot applications need secure ... · iira and rami 4.0 secure iiot...
TRANSCRIPT
![Page 1: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/1.jpg)
IIRA and RAMI 4.0Secure IIoT Applications Need Secure Application Code
IIRA: Industrial Internet Reference Architecture
RAMI: Reference Architecture Model for Industrie
IIoT: Industrial Internet of Things
![Page 2: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/2.jpg)
E-Bike
2
![Page 3: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/3.jpg)
Security
3
![Page 4: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/4.jpg)
Safety
4
![Page 5: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/5.jpg)
Netherlands Cycle Path
5
![Page 6: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/6.jpg)
UK Cycle Path
You can’t “bolt on” safety, you have to design it in.
The same is true about security in the IIOT.
6
![Page 7: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/7.jpg)
The Internet of Things and Services
7
The “Internet of Things” (IoT) is a much used phrase, and one
full of optimism and promise
![Page 8: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/8.jpg)
Smart Parking
Connected Water Meters
Gas Monitoring
Chronic Disease Management
Road Pricing
Telework
Connected Learning
Connected Militarized Defence
The Internet of Things and Services
8
https://www.informationweek.com
/government/leadership/internet-
of-things-8-cost-cutting-ideas-for-
government/d/d-id/1113459
![Page 9: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/9.jpg)
US Water Utility Network
9
http://www.bbc.co.uk/news/technology-15817335
![Page 10: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/10.jpg)
San Francisco Transit Network
10
https://www.wired.com/2016/11/sfs-
transit-hack-couldve-way-worse-
cities-must-prepare/
![Page 11: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/11.jpg)
German Steel Works
11
http://www.bbc.co.uk/news
/technology-30575104
![Page 12: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/12.jpg)
Ukrainian Electricity Network
12
http://www.bbc.co.uk/news/technology-35686493
![Page 13: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/13.jpg)
Mirai Source Code
13
Default Password
1234
Distributed Denial of Service (DDoS) Attack
![Page 14: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/14.jpg)
IoT systems are generally non critical systems such as a home thermostat, where a failure is not catastrophic
IIoT focuses more on complex industrial systems, such as power generation and transportation, which are much more demanding in terms of performance and which need to perform 24/7 with serious consequences in case of failure
Both IIoT and IoT are starting to have a huge element of machine-to-machine communications
IoT & IIoT
14
Security approach for IIoT needs to be the most
robust and highest performing system possible
![Page 15: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/15.jpg)
Reference Architectural Model for Industry
German, French & Italian Initiative to support and strengthen the digitisation processes of their manufacturing sectors
The fourth industrial revolution: Towards intelligent and flexible production
RAMI 4.0
15
https://www.plattform-
i40.de/I40/Redaktion/EN/Downloa
ds/Publikation/rami40-an-
introduction.pdf?__blob=publicatio
nFile&v=4
![Page 16: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/16.jpg)
IIRA
16https://rti.wistia.com/medias/8ma88ry3mw?embedType=async&videoFoam=true&videoWidth=640
Industrial Internet Reference Architecture
Enables Industrial Internet of Things (IIoT) system architects to design their own systems based on a common framework and concepts
![Page 17: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/17.jpg)
IIRA and RAMI 4.0
17
IIC Functional
Domains and
Viewpoints
Reference
Architecture
Model for
Industrie 4.0
Umsetzungsstrategie Industrie 4.0 –
Ergebnisbericht, Berlin, April 2015
Industrial Internet
consortium –
Industrial
Internet
Reference
Architecture version
1.7. 4th June, 2015
![Page 18: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/18.jpg)
Middleware
18
http://blog.iiconsortium.org/2016/07/applying-the-iira-to-the-iics-microgrid-testbed.html
• Applying the IIRA to the IIC’s Microgrid Testbed, deploying
DDS (Data Distribution Service) as a middleware solution
![Page 19: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/19.jpg)
The Swiss Cheese model
19
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC1117770/
There is no simple, “one-stop” answer to the security
conundrum. Cyber-security depends on vigilance in every part
of the architecture, the design, the development process,
including:
• Secure boot
• Domain separation
• Least privilege design principles
• Minimisation of attack surfaces
• Secure coding techniques
• Security focused testing
• Responsive maintenance processes
It is imperative that all critical application code is
written with security as a primary focus
![Page 20: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/20.jpg)
Writing
Secure
Code
![Page 21: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/21.jpg)
Build Safe and Secure Application Code
Use a Secure Coding Standard
Reduce Code Complexity
Define Safety Requirements
Requirements Tracing
Requirement Based Testing
Measure Structural Coverage
21
![Page 22: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/22.jpg)
There are databases that track the security vulnerabilities and exposures. For many years now, all recorded exploits and vulnerabilities have been captured in a variety of databases, including: CVE – Common Vulnerabilities & Exposures (cve.mitre.org)
OSVDB – Open Source Vulnerability Database (osvdb.org)
SANS Institute - SysAdmin, Audit, Network, Security(www.sans.org)
OWASP - Open Web Application Security Project(www.owasp.org)
Tracking Security Vulnerabilities
22
Learn from Experience
![Page 23: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/23.jpg)
Computer Emergency Readiness Team
CERT
23
![Page 24: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/24.jpg)
Validate Inputs Validate input from all untrusted data sources. Proper input validation
can eliminate the vast majority of software vulnerabilities. Be suspicious of most external data sources, including command line arguments, network interfaces, environmental variables, and user controlled files
Heed compiler warnings Compile code using the highest warning level available for your
compiler and eliminate warnings by modifying the code. Use static and dynamic analysis tools to detect and eliminate additional security flaws
Keep it simple Keep the design as simple and small as possible. Complex designs
increase the likelihood that errors will be made in their implementation, configuration, and use
Top Secure Coding Practices
24
![Page 25: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/25.jpg)
Use effective quality assurance techniques Good quality assurance techniques can be effective in identifying and
eliminating vulnerabilities. Fuzz testing, penetration testing, and source code audits should all be incorporated as part of an effective quality assurance program. Independent security reviews can lead to more secure systems. External reviewers bring an independent perspective; for example, in identifying and correcting invalid assumptions
Adopt a secure coding standard Develop and/or apply a secure coding standard for your target
development language and platform
Top Secure Coding Practices
25
Source: https://www.securecoding.cert.org
![Page 26: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/26.jpg)
Secure Coding Standard: MISRA C:2012/AMD1
26
Validate Inputs
![Page 27: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/27.jpg)
Static analysis can be performed on the code and a number of metrics measured such as: Number of lines of code
Number of exit points
Fan in / Fan out
McCabe Cyclomatic Complexity
Keep It Simple
27
![Page 28: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/28.jpg)
Example of High Complexity
28
Impossible to understand, maintain or test
![Page 29: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/29.jpg)
IEC 61508 and Security
29
• IEC 61508 addresses security related safety risks just like
any other safety risks, and demands safety goals and
requirements to deal with them
![Page 30: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/30.jpg)
Thermostat Safety Requirements
30
Design in Security
![Page 31: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/31.jpg)
Build Safe and Secure Application Code
Define Requirements • Definition of safety and security requirements
Requirement Based Testing
• Requirement Coverage
• Impact Analysis
• Bi-directional Traceability from requirement to source code
31
![Page 32: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/32.jpg)
Build Safe and Secure Application Code
Coding Compliance and Quality of Code
• Finding safety and security vulnerabilities
• Maintaining the quality of code
Functional Testing
• Ensuring correctness of function
• Robustness testing
Structural Coverage
• Achieving an appropriate level of code coverage
32
![Page 33: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/33.jpg)
Requirement Traceability
33
Bi-directional traceability between requirements, test
cases, and source code
![Page 34: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/34.jpg)
Traditional Security Market - Testing
34
Reactive
Coding Executable Testing
Not Dependable
Not Trustworthy
(Malicious Logic)
Not Resilient
No Guidelines
No Risk
Mitigation
Mostly Agile
Performance Tests
Penetration Tests
Load Tests
Functional Tests
![Page 35: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/35.jpg)
Prevention is Better than Cure
35
Process remains same, additional considerations need to be addressed
Proactive
Coding Executable
Testing
Code Reviews
Functional Tests
Structural Coverage
(No Malicious Logic)
Security Tests
Security Risk
Assessment Drives
Security Guidelines
Agile/V/Waterfall
Dependable
Trustworthy
Resilient
![Page 36: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/36.jpg)
Structural Coverage
36
![Page 37: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/37.jpg)
Once all the High Level Tests have been executed, any code that remains un-exercised should be either removed, (if deemed to be dead-code), or new tests created to exercise it, or if in the case of defensive code (for example checking that a pointer is not null) then unit tests can be created to achieve 100% structural coverage
Structural Coverage Gap Analysis
37
![Page 38: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/38.jpg)
Summary
Security has to be designed in
Multiple layers of defence
Safety Requirements
Secure Coding Standard
Requirements based Testing
Requirements Tracing
38
![Page 40: IIRA and RAMI 4.0 Secure IIoT Applications Need Secure ... · IIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com ... Safety 4. Netherlands](https://reader036.vdocument.in/reader036/viewer/2022071022/5fd730b29ec3bf74047739ff/html5/thumbnails/40.jpg)
Q A&
Any Questions
40