Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

IOT Security - ICCT College of Engineering

17,247 views

Published on

IOT Security - ICCT College of Engineering

  1. 1. IoT Security John Patrick Lita Information Security Consultant
  2. 2. Agenda • IOT How it Starts • The internet of Things • Purpose of IoT • IOT Challenges • The Stuxtnet • IOT Landscape 2
  3. 3. How it start Image from: http://asmarterplanet.com/blog/2014/09/ramping-up.html 3
  4. 4. Effect of the Internet Image from: https://foxxr.com/internet-marketing/social-media-marketing/ 4
  5. 5. Internet Usage and Population Statistics Source: www.internetlivestats.com/internet-users-by-country/ 5
  6. 6. IOT Connected worldwide https://iot-analytics.com/10-internet-of-things-applications/ 6
  7. 7. Example of IoT Revolution Industrial Automation Health Care Automation Smart Cars Smart City Smart House Human no smart 7
  8. 8. What is IoT? 8 The internet of things (IoT) is the network of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.
  9. 9. The Internet of Things • The term Internet of Things was first used by Kevin Ashton in 1999. • uniquely identifiable through its embedded computing system but is able to interoperate within the existing Internet infrastructure 9
  10. 10. IOT Characteristics Ambient Intelligence Flexible Structure Semantic Sharing Complex Access Technology Event Driven 10
  11. 11. Technology Implementation RFID Sensor Smart Tech Nano Tech To identify and track the data of things To collect and process the data to detect the changes in the physical status of things To enhance the power of the network by devolving processing capabilities to different part of the network. To make the smaller and smaller things have the ability to connect and interact. 11
  12. 12. Purpose of Internet of Things IOT Application Management Retail Logistics Health Care Food Education 12
  13. 13. Management • Waste Management • Data Management • Production Management • Urban Management • Energy Management • Transportation Management 13
  14. 14. Health Management • Your Medical Record is stored as Data • Track your Drug Usage / Dosage • Web Application for Hospital / Pharmacy • Efficiency delivering emergency treatment more faster • Manage your Check-up using a mobile application 14
  15. 15. Traffic Management • Reduce Traffic Congestion • Sensors connected to traffic signal keeping sending information to a central server o number of vehicles piling • Analytics platform get real-time data from sensors, traffic signals within 2 km of intended junction & GIS Mapping of roads • Save Life on road • A message is sent to the ambulance display panel in front of the driver informing him which the road to take • A message is also sent to hospital system prompting them to get ready including auto message to the doctor’s phone to rush back if he is out • Help Prevent and Catch crime • All information from CCTV, Sensors on the road, criminal database and information from police command centre is continuously fed to analytics platform which keeps analysing the information and take decisions • Police squad is dispatched to site to check bad contents and take necessary actions Source: http://www.cisco.com/web/IN/about/network/smart_traffic.html 15
  16. 16. Food Management • Cutting waste when storing crops, by continuously monitoring for microscopic pests that will spoil then • Monitoring the activities of livestock, ensuring optimum diary yields • Nutrition calculations • Control food quality, health and safety • Prevent over production and shortage • Cab produce affordable food because of less in transpiration (No man in the middle), Direct Buyers to Sellers 16
  17. 17. Education Management • School Administration • Attendance Management • Voting System • Enrolment System • School Security • Monitoring the numbers of people inside the school building • Monitoring the Entrance and the presence of any individual for emergency purpose • Teaching Management • Video presentation • Information Management • Foreign Language learning • Time paced and long distance education Source: http://www.systech.com/the-implications-of-the-internet-of-things-for-education http://blogs.princeton.edu/etc/2012/02/24/the-internet-of-things/ 17
  18. 18. IOT Timeline 18
  19. 19. IOT Challenges 19
  20. 20. 5 Key Challenges for the Industrial Internet of Things (IIoT) Key Challenge #1: Settling on Device Capabilities •The real risk to what we call ‘manufacturing integrity’ is when products and services that may be well suited for a typical office setting are presented as solving the same problems in a manufacturing environment without completely understanding the associated requirements (environmental, hazardous areas, reliability and availability of services, etc.) Key Challenge #2: Supply Chain Concerns •Functionality is not the only focus that manufacturers will need to address in the coming years. Cost and industrial reliability will also play a part as early adopters vie to make the transition to IIoT. As embedded systems increasingly make their way into enterprises, the onus will be on manufacturers to maintain the integrity of their supply chains. Source: www.tripwire.com/state-of-security/featured/5-key-challenges-for-the-industrial-internet-of-things-iiot/ 20
  21. 21. 5 Key Challenges for the Industrial Internet of Things (IIoT) Key Challenge #3: Security • IIoT devices are in no way exempt from this. For example, according to Carr, “the brief period of time it takes to plug in a laptop (that has an internet connection) to a flow computer in order to download a software upgrade is all it takes to upload malicious malware such as BlackEnergy or Stuxnet.” Key Challenge #4: Bridging the Gaps that Divide Us • Security is a significant concern when it comes to implementing IoT. However, as with any new technology, technical problems are ultimately no match for issues that divide people and prevent us from working and adapting together. • And IT engineers and architects must understand the difference between business processes and manufacturing processes Key Challenge #5: Safety • The fifth and final key challenge enterprises face when implementing IIoT is safety. This concern relates to how the deep integration of connected devices and physical controls are introducing new methods of attack. Source: www.tripwire.com/state-of-security/featured/5-key-challenges-for-the-industrial-internet-of-things-iiot/ 21
  22. 22. Video Presentation: Stuxnet explanation and Demo https://www.youtube.com/watch?v=RS2WGRP7DpA 22
  23. 23. IOT Landscape 23
  24. 24. References: • http://www.slideshare.net/MhaeLyn/iot-30545508 • http://asmarterplanet.com/blog/2014/09/ramping-up.html • https://foxxr.com/internet-marketing/social-media-marketing • https://iot-analytics.com/10-internet-of-things-applications/ • http://www.cisco.com/web/IN/about/network/smart_traffic.html • http://www.systech.com/the-implications-of-the-internet-of-things-for- education • www.tripwire.com/state-of-security/featured/5-key-challenges-for-the- industrial-internet-of-things-iiot/ • http://blogs.princeton.edu/etc/2012/02/24/the-internet-of-things/ Youtube Video Stuxnet Explanation and Demonstration: • https://www.youtube.com/watch?v=RS2WGRP7DpA 24
  25. 25. Thank you for Listening! 25 John Patrick Lita john.patrick.lita@owasp.org www.owasp.org/index.php/Manila

×