Short Communication - (2021) Volume 10, Issue 6
Received: 02-Jul-2021
Published:
23-Jul-2021
, DOI: 10.37421/2090-4886.2021.10.130
Citation: Chang, Chih-Wei.“More Attention to the Cybersecurity
of Industrial Internet of Things (IIoT).”J Sens Netw Data Commun 10(2021):130.
Copyright: © 2021 Chang CW. This is an open-access article distributed under
the terms of the creative commons attribution license which permits unrestricted
use, distribution and reproduction in any medium, provided the original author
and source are credited.
In the case of Taiwan Semiconductor Manufacturing Company (TSMC) who was forced to shut down several factories after revealing is being attacked by a malware in August 2018. The incident caused attention on the security of smart manufacturing industry whilst in the past, management issue of cybersecurity for Operational Technology (OT) were rarely discussed. As such if we are unable to provide good defense for information security among sensor networks and OT environment, the development of smart application system and industry 4.0 will be potentially precarious.
Operational Technology • IoT • Sensors • IIoT
Many sensors and IoT have been integrated into the Industrial Control Systems (ICS) and Industrial Automation and Control Systems (IACS) in the rapid developing smart factory or Industry 4.0. Yet most of IoT devices and existing ICS are vulnerable due to the inadequate physical security protection mechanism. In August 2018, TSMC was plagued by a ransomware and immediately lost operation revenue approximately USD $171M [1]. Similarly, researcher observed a situation occurred that at Iran where the hacker attacked one nuclear plant with mimic method [2]. Consequently ICS-CERT continuously reported threats among OT network environment. These incidents explain the consequence is dire once an OT environment or smart factory system is hacked thus failed functioning. Therefore, we shall take the safety of ICS and the cybersecurity threat into account. First, we have to build adequate information security protection capability, resorting for Industrial Internet of Things (IIoT), to ensure those systems can function continuously, and thus achieve their purposes and expect benefits.
In addition, some scholars recently have started to study IoT security via threat taxonomy, and others have highlighted the defense solution for cybersecurity of Industrial Internet of Things (IIoT) [3-12]. The examination discloses establishing dynamic security protection mechanism in variant industrial fields.
Enhance the cybersecurity of industry IOT system
It is universally reckoned that cyber security shall be thoroughly considered in the new system where initially planning, design, processing, and implementation to final operation shall be catered for. Furthermore, in-service IIoT and ICS systems must be able to assess security risk and manage information security. Purdue Enterprise Reference Architecture (PERA) provides a basic operating structure of an industrial control system [13]. Industrial Automation and Control System Security Committee purposes an ISA-99 standard with a framework to provide cybersecurity assessment tools in the OT field. Base on this framework, we can project multiple layers of defense to protect IIOT, or existing IACS systems.
Initially, network segmentation and the established access policies will effectively ensure data safety in whole system that includes device connection, senor network and Manufacturing Execution Systems (MES), and information exchange between OT and IT. Secondly, improve the smart application environment in order for enhancing security protection and prevent hacking events in each individual subsystem. Last, strengthen security management to achieve requirement of confidentiality, integrity and availability in IT systems, and to comply human health, facility safety, and environment control in OT fields (Figure 1).
Despite the lack of a physical protection mechanism for IIoT and IACS, we can analyze data exchange safety through system architecture, information requirement of subsystem functionality and simulation of protection intrusion detection, rechecking the entire network environment. Furthermore, apply multi-layer defense to enhance OT field security, protection, and renovation, in order to build-up cybersecurity mechanism, and sustain the whole chain functioning well to achieve the goal of IIoT and smart factory. The ISA-99 work has been utilized by the International Electro-technical Commission (IEC) to develop the multi-standard ISA/IEC 62443 series. The importance of evolving cybersecurity for IIoT and IACS are crucial. Topics about the latest standard for IACS and the related IIoT research examination are of our major attention.