SlideShare a Scribd company logo

IoT Security Challenges and Solutions

Intel® Software
Intel® Software

The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.

Technology
1 of 27
Download to read offline
1 IoT Security Overview Steve Orrin Chief Technologist, Intel Federal
INTEL PROPRIETARY Intel Federal Agenda • Overview of Security Challenges in IoT • The Vision for IoT Security • Fundamental Capabilities • Example Solutions / Use Cases • Summary
INTEL PROPRIETARY Intel Federal Current Issues in Protecting IoT and ICS Increased Connectivity  Company Enterprise Network and ICS  Internet Interdependencies  Cascading Failure Concerns Complexity  Real Time Control Leads to Increased System Complexity  Access to Systems Granted to More and More Users, Business Systems, Control Systems Legacy Systems  Just Not Built for Security Market Restructuring  Increased Volume of Transactions  Narrower Operating Margins (Engineering and Monetary) System Accessibility  Vulnerabilities and Back Doors  Wireless Access Offshore Reliance Information Availability  Manuals and Training Videos Available Publicly  Hacker Tools Readily Available on Internet 3,000 Industrial Plants Per Year Infected with Malware Targeted industrial control systems-themed malware including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find. From: DarkReading 3/21/17 by Kelly Jackson Higgins
INTEL PROPRIETARY Intel Federal Threats to IoT and ICS • Disrupt operation of ICS by delaying or blocking the flow of information through control networks, thereby denying network availability to control system operators • Send false information to control system operators, either to disguise unauthorized changes or to initiate inappropriate actions by system operators. • Modify the system software – producing unpredictable results • Interfere with the operation of a safety system(s) • Make unauthorized changes to programmed instructions in PLCs, RTUs, or DCS controllers • Change alarm thresholds and settings • Order premature shutdown of processes • Disable control equipment
INTEL PROPRIETARY Intel Federal Adversary Trends The interest in IoT and ICS is increasing:  Number of IoT / ICS presentations at conferences  Number of conference locations globally  Number of subculture information sharing networks  Visibility of Connected ‘things’ & ICS vulnerability research
INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Pipeline Communication Infrastructure Compromise Devices used in an attack against a third party. Device configuration contributed to compromise Large volume of network traffic generated Compromised not detected by traditional means Nuclear Power Plant cyber infection Recovery time: SPDS – 4 hours 50 minutes PPC – 6 hours 9 minutes Event: Slammer worm infects plant. Impact: Complete shutdown of digital portion of Safety Parameter Display System (SPDS) and Plan Process Computer (PPC). Specifics: Worm started at contractors site. Worm jumped from corporate to plant network and found an unpatched server. Patch had been available for 6 months. Lessons learned:  Verify device configuration  Ensure Defense-in-depth strategies are in place  Isolate critical systems from the internet. Lessons learned:  Secure remote (trusted) access channels  Ensure Defense-in-depth strategies with appropriate procurement requirements  Critical patches need to be applied Automobile Manufacturing Impact Event: Internet worms shuts down major US automobile manufacturer’s industrial control systems Impact: Production lines were idle as infected systems were patched Specifics: The malware infected 13 automobile manufacturing plants. Revenue impact was approximately $1M USD/HR Lessons learned:  Critical patches need to be applied  Provide adequate network segmentation between control and business networks  Place controls between segments to limit congestion and cascading effects Automobile computer systems hacked Event(s): Researchers take away driver control of a moving vehicle by remotely hacking into relatively insecure computer systems Impact: Computerized systems in modern cars control many critical components and safety devices Specifics: Several Team managed to break into key vehicle systems to kill the engine, apply or disable the brakes and even send various taunting messages to radio or dashboard displays Lessons learned:  Automobile control systems are vulnerable to the same kind of attacks which are launched against Internet- connected computers
INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Oil Platform Cyber Incident Event: Insider computer attack on an energy company’s process control system. Impact: By disrupting one of the process control computer systems, the leak detection system was periodically disabled. Specifics: Disgruntled IT contractor damaged company computer systems by impairing the integrity and availability of critical operational data. Water Utility Loses Control Event: Residents of a rural town experienced loss of water pressure Impact: Approximately 10,000 residents without water Specifics: Utility operator updated its HMI OS (Windows) with a direct connection to the Internet and evidence points to a virus infecting the SCADA system; causing it to crash. The ICS was outdated, not supported by the vendor, and not patched to current updates. Lacked a firewall between the business and control networks Water facility accessed via Internet Event: Cyber researcher used new search engine “SHODAN” to identify an online link to a utility company’s SCADA system. The system was then accessed using the default user name and passwords Impact: The researcher gained administrative control over the regional water treatment system Specifics: After connecting to the water control and management system via the internet the researcher as able to access all control systems for water pumping and waste water treatment Lessons learned:  Do not underestimate the insider threat  Ensure access controls  Policies and Procedure, with regards to contract personnel, background checks Lessons learned:  Utilize DMZ to ensure isolation from business side and Internet  Keep systems patched  Establish and enforce sound security policies Lessons learned:  Change system default user names and passwords  Avoid posting system details to public facing devices  Not all public facing system details are obviously visible
INTEL PROPRIETARY Intel Federal 8 Overview of Security Challenges in IoT: Complexity and lack of Standards and Interoperability Protocols  Standards based protocols slowly replacing vendor-specific proprietary communication protocols Interconnected to other systems  Connections to business and administrative networks to obtain productivity improvements and mandated open access information sharing Reliance on public information systems  Increasing use of public telecommunication systems and the Internet for portions of the ICS
INTEL PROPRIETARY Intel Federal 9 Overview of Security Challenges in IoT: Security Requirements & Required Certifications
INTEL PROPRIETARY Intel Federal focus Provide security capabilities that enable protection, identification, and assurance to all nodes in the IoT ecosystem InternetofthingssecurityStrategy • Designed-In Security Foundation – Consistent security features and a unified programming model which speeds up ecosystem enablement. • Built-In IOT Platform Security Architecture – Solutions integrated to work edge to cloud which lead to HW protected, market ready vertical solutions. • On-Demand Device Lifecycle Security Services – Trust services equip threat defenses with HW verified and attested devices.
INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy  Device onboarding & attestation  Integrated into IoT platform & security management ISV offerings On-Demand DeviceLifecycle SecurityServices Equipsthreatdefenses withHWVerified& attestedDevices TrustServices3. BuilT-In IoTPlatform Security Architecture SolutionsIntegratedtowork EdgetoCloud HWProtected, MarketReady VerticalSolutionsHarden Edge Secure Comms Security Managemen t 2. Protected Storage Protected Boot Trusted Execution Environment Hardware and Software Identities Speeds Ecosystem Enablement ConsistentSecurityFeatures & UnifiedProgrammingModelDesigned-in Security Foundation All Product Lines 1.
INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy FOUNDATION (Consistency - WIP) Ecosystem 1 Client IoT Auto Drones Data Center 3 Memory Comms Altera D E V E L O P E R S 2 4 S e r v i c e s 5
INTEL PROPRIETARY Intel Federal 13 The Vision for Device Security 13 Protected Workloads Trusted Execution Environment Identity Verifies boot process and enables software identification. Enforces platform boot policies • Secure Boot using TXT & TPMVerified Boot Execution environment that isolates the operations from manipulation or disclosure • SGX (SW Guard Extensions) Trusted Execution Environment (TEE) Provides a unique identifier for the device and can serve as the basis for authentication • EPID (Enhanced Privacy ID)Device Identification Sensitive data (including key material) protected from misuse or disclosure when in use, transit, or storage • TPM – Trusted Platform Module • PTT – Platform Trust Technology Secure Storage ExamplesDefinitionsSecurity Themes Provides device management, provisioning, and policy • MeshCentral for IoT GatewaysManagement
INTEL PROPRIETARY Intel Federal 14 Fundamental Capabilities Embedded Security (Security Isolation) • Physical Security • Endpoint Protection Secure Communication • Machine-to-Machine AA-A • Confidentiality & Integrity Security Monitoring & Management • Security Policy Management • Security Event Monitoring
INTEL PROPRIETARY Intel Federal 15 Security Isolation Options • No Silver Bullet for Security • No “one-size-fits-all” approach • Enable a spectrum of security implementations • Choose best solution for use case • Process Isolation • Security in same OS as other components • Separate security processes • Containerization Isolation • Software Containers • Hardware Containers • Virtualization Isolation • Security in separate OS • Physical Isolation • Gateway or Bump-in-the-Wire
INTEL PROPRIETARY Intel Federal 16 Embedded Security Deployment Models 16 • Process Separation • Security in same OS as other components • Separate security processes • Containerization Separation • Security in same OS, but in software containers (jails) • Application separation (apps) • Virtualization Separation • Security in separate OS • Physical Separation • Gateway or Bump-in-the-Wire Gateway Virtualization In same OS Containerization It’s all about separation of concerns to keep security apart from the Operational components
INTEL PROPRIETARY Intel Federal 17 Security Comms Channel • Provide Security Management and Monitoring Services • Back-end Services • Edge Services • Traffic channels independent of Operational Flows and Services • Separate payload and frequency • Independent QoS • Transport Security (Confidentiality and Integrity) • Machine-to-Machine AA-A • Device ID • Authentication and Access Control • Security and other Endpoint Events aggregated and correlated • Back-end aggregation • Edge aggregation • Enables Security Analytics capabilities • Back-end analytics • Edge analytics • Does not affect the existing Operational Services • Loosely coupled to Operational Technologies • Allows security to evolve independently from OT process Management Monitoring Analytics Secured Unsecured ApplicationData Security Data Security Data
INTEL PROPRIETARY Intel Federal 18 Security Management • All devices have consistent security APIs, whether security is mixed in with the OS, below the OS in a virtualized instance, or in an OS in a physically separate instance. • All devices now look the same from the management perspective, regardless of Make, Model, Manufacturer. • The security policies can be pushed out to devices regardless of their deployment model, all from a centralized management “cloud”.
INTEL PROPRIETARY Intel Federal 19 Security Monitoring • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Global visibility of all endpoints and all communications means that situational awareness spans the entire environment. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints.
INTEL PROPRIETARY Intel Federal 20 Security Management & Monitoring Feedback Loop • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints. • Crossing a risk threshold triggers a state change in the management system, resulting in automated responses • Notify appropriate personnel • Push new policy out
INTEL PROPRIETARY Intel Federal Management and Monitoring Security as a Service (SecaaS) Logical View 21 IT & Security Ops Context Operational Context Security Management & Monitoring Communication Security Endpoint Security Management & Monitoring Services Time Sequence Data Custom Data Operational Services Context Overlay • IT data is out of band from OT data • OT “cloud” services do not change • Security encapsulated in IT “cloud” • Time Sequence Data = Events • Properties = Endpoints • Policy = Management • IT/OT Service Context Dichotomy Metrics Rules Alarms etc Use or disclosure of the contents of this page is restricted by the terms on the notice page
INTEL PROPRIETARY Intel Federal Brownfield: Using Gateway Greenfield: Using Embedded Security in Device
INTEL PROPRIETARY Intel Federal 23 Example IoT Use Case: C4ISR + Analytics C4ISR Command, Control, Communications, Computers Intelligence, Surveillance and Reconnaissance Foundational USG Big Data Computer Vision
INTEL PROPRIETARY Intel Federal Things To Do First Protect what’s most important  Data “islanding” / secure enclaving Consider new layers Think beyond intrusion prevention  Post-infection detection and response  Mitigation  Monitoring logs; think about exfiltration Deny, Disrupt, Disable, Destroy Actively protect your supply chain Maintain open dialogue with ISP, suppliers, customers, employees CLASSIC PERIMETER Intellectual Property (Secrets) HR Data Process Control Recipes Competitively Sensitive Data CLASSIC PERIMETERCLASSICPERIMETER CLASSICPERIMETER
INTEL PROPRIETARY Intel Federal Security is a Journey, not a Destination
INTEL PROPRIETARY Intel Federal 26 Intel IoT Platforms and Analytics Capabilities: Increasing intelligence and value over time
INTEL PROPRIETARY Intel Federal 27 Thank you Steve Orrin Chief Technologist, Intel Federal steve.orrin@intel.com

Recommended

Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Security challenges in IoT
Security challenges in IoTSecurity challenges in IoT
Security challenges in IoTVishnupriya T H
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issuesAnastasios Economides
 

Recommended

Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Security challenges in IoT
Security challenges in IoTSecurity challenges in IoT
Security challenges in IoTVishnupriya T H
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issuesAnastasios Economides
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
IoT Security
IoT SecurityIoT Security
IoT SecurityNarudom Roongsiriwong, CISSP
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTgr9293
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT SecuritySHAAMILIVARSAGV
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
IoT Security
IoT SecurityIoT Security
IoT SecurityPeter Waher
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of thingssreelekha appakondappagari
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoTWSO2
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and ChallengesOWASP Delhi
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
IoT - Attacks and Solutions
IoT - Attacks and SolutionsIoT - Attacks and Solutions
IoT - Attacks and SolutionsUlf Mattsson
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Ravindra Dastikop
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
Internet of Things Using Arduino
Internet of Things Using ArduinoInternet of Things Using Arduino
Internet of Things Using ArduinoPantech ProLabs India Pvt Ltd
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 

More Related Content

What's hot

Security in IoT
Security in IoTSecurity in IoT
Security in IoTgr9293
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT SecuritySHAAMILIVARSAGV
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoTWSO2
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and ChallengesOWASP Delhi
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
IoT - Attacks and Solutions
IoT - Attacks and SolutionsIoT - Attacks and Solutions
IoT - Attacks and SolutionsUlf Mattsson
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Ravindra Dastikop
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 

What's hot (20)

IOT Security
IOT SecurityIOT Security
IOT Security
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
IoT security
IoT securityIoT security
IoT security
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT Security
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and Solutions
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoT
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
IoT - Attacks and Solutions
IoT - Attacks and SolutionsIoT - Attacks and Solutions
IoT - Attacks and Solutions
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
Internet of Things Using Arduino
Internet of Things Using ArduinoInternet of Things Using Arduino
Internet of Things Using Arduino
 

Similar to IoT Security Challenges and Solutions

Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practiceteam-WIBU
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsIRJET Journal
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsIRJET Journal
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfezzAyman1
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Dawn Yankeelov
 
Securing your IoT Implementations
Securing your IoT ImplementationsSecuring your IoT Implementations
Securing your IoT ImplementationsTechWell
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel IoT
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11Irsandi Hasan
 
CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11Irsandi Hasan
 

Similar to IoT Security Challenges and Solutions (20)

Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
 
Securing your IoT Implementations
Securing your IoT ImplementationsSecuring your IoT Implementations
Securing your IoT Implementations
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of Things
 
Security aspect of IOT.pptx
Security aspect of IOT.pptxSecurity aspect of IOT.pptx
Security aspect of IOT.pptx
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11
 
CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11
 

More from Intel® Software

AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology Intel® Software
 
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaPython Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaIntel® Software
 
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciStreamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciIntel® Software
 
AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.Intel® Software
 
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Intel® Software
 
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Intel® Software
 
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Intel® Software
 
AWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchAWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchIntel® Software
 
Intel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel® Software
 
AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019Intel® Software
 
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019Intel® Software
 
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Intel® Software
 
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Intel® Software
 
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Intel® Software
 
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...Intel® Software
 
AIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesAIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesIntel® Software
 
AIDC India - AI Vision Slides
AIDC India - AI Vision SlidesAIDC India - AI Vision Slides
AIDC India - AI Vision SlidesIntel® Software
 
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Intel® Software
 

More from Intel® Software (20)

AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology
 
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaPython Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and Anaconda
 
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciStreamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
 
AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.
 
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
 
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
 
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
 
AWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchAWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI Research
 
Intel Developer Program
Intel Developer ProgramIntel Developer Program
Intel Developer Program
 
Intel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview Slides
 
AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019
 
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
 
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
 
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
 
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
 
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
 
AIDC India - AI on IA
AIDC India - AI on IAAIDC India - AI on IA
AIDC India - AI on IA
 
AIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesAIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino Slides
 
AIDC India - AI Vision Slides
AIDC India - AI Vision SlidesAIDC India - AI Vision Slides
AIDC India - AI Vision Slides
 
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
 

Recently uploaded

Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Alison B. Lowndes
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoTAnalytics
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxJennifer Lim
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaRTTS
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCzechDreamin
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Product School
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Product School
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2DianaGray10
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...Product School
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationZilliz
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Product School
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsExpeed Software
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyJohn Staveley
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...Product School
 

Recently uploaded (20)

Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 

IoT Security Challenges and Solutions

  • 1. 1 IoT Security Overview Steve Orrin Chief Technologist, Intel Federal
  • 2. INTEL PROPRIETARY Intel Federal Agenda • Overview of Security Challenges in IoT • The Vision for IoT Security • Fundamental Capabilities • Example Solutions / Use Cases • Summary
  • 3. INTEL PROPRIETARY Intel Federal Current Issues in Protecting IoT and ICS Increased Connectivity  Company Enterprise Network and ICS  Internet Interdependencies  Cascading Failure Concerns Complexity  Real Time Control Leads to Increased System Complexity  Access to Systems Granted to More and More Users, Business Systems, Control Systems Legacy Systems  Just Not Built for Security Market Restructuring  Increased Volume of Transactions  Narrower Operating Margins (Engineering and Monetary) System Accessibility  Vulnerabilities and Back Doors  Wireless Access Offshore Reliance Information Availability  Manuals and Training Videos Available Publicly  Hacker Tools Readily Available on Internet 3,000 Industrial Plants Per Year Infected with Malware Targeted industrial control systems-themed malware including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find. From: DarkReading 3/21/17 by Kelly Jackson Higgins
  • 4. INTEL PROPRIETARY Intel Federal Threats to IoT and ICS • Disrupt operation of ICS by delaying or blocking the flow of information through control networks, thereby denying network availability to control system operators • Send false information to control system operators, either to disguise unauthorized changes or to initiate inappropriate actions by system operators. • Modify the system software – producing unpredictable results • Interfere with the operation of a safety system(s) • Make unauthorized changes to programmed instructions in PLCs, RTUs, or DCS controllers • Change alarm thresholds and settings • Order premature shutdown of processes • Disable control equipment
  • 5. INTEL PROPRIETARY Intel Federal Adversary Trends The interest in IoT and ICS is increasing:  Number of IoT / ICS presentations at conferences  Number of conference locations globally  Number of subculture information sharing networks  Visibility of Connected ‘things’ & ICS vulnerability research
  • 6. INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Pipeline Communication Infrastructure Compromise Devices used in an attack against a third party. Device configuration contributed to compromise Large volume of network traffic generated Compromised not detected by traditional means Nuclear Power Plant cyber infection Recovery time: SPDS – 4 hours 50 minutes PPC – 6 hours 9 minutes Event: Slammer worm infects plant. Impact: Complete shutdown of digital portion of Safety Parameter Display System (SPDS) and Plan Process Computer (PPC). Specifics: Worm started at contractors site. Worm jumped from corporate to plant network and found an unpatched server. Patch had been available for 6 months. Lessons learned:  Verify device configuration  Ensure Defense-in-depth strategies are in place  Isolate critical systems from the internet. Lessons learned:  Secure remote (trusted) access channels  Ensure Defense-in-depth strategies with appropriate procurement requirements  Critical patches need to be applied Automobile Manufacturing Impact Event: Internet worms shuts down major US automobile manufacturer’s industrial control systems Impact: Production lines were idle as infected systems were patched Specifics: The malware infected 13 automobile manufacturing plants. Revenue impact was approximately $1M USD/HR Lessons learned:  Critical patches need to be applied  Provide adequate network segmentation between control and business networks  Place controls between segments to limit congestion and cascading effects Automobile computer systems hacked Event(s): Researchers take away driver control of a moving vehicle by remotely hacking into relatively insecure computer systems Impact: Computerized systems in modern cars control many critical components and safety devices Specifics: Several Team managed to break into key vehicle systems to kill the engine, apply or disable the brakes and even send various taunting messages to radio or dashboard displays Lessons learned:  Automobile control systems are vulnerable to the same kind of attacks which are launched against Internet- connected computers
  • 7. INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Oil Platform Cyber Incident Event: Insider computer attack on an energy company’s process control system. Impact: By disrupting one of the process control computer systems, the leak detection system was periodically disabled. Specifics: Disgruntled IT contractor damaged company computer systems by impairing the integrity and availability of critical operational data. Water Utility Loses Control Event: Residents of a rural town experienced loss of water pressure Impact: Approximately 10,000 residents without water Specifics: Utility operator updated its HMI OS (Windows) with a direct connection to the Internet and evidence points to a virus infecting the SCADA system; causing it to crash. The ICS was outdated, not supported by the vendor, and not patched to current updates. Lacked a firewall between the business and control networks Water facility accessed via Internet Event: Cyber researcher used new search engine “SHODAN” to identify an online link to a utility company’s SCADA system. The system was then accessed using the default user name and passwords Impact: The researcher gained administrative control over the regional water treatment system Specifics: After connecting to the water control and management system via the internet the researcher as able to access all control systems for water pumping and waste water treatment Lessons learned:  Do not underestimate the insider threat  Ensure access controls  Policies and Procedure, with regards to contract personnel, background checks Lessons learned:  Utilize DMZ to ensure isolation from business side and Internet  Keep systems patched  Establish and enforce sound security policies Lessons learned:  Change system default user names and passwords  Avoid posting system details to public facing devices  Not all public facing system details are obviously visible
  • 8. INTEL PROPRIETARY Intel Federal 8 Overview of Security Challenges in IoT: Complexity and lack of Standards and Interoperability Protocols  Standards based protocols slowly replacing vendor-specific proprietary communication protocols Interconnected to other systems  Connections to business and administrative networks to obtain productivity improvements and mandated open access information sharing Reliance on public information systems  Increasing use of public telecommunication systems and the Internet for portions of the ICS
  • 9. INTEL PROPRIETARY Intel Federal 9 Overview of Security Challenges in IoT: Security Requirements & Required Certifications
  • 10. INTEL PROPRIETARY Intel Federal focus Provide security capabilities that enable protection, identification, and assurance to all nodes in the IoT ecosystem InternetofthingssecurityStrategy • Designed-In Security Foundation – Consistent security features and a unified programming model which speeds up ecosystem enablement. • Built-In IOT Platform Security Architecture – Solutions integrated to work edge to cloud which lead to HW protected, market ready vertical solutions. • On-Demand Device Lifecycle Security Services – Trust services equip threat defenses with HW verified and attested devices.
  • 11. INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy  Device onboarding & attestation  Integrated into IoT platform & security management ISV offerings On-Demand DeviceLifecycle SecurityServices Equipsthreatdefenses withHWVerified& attestedDevices TrustServices3. BuilT-In IoTPlatform Security Architecture SolutionsIntegratedtowork EdgetoCloud HWProtected, MarketReady VerticalSolutionsHarden Edge Secure Comms Security Managemen t 2. Protected Storage Protected Boot Trusted Execution Environment Hardware and Software Identities Speeds Ecosystem Enablement ConsistentSecurityFeatures & UnifiedProgrammingModelDesigned-in Security Foundation All Product Lines 1.
  • 12. INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy FOUNDATION (Consistency - WIP) Ecosystem 1 Client IoT Auto Drones Data Center 3 Memory Comms Altera D E V E L O P E R S 2 4 S e r v i c e s 5
  • 13. INTEL PROPRIETARY Intel Federal 13 The Vision for Device Security 13 Protected Workloads Trusted Execution Environment Identity Verifies boot process and enables software identification. Enforces platform boot policies • Secure Boot using TXT & TPMVerified Boot Execution environment that isolates the operations from manipulation or disclosure • SGX (SW Guard Extensions) Trusted Execution Environment (TEE) Provides a unique identifier for the device and can serve as the basis for authentication • EPID (Enhanced Privacy ID)Device Identification Sensitive data (including key material) protected from misuse or disclosure when in use, transit, or storage • TPM – Trusted Platform Module • PTT – Platform Trust Technology Secure Storage ExamplesDefinitionsSecurity Themes Provides device management, provisioning, and policy • MeshCentral for IoT GatewaysManagement
  • 14. INTEL PROPRIETARY Intel Federal 14 Fundamental Capabilities Embedded Security (Security Isolation) • Physical Security • Endpoint Protection Secure Communication • Machine-to-Machine AA-A • Confidentiality & Integrity Security Monitoring & Management • Security Policy Management • Security Event Monitoring
  • 15. INTEL PROPRIETARY Intel Federal 15 Security Isolation Options • No Silver Bullet for Security • No “one-size-fits-all” approach • Enable a spectrum of security implementations • Choose best solution for use case • Process Isolation • Security in same OS as other components • Separate security processes • Containerization Isolation • Software Containers • Hardware Containers • Virtualization Isolation • Security in separate OS • Physical Isolation • Gateway or Bump-in-the-Wire
  • 16. INTEL PROPRIETARY Intel Federal 16 Embedded Security Deployment Models 16 • Process Separation • Security in same OS as other components • Separate security processes • Containerization Separation • Security in same OS, but in software containers (jails) • Application separation (apps) • Virtualization Separation • Security in separate OS • Physical Separation • Gateway or Bump-in-the-Wire Gateway Virtualization In same OS Containerization It’s all about separation of concerns to keep security apart from the Operational components
  • 17. INTEL PROPRIETARY Intel Federal 17 Security Comms Channel • Provide Security Management and Monitoring Services • Back-end Services • Edge Services • Traffic channels independent of Operational Flows and Services • Separate payload and frequency • Independent QoS • Transport Security (Confidentiality and Integrity) • Machine-to-Machine AA-A • Device ID • Authentication and Access Control • Security and other Endpoint Events aggregated and correlated • Back-end aggregation • Edge aggregation • Enables Security Analytics capabilities • Back-end analytics • Edge analytics • Does not affect the existing Operational Services • Loosely coupled to Operational Technologies • Allows security to evolve independently from OT process Management Monitoring Analytics Secured Unsecured ApplicationData Security Data Security Data
  • 18. INTEL PROPRIETARY Intel Federal 18 Security Management • All devices have consistent security APIs, whether security is mixed in with the OS, below the OS in a virtualized instance, or in an OS in a physically separate instance. • All devices now look the same from the management perspective, regardless of Make, Model, Manufacturer. • The security policies can be pushed out to devices regardless of their deployment model, all from a centralized management “cloud”.
  • 19. INTEL PROPRIETARY Intel Federal 19 Security Monitoring • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Global visibility of all endpoints and all communications means that situational awareness spans the entire environment. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints.
  • 20. INTEL PROPRIETARY Intel Federal 20 Security Management & Monitoring Feedback Loop • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints. • Crossing a risk threshold triggers a state change in the management system, resulting in automated responses • Notify appropriate personnel • Push new policy out
  • 21. INTEL PROPRIETARY Intel Federal Management and Monitoring Security as a Service (SecaaS) Logical View 21 IT & Security Ops Context Operational Context Security Management & Monitoring Communication Security Endpoint Security Management & Monitoring Services Time Sequence Data Custom Data Operational Services Context Overlay • IT data is out of band from OT data • OT “cloud” services do not change • Security encapsulated in IT “cloud” • Time Sequence Data = Events • Properties = Endpoints • Policy = Management • IT/OT Service Context Dichotomy Metrics Rules Alarms etc Use or disclosure of the contents of this page is restricted by the terms on the notice page
  • 22. INTEL PROPRIETARY Intel Federal Brownfield: Using Gateway Greenfield: Using Embedded Security in Device
  • 23. INTEL PROPRIETARY Intel Federal 23 Example IoT Use Case: C4ISR + Analytics C4ISR Command, Control, Communications, Computers Intelligence, Surveillance and Reconnaissance Foundational USG Big Data Computer Vision
  • 24. INTEL PROPRIETARY Intel Federal Things To Do First Protect what’s most important  Data “islanding” / secure enclaving Consider new layers Think beyond intrusion prevention  Post-infection detection and response  Mitigation  Monitoring logs; think about exfiltration Deny, Disrupt, Disable, Destroy Actively protect your supply chain Maintain open dialogue with ISP, suppliers, customers, employees CLASSIC PERIMETER Intellectual Property (Secrets) HR Data Process Control Recipes Competitively Sensitive Data CLASSIC PERIMETERCLASSICPERIMETER CLASSICPERIMETER
  • 25. INTEL PROPRIETARY Intel Federal Security is a Journey, not a Destination
  • 26. INTEL PROPRIETARY Intel Federal 26 Intel IoT Platforms and Analytics Capabilities: Increasing intelligence and value over time
  • 27. INTEL PROPRIETARY Intel Federal 27 Thank you Steve Orrin Chief Technologist, Intel Federal steve.orrin@intel.com