SlideShare a Scribd company logo

Fr. Vanessa Kluge, BA (Kontron AIS GmbH)

Praxistage
Praxistage

The Importance of Security in Managing Connected Devices for IoT Solutions. Vanessa Kluge, BA (Kontron AIS GmbH)

Technology
1 of 25
Download to read offline
The Importance of Security in Managing Connected Devices for IoT Solutions Praxistage 2024 Vanessa Kluge Product Manager Digitalization Kontron AIS GmbH
2 › Ladesäulen
› Easy and fast connectivity › Open to connect to any network › Security at its core › Remote accessibility › 24/7 availability › Dynamic and self-adapting › Scalability Major characteristics Kontron | Praxistage 2024 What is essential for IoT solutions? 3 How does this come about? › Utilizing connected devices as base
› Malware infections › Data Theft › Lack of compatibility with new security technology › Regular automatic updates › Exploitable backdoors › Loopholes or flaws in operation systems › Denial of Service (DoS) Kontron | Praxistage 2024 IoT security issues and challenges at the edge 4 › Insecure interfaces – authentication is key › Insufficient data protection – insecure communication and data storage › IoT skill gap › Poor IoT device management – shadow IoT, unmanaged, unknown, unauthorized
By managing your connected devices efficiently and securely Kontron | Praxistage 2024 How can these challenges be solved? 5 Accessibility Cyber Security Maintenance Connectivity Health
6 › DIY Syndrome › Time consuming for personnel › Difficult to scale › Limited visibility of health and performance factors › Data overload leads to inefficiencies and limitation in IoT solution functionality Why manual and poor device management is a risk for IT teams? Common Traps Kontron | Praxistage 2024
› Confidentiality › Integrity › Availability Three pillars on all levels There is no way around Security by Design (#1) 7 Kontron | Praxistage 2024 Device System Network Application Cloud
Development Process › Automatic build process (continuous integration) ensure short development cycles › Automated testing › Automated CVE/CWE scanning › Threat modelling as integrated method for development and test › Product development by SCRUM › Rapid development with APEX Deployment Process › Infrastructure as a code enables fast reaction to changes and requirements › Integration / Scenario tests with risk assessment › Automated rollout of new versions on all staging systems › Trust areas › Approval process according to the dual control principle › Tracking and registration of each update › Complete overview of installed versions on each server Kontron | Praxistage 2024 Agile Development and Deployment Security by Design (#1) 8
› Knowledge about supply chains › Knowledge about security status › Recommendations for actions Software Bill of Material (S-BOM) Supplier management (#2) 9 › Which libraries and modules have been used? › Provide a bill of material › Determine version and provide documentation › Are there security issues known? › Are there patches available? › Should we use alternatives? › Tests against CVE/CWE database (e.g. mitre.org / nist.org) › Description of the security issues › Allocation of the version to the component › Notes on remediation › Automatic tracking of 3rd party software › Continuous version tracking and documentation of results Kontron | Praxistage 2024 OLD NEW
Penetration Tests › Security posture management (Cloud Guard) › REST-API Tests Kontron | Praxistage 2024 Proactive measurements Test & Validation (#3) 10 Monitoring › Logging › Long-term statistical capacity utilization on network, database, hardware, connections (Nagios) › Frontend (NGINX & Apache Tomcat) › Short-term (2-4 weeks) performance statistics (APEX)
The time to act is now Advanced cyber security regulations by EU legislation 11 2014 2016 2016 2018 2019 2023 EU Cybersecurity Act European cybersecurity certification framework GDPR Processing of personal data of individuals NIS Directive Directive on attacks against information systems NIS2 Directive “Security by Design” and “Security by Default” EU Cyber Resilience Act Cybersecurity requirements for products with digital elements Expected 2023 Kontron | Praxistage 2024
› EU Data Act › A new regulation that establishes uniform rules for data access, switching cloud providers, and interoperability requirements in the EU. › Objective: Create a single data market in the EU with reuse of data across all sectors of the economy. › Target group: Mandatory for products and services in the EU › Validity: › Cyber Resilience Act › A proposal for a legal framework to define cybersecurity requirements for hardware and software products placed on the market in the European Union. › Objective: To improve the security of digital products › Target group: Mandatory for all companies that manufacture products with digital elements › NIS2 › EU-wide piece of legislation that provides legal measures to improve the overall level of cybersecurity in the EU by ensuring preparedness and cooperation between Member States and requiring key actors in key industries to take security measures and report incidents. › Objective: Increase cyber security and resilience in the EU › Target group: Mandatory for operators of critical infrastructures › IEC 63442 › International series of standards covering cyber security for operational technology in automation and control systems. The standards take a risk-based approach to cyber security and provide a framework for the systematic assessment, mitigation and management of cyber security risks in industrial automation and control systems. › Objective: Ensure reliability and safety of critical industrial processes and infrastructure › Target group: Mandatory for offshore installations and ships Overview for Mechanical Engineering Companies Kontron | Praxistage 2024 Major Security Standards 2024 12 Deep Dive
13 Working Team Our IT team of the charging stations may be in trouble Core competence: › Application development Reality Check! Kontron | Praxistage 2024 Is this all doable? Potential gaps: › Hardware knowledge › Embedded software expertise › Network security › Multi-layered connectivity VS
› Data-driven analysis and decision-making › Improved automated operations › Enhanced security › Seamless connectivity › Increased efficiency Why automated device management offers great benefits in order to future-proofing your fleet? 14 Kontron | Praxistage 2024 OT IoT IT Benefits of the convergence of IT, OT and Internet of Things
15 The Complete Fleet Management Solution for Edge Devices
Device Management KontronOS Docker Management Integrated but independently usable Five Key Services of K-PORT › Condition monitoring of the IoT devices › Manage all devices worldwide in a cloud-based environment for edge devices › Easily onboard IoT devices › Manage device fleets › Hardened operating system for X86 or Arm, based on Yocto Linux › Two redundant operating system partitions ensuring maximum uptime › Secure management interface for updates and deployment › Short-term updates in case of "critical" vulnerabilities. › Manage Docker Containers › Encapsulate customer applications (images) in containers › CLI communication with Docker Registry › Deploy Docker containers automatically with Docker Compose to fleets of devices in the field Kontron | Praxistage 2024
Remoting VPN-Service Integrated but independently usable Five Key Services of K-PORT Kontron | Praxistage 2024 › Centralized management of desktop and remote accesses, e.g. RDP & SSH accesses › Establishment of secure remote connections › Command line access › Activate and deactivate temporary direct access to the machine and plant network › Direct connection "tunneling" between networks › Manage, monitor and log VPN connections › Connect to a device simultaneously
How a hardened OS ensures to run them reliably Kontron | Praxistage 2024 Focus on building your applications is paramount 18 #1 Security › Flexible and portable: Linux based can be used flexibly for Intel® x86 & Arm® based devices › Tailored to Docker containers: containerized applications are lightweight and ideal for connected devices, KontronOS creates a secure environment for them › Reduced to the essentials: a minimal Linux operating system with all the necessary functions it needs to ensure smooth operation › Maximum uptime: two redundant partitions (active and passive) ensure maximum uptime in the event of a failure, interruption or failed update and guarantee a smooth operation of Docker containers
KontronOS Kontron | Praxistage 2024 Hardened operation system as security at its core 19 › Two redundant partitions for redundancy and automated rollback to older versions in case of problems in the update process › Clear separation between operating system and application level › Continuous CVE/CWE investigation › Support of the integrated security mechanism at boot level via TPM 2.0 on x86 and via HAB for Arm® › Web UI for configuring network zones of integrated firewall and IP address #1 Security
From image to template via CLI and Docker Compose integration Kontron | Praxistage 2024 Automated Build Process 20 #2 Automation › Image › Single Container › Container Set › Docker Compose Operation System + › Template or › CLI › Drag & Drop › Docker Compose › CLI › Drag & Drop
Plan your rollout scenarios strategically Kontron | Praxistage 2024 Automated Update Cycle 21 #2 Automation › Nearby Location › Test Lab › Germany › Norway Operation System + › Template › Worldwide
Standard IoT Stack to Fully Customized Kontron | Praxistage 2024 Fleet Management Solution that fits your application 22 Standard IoT Stack KBox A-250 (x86) Licenses i.MX8M Mini (Arm®) Get started right away Modified Standard Modified HW: Arm-based to x86-based Licenses + project costs Get started in weeks Fully Customized Custom HW Customized OS Licenses + project costs Get started in months #3 Flexibility
From Security to Digital Services Kontron | Praxistage 2024 The interaction of the Susietec® portfolio 23
24 How do you future-proof your IoT solutions? › Security at its core › Automation at its heart › Flexibility in its mind
Kontron AIS GmbH Vanessa Kluge – Product Manager Digitalization 25

Recommended

Learn how to addressing medical and industrial challenges with BlackBerry QNX...
Learn how to addressing medical and industrial challenges with BlackBerry QNX...Learn how to addressing medical and industrial challenges with BlackBerry QNX...
Learn how to addressing medical and industrial challenges with BlackBerry QNX...
Qt
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
Microsoft Tech Community
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
Ashley Zupkus
 
Workshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOWorkshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDO
Julien SIMON
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Eurotech
 
IoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentationIoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentation
VEDLIoT Project
 
Simplifying your network management using software tools
Simplifying your network management using software toolsSimplifying your network management using software tools
Simplifying your network management using software tools
Westermo Network Technologies
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013
Eurotech
 

Recommended

Learn how to addressing medical and industrial challenges with BlackBerry QNX...
Learn how to addressing medical and industrial challenges with BlackBerry QNX...Learn how to addressing medical and industrial challenges with BlackBerry QNX...
Learn how to addressing medical and industrial challenges with BlackBerry QNX...
Qt
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
Microsoft Tech Community
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
Ashley Zupkus
 
Workshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOWorkshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDO
Julien SIMON
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Eurotech
 
IoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentationIoT Tech Expo 2023_Marcelo Pasin presentation
IoT Tech Expo 2023_Marcelo Pasin presentation
VEDLIoT Project
 
Simplifying your network management using software tools
Simplifying your network management using software toolsSimplifying your network management using software tools
Simplifying your network management using software tools
Westermo Network Technologies
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013
Eurotech
 
Cybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfCybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdf
ICS
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Codit
 
IoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoTIoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoT
Eurotech
 
IoT and M2M Services for the Railway Market
IoT and M2M Services for the Railway MarketIoT and M2M Services for the Railway Market
IoT and M2M Services for the Railway Market
Eurotech
 
An Introduction to Eclipse Kura - Eclipse Day Florence 2014
An Introduction to Eclipse Kura - Eclipse Day Florence 2014An Introduction to Eclipse Kura - Eclipse Day Florence 2014
An Introduction to Eclipse Kura - Eclipse Day Florence 2014
Eurotech
 
Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...
Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...
Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...
Codit
 
M2M in Transportation, Mining and Agriculture
M2M in Transportation, Mining and AgricultureM2M in Transportation, Mining and Agriculture
M2M in Transportation, Mining and Agriculture
Eurotech
 
Workshop AWS IoT @ IoT World Paris
Workshop AWS IoT @ IoT World ParisWorkshop AWS IoT @ IoT World Paris
Workshop AWS IoT @ IoT World Paris
Julien SIMON
 
Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)
Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)
Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)
Codit
 
How to bootstrap your IoT project
How to bootstrap your IoT projectHow to bootstrap your IoT project
How to bootstrap your IoT project
Eurotech
 
Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...
Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...
Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...
Eurotech
 
Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up
ICS
 
Locationless data science on a modern secure edge
Locationless data science on a modern secure edgeLocationless data science on a modern secure edge
Locationless data science on a modern secure edge
John Archer
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
Leonardo Antichi
 
Microsoft IoT Overview, Vision and Roadmap
Microsoft IoT Overview, Vision and RoadmapMicrosoft IoT Overview, Vision and Roadmap
Microsoft IoT Overview, Vision and Roadmap
Microsoft Tech Community
 
Application Layer Security for IoT: The Case Study of a Smart Home
Application Layer Security for IoT: The Case Study of a Smart HomeApplication Layer Security for IoT: The Case Study of a Smart Home
Application Layer Security for IoT: The Case Study of a Smart Home
IRJET Journal
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure Shpere
Mirco Vanini
 
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdfTM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
ssuser8b324e
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
Ploynatcha Akkaraputtipat
 
Einladung zu den Praxistagen 2024 im virtuellen Landhaus
Einladung zu den Praxistagen 2024 im virtuellen LandhausEinladung zu den Praxistagen 2024 im virtuellen Landhaus
Einladung zu den Praxistagen 2024 im virtuellen Landhaus
Praxistage
 
Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...
Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...
Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...
Praxistage
 

More Related Content

Similar to Fr. Vanessa Kluge, BA (Kontron AIS GmbH)

Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Codit
 
Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up
ICS
 
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdfTM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
ssuser8b324e
 

Similar to Fr. Vanessa Kluge, BA (Kontron AIS GmbH) (20)

Cybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdfCybersecurity and Software Updates in Medical Devices.pdf
Cybersecurity and Software Updates in Medical Devices.pdf
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
 
IoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoTIoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoT
 
IoT and M2M Services for the Railway Market
IoT and M2M Services for the Railway MarketIoT and M2M Services for the Railway Market
IoT and M2M Services for the Railway Market
 
An Introduction to Eclipse Kura - Eclipse Day Florence 2014
An Introduction to Eclipse Kura - Eclipse Day Florence 2014An Introduction to Eclipse Kura - Eclipse Day Florence 2014
An Introduction to Eclipse Kura - Eclipse Day Florence 2014
 
Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...
Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...
Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...
 
M2M in Transportation, Mining and Agriculture
M2M in Transportation, Mining and AgricultureM2M in Transportation, Mining and Agriculture
M2M in Transportation, Mining and Agriculture
 
Workshop AWS IoT @ IoT World Paris
Workshop AWS IoT @ IoT World ParisWorkshop AWS IoT @ IoT World Paris
Workshop AWS IoT @ IoT World Paris
 
Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)
Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)
Living on the (IoT) edge (Sam Vanhoutte @TechdaysNL 2017)
 
How to bootstrap your IoT project
How to bootstrap your IoT projectHow to bootstrap your IoT project
How to bootstrap your IoT project
 
Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...
Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...
Unique Value Proposition in M2M: Hardware, Software & Service Building Blocks...
 
Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up Secure Your Medical Devices From the Ground Up
Secure Your Medical Devices From the Ground Up
 
Locationless data science on a modern secure edge
Locationless data science on a modern secure edgeLocationless data science on a modern secure edge
Locationless data science on a modern secure edge
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
Microsoft IoT Overview, Vision and Roadmap
Microsoft IoT Overview, Vision and RoadmapMicrosoft IoT Overview, Vision and Roadmap
Microsoft IoT Overview, Vision and Roadmap
 
Application Layer Security for IoT: The Case Study of a Smart Home
Application Layer Security for IoT: The Case Study of a Smart HomeApplication Layer Security for IoT: The Case Study of a Smart Home
Application Layer Security for IoT: The Case Study of a Smart Home
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure Shpere
 
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdfTM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
 

More from Praxistage

More from Praxistage (20)

Einladung zu den Praxistagen 2024 im virtuellen Landhaus
Einladung zu den Praxistagen 2024 im virtuellen LandhausEinladung zu den Praxistagen 2024 im virtuellen Landhaus
Einladung zu den Praxistagen 2024 im virtuellen Landhaus
 
Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...
Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...
Michael Jäger, MBA, Dipl. Wirtschaftsinformatiker (FH) Christian Kohler (Mait...
 
Fr. RA Mag. Birgit Noha, LL.M. (Laws.at)
Fr. RA Mag. Birgit Noha, LL.M. (Laws.at)Fr. RA Mag. Birgit Noha, LL.M. (Laws.at)
Fr. RA Mag. Birgit Noha, LL.M. (Laws.at)
 
Mag.a Mary-Ann Hayes (Unicredit Bank Austria AG)
Mag.a Mary-Ann Hayes (Unicredit Bank Austria AG)Mag.a Mary-Ann Hayes (Unicredit Bank Austria AG)
Mag.a Mary-Ann Hayes (Unicredit Bank Austria AG)
 
OR Dipl.-Ing. Bettina Gastecker, Bakk (Bundesministerium für Finanzen)
OR Dipl.-Ing. Bettina Gastecker, Bakk (Bundesministerium für Finanzen)OR Dipl.-Ing. Bettina Gastecker, Bakk (Bundesministerium für Finanzen)
OR Dipl.-Ing. Bettina Gastecker, Bakk (Bundesministerium für Finanzen)
 
Dipl.-Ing. (FH) Bernd Stockinger (Citycom Telekommunikation GmbH)
Dipl.-Ing. (FH) Bernd Stockinger (Citycom Telekommunikation GmbH)Dipl.-Ing. (FH) Bernd Stockinger (Citycom Telekommunikation GmbH)
Dipl.-Ing. (FH) Bernd Stockinger (Citycom Telekommunikation GmbH)
 
Dipl.-Verww. (FH) Christian Zierau (Stadtrat für Finanzen, Personal, Ordnung ...
Dipl.-Verww. (FH) Christian Zierau (Stadtrat für Finanzen, Personal, Ordnung ...Dipl.-Verww. (FH) Christian Zierau (Stadtrat für Finanzen, Personal, Ordnung ...
Dipl.-Verww. (FH) Christian Zierau (Stadtrat für Finanzen, Personal, Ordnung ...
 
Bernd Schellnast (Sphinx IT Consulting GmbH)
Bernd Schellnast (Sphinx IT Consulting GmbH)Bernd Schellnast (Sphinx IT Consulting GmbH)
Bernd Schellnast (Sphinx IT Consulting GmbH)
 
Werner Panhauser (Helvetia Versicherungen AG)
Werner Panhauser (Helvetia Versicherungen AG)Werner Panhauser (Helvetia Versicherungen AG)
Werner Panhauser (Helvetia Versicherungen AG)
 
Michael Weilguny, Christian Schön (IVM Technical Consultants Wien Ges.m.b.H.)
Michael Weilguny, Christian Schön (IVM Technical Consultants Wien Ges.m.b.H.)Michael Weilguny, Christian Schön (IVM Technical Consultants Wien Ges.m.b.H.)
Michael Weilguny, Christian Schön (IVM Technical Consultants Wien Ges.m.b.H.)
 
Dipl.-Ing. Bob Velkov (Huawei Technologies Austria GmbH)
Dipl.-Ing. Bob Velkov (Huawei Technologies Austria GmbH)Dipl.-Ing. Bob Velkov (Huawei Technologies Austria GmbH)
Dipl.-Ing. Bob Velkov (Huawei Technologies Austria GmbH)
 
Dipl.-Ing. Werner Plessl (Hewlett Packard Enterprise)
Dipl.-Ing. Werner Plessl (Hewlett Packard Enterprise)Dipl.-Ing. Werner Plessl (Hewlett Packard Enterprise)
Dipl.-Ing. Werner Plessl (Hewlett Packard Enterprise)
 
Dipl.-Ing. Marc Haarmeier (Prime Force Group Int. AG)
Dipl.-Ing. Marc Haarmeier (Prime Force Group Int. AG)Dipl.-Ing. Marc Haarmeier (Prime Force Group Int. AG)
Dipl.-Ing. Marc Haarmeier (Prime Force Group Int. AG)
 
Mag.a Verena Becker, BSc. (Wirtschaftskammer Österreich/BSIC)
Mag.a Verena Becker, BSc. (Wirtschaftskammer Österreich/BSIC)Mag.a Verena Becker, BSc. (Wirtschaftskammer Österreich/BSIC)
Mag.a Verena Becker, BSc. (Wirtschaftskammer Österreich/BSIC)
 
Doris Ingerisch (Axians ICT Austria GmbH)
Doris Ingerisch (Axians ICT Austria GmbH)Doris Ingerisch (Axians ICT Austria GmbH)
Doris Ingerisch (Axians ICT Austria GmbH)
 
Josef Weissinger (Soroban IT-Beratung GmbH)
Josef Weissinger (Soroban IT-Beratung GmbH)Josef Weissinger (Soroban IT-Beratung GmbH)
Josef Weissinger (Soroban IT-Beratung GmbH)
 
Ing. Boris Werner (Breitbandbüro des Bundesministeriums für Finanzen)
Ing. Boris Werner (Breitbandbüro des Bundesministeriums für Finanzen)Ing. Boris Werner (Breitbandbüro des Bundesministeriums für Finanzen)
Ing. Boris Werner (Breitbandbüro des Bundesministeriums für Finanzen)
 
Praxistage 2024 im virtuellen Landhaus, St. Pölten
Praxistage 2024 im virtuellen Landhaus, St. PöltenPraxistage 2024 im virtuellen Landhaus, St. Pölten
Praxistage 2024 im virtuellen Landhaus, St. Pölten
 
Hr. David Simon (Juniper Networks, Inc.)
Hr. David Simon (Juniper Networks, Inc.)Hr. David Simon (Juniper Networks, Inc.)
Hr. David Simon (Juniper Networks, Inc.)
 
Mag. Michael Salat (Cisco Systems Austria GmbH)
Mag. Michael Salat (Cisco Systems Austria GmbH)Mag. Michael Salat (Cisco Systems Austria GmbH)
Mag. Michael Salat (Cisco Systems Austria GmbH)
 

Recently uploaded

Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
UXDXConf
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
UXDXConf
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
UXDXConf
 
Buy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxBuy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptx
EasyPrinterHelp
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Syngulon
 

Recently uploaded (20)

IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Top 10 Symfony Development Companies 2024
Top 10 Symfony Development Companies 2024Top 10 Symfony Development Companies 2024
Top 10 Symfony Development Companies 2024
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Buy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxBuy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptx
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 

Fr. Vanessa Kluge, BA (Kontron AIS GmbH)

  • 1. The Importance of Security in Managing Connected Devices for IoT Solutions Praxistage 2024 Vanessa Kluge Product Manager Digitalization Kontron AIS GmbH
  • 3. › Easy and fast connectivity › Open to connect to any network › Security at its core › Remote accessibility › 24/7 availability › Dynamic and self-adapting › Scalability Major characteristics Kontron | Praxistage 2024 What is essential for IoT solutions? 3 How does this come about? › Utilizing connected devices as base
  • 4. › Malware infections › Data Theft › Lack of compatibility with new security technology › Regular automatic updates › Exploitable backdoors › Loopholes or flaws in operation systems › Denial of Service (DoS) Kontron | Praxistage 2024 IoT security issues and challenges at the edge 4 › Insecure interfaces – authentication is key › Insufficient data protection – insecure communication and data storage › IoT skill gap › Poor IoT device management – shadow IoT, unmanaged, unknown, unauthorized
  • 5. By managing your connected devices efficiently and securely Kontron | Praxistage 2024 How can these challenges be solved? 5 Accessibility Cyber Security Maintenance Connectivity Health
  • 6. 6 › DIY Syndrome › Time consuming for personnel › Difficult to scale › Limited visibility of health and performance factors › Data overload leads to inefficiencies and limitation in IoT solution functionality Why manual and poor device management is a risk for IT teams? Common Traps Kontron | Praxistage 2024
  • 7. › Confidentiality › Integrity › Availability Three pillars on all levels There is no way around Security by Design (#1) 7 Kontron | Praxistage 2024 Device System Network Application Cloud
  • 8. Development Process › Automatic build process (continuous integration) ensure short development cycles › Automated testing › Automated CVE/CWE scanning › Threat modelling as integrated method for development and test › Product development by SCRUM › Rapid development with APEX Deployment Process › Infrastructure as a code enables fast reaction to changes and requirements › Integration / Scenario tests with risk assessment › Automated rollout of new versions on all staging systems › Trust areas › Approval process according to the dual control principle › Tracking and registration of each update › Complete overview of installed versions on each server Kontron | Praxistage 2024 Agile Development and Deployment Security by Design (#1) 8
  • 9. › Knowledge about supply chains › Knowledge about security status › Recommendations for actions Software Bill of Material (S-BOM) Supplier management (#2) 9 › Which libraries and modules have been used? › Provide a bill of material › Determine version and provide documentation › Are there security issues known? › Are there patches available? › Should we use alternatives? › Tests against CVE/CWE database (e.g. mitre.org / nist.org) › Description of the security issues › Allocation of the version to the component › Notes on remediation › Automatic tracking of 3rd party software › Continuous version tracking and documentation of results Kontron | Praxistage 2024 OLD NEW
  • 10. Penetration Tests › Security posture management (Cloud Guard) › REST-API Tests Kontron | Praxistage 2024 Proactive measurements Test & Validation (#3) 10 Monitoring › Logging › Long-term statistical capacity utilization on network, database, hardware, connections (Nagios) › Frontend (NGINX & Apache Tomcat) › Short-term (2-4 weeks) performance statistics (APEX)
  • 11. The time to act is now Advanced cyber security regulations by EU legislation 11 2014 2016 2016 2018 2019 2023 EU Cybersecurity Act European cybersecurity certification framework GDPR Processing of personal data of individuals NIS Directive Directive on attacks against information systems NIS2 Directive “Security by Design” and “Security by Default” EU Cyber Resilience Act Cybersecurity requirements for products with digital elements Expected 2023 Kontron | Praxistage 2024
  • 12. › EU Data Act › A new regulation that establishes uniform rules for data access, switching cloud providers, and interoperability requirements in the EU. › Objective: Create a single data market in the EU with reuse of data across all sectors of the economy. › Target group: Mandatory for products and services in the EU › Validity: › Cyber Resilience Act › A proposal for a legal framework to define cybersecurity requirements for hardware and software products placed on the market in the European Union. › Objective: To improve the security of digital products › Target group: Mandatory for all companies that manufacture products with digital elements › NIS2 › EU-wide piece of legislation that provides legal measures to improve the overall level of cybersecurity in the EU by ensuring preparedness and cooperation between Member States and requiring key actors in key industries to take security measures and report incidents. › Objective: Increase cyber security and resilience in the EU › Target group: Mandatory for operators of critical infrastructures › IEC 63442 › International series of standards covering cyber security for operational technology in automation and control systems. The standards take a risk-based approach to cyber security and provide a framework for the systematic assessment, mitigation and management of cyber security risks in industrial automation and control systems. › Objective: Ensure reliability and safety of critical industrial processes and infrastructure › Target group: Mandatory for offshore installations and ships Overview for Mechanical Engineering Companies Kontron | Praxistage 2024 Major Security Standards 2024 12 Deep Dive
  • 13. 13 Working Team Our IT team of the charging stations may be in trouble Core competence: › Application development Reality Check! Kontron | Praxistage 2024 Is this all doable? Potential gaps: › Hardware knowledge › Embedded software expertise › Network security › Multi-layered connectivity VS
  • 14. › Data-driven analysis and decision-making › Improved automated operations › Enhanced security › Seamless connectivity › Increased efficiency Why automated device management offers great benefits in order to future-proofing your fleet? 14 Kontron | Praxistage 2024 OT IoT IT Benefits of the convergence of IT, OT and Internet of Things
  • 15. 15 The Complete Fleet Management Solution for Edge Devices
  • 16. Device Management KontronOS Docker Management Integrated but independently usable Five Key Services of K-PORT › Condition monitoring of the IoT devices › Manage all devices worldwide in a cloud-based environment for edge devices › Easily onboard IoT devices › Manage device fleets › Hardened operating system for X86 or Arm, based on Yocto Linux › Two redundant operating system partitions ensuring maximum uptime › Secure management interface for updates and deployment › Short-term updates in case of "critical" vulnerabilities. › Manage Docker Containers › Encapsulate customer applications (images) in containers › CLI communication with Docker Registry › Deploy Docker containers automatically with Docker Compose to fleets of devices in the field Kontron | Praxistage 2024
  • 17. Remoting VPN-Service Integrated but independently usable Five Key Services of K-PORT Kontron | Praxistage 2024 › Centralized management of desktop and remote accesses, e.g. RDP & SSH accesses › Establishment of secure remote connections › Command line access › Activate and deactivate temporary direct access to the machine and plant network › Direct connection "tunneling" between networks › Manage, monitor and log VPN connections › Connect to a device simultaneously
  • 18. How a hardened OS ensures to run them reliably Kontron | Praxistage 2024 Focus on building your applications is paramount 18 #1 Security › Flexible and portable: Linux based can be used flexibly for Intel® x86 & Arm® based devices › Tailored to Docker containers: containerized applications are lightweight and ideal for connected devices, KontronOS creates a secure environment for them › Reduced to the essentials: a minimal Linux operating system with all the necessary functions it needs to ensure smooth operation › Maximum uptime: two redundant partitions (active and passive) ensure maximum uptime in the event of a failure, interruption or failed update and guarantee a smooth operation of Docker containers
  • 19. KontronOS Kontron | Praxistage 2024 Hardened operation system as security at its core 19 › Two redundant partitions for redundancy and automated rollback to older versions in case of problems in the update process › Clear separation between operating system and application level › Continuous CVE/CWE investigation › Support of the integrated security mechanism at boot level via TPM 2.0 on x86 and via HAB for Arm® › Web UI for configuring network zones of integrated firewall and IP address #1 Security
  • 20. From image to template via CLI and Docker Compose integration Kontron | Praxistage 2024 Automated Build Process 20 #2 Automation › Image › Single Container › Container Set › Docker Compose Operation System + › Template or › CLI › Drag & Drop › Docker Compose › CLI › Drag & Drop
  • 21. Plan your rollout scenarios strategically Kontron | Praxistage 2024 Automated Update Cycle 21 #2 Automation › Nearby Location › Test Lab › Germany › Norway Operation System + › Template › Worldwide
  • 22. Standard IoT Stack to Fully Customized Kontron | Praxistage 2024 Fleet Management Solution that fits your application 22 Standard IoT Stack KBox A-250 (x86) Licenses i.MX8M Mini (Arm®) Get started right away Modified Standard Modified HW: Arm-based to x86-based Licenses + project costs Get started in weeks Fully Customized Custom HW Customized OS Licenses + project costs Get started in months #3 Flexibility
  • 23. From Security to Digital Services Kontron | Praxistage 2024 The interaction of the Susietec® portfolio 23
  • 24. 24 How do you future-proof your IoT solutions? › Security at its core › Automation at its heart › Flexibility in its mind
  • 25. Kontron AIS GmbH Vanessa Kluge – Product Manager Digitalization 25