Security requirements for today’s IIoT Systems
The Industrial Internet of Things, often referred to as IIoT, is being hailed by some as the next great industrial revolution. Analysts have predicted that the IIoT could produce as much as 14 trillion dollars in economic gains over the next decade. Even conservative estimates show that the IIoT will have a tremendous impact on our economy. It is no surprise then that companies are rushing to harness the potential of the IIoT by developing new products, services, and business systems.
One area in which the IIoT creates value is from the creation of a network of smart, connected sensors and controllers that not only talk to each other but are used to monitor and manage a wide range of machines and industrial systems.
By combining this connectivity with analytics, information technologies, and operational technologies, operators of industrial plants will be able to realize and extract great value. For example, a plant can be designed to adapt to changes during production in real time, or anticipate and avoid events that might impact operations. Another application might be predictive maintenance. Systems can be instrumented to avoid downtime or catastrophic consequences related to the previously unanticipated failure of critical systems. Small percentage gains in plant operations or unplanned downtime can translate to dramatic gains in the bottom line.
To take full advantage of the new opportunities in IIoT, the entire system must be connected – from the sensors, actuators, and motors up through the controllers and into the information and operational technology systems, then beyond into the cloud. It is this connectivity that will allow next-generation systems to generate efficiencies in operations, integrate the supply chain more tightly and in innovative new ways, and to define entirely new business models and revenue streams.
Connectivity is key to unlocking the value of the IIoT, but it comes with a risk of cyber attack that must be addressed. As systems are connected to the Internet and larger corporate networks, they are at increased risk of cyber attacks both from external bad actors and from internal threats, whether accidental or malicious. The full potential of the IIoT cannot be achieved without ensuring the security of all the systems and devices it encompasses.
Security must be addressed at every layer, from sensors and actuators to the controllers and the operations and business systems with which they connect. While traditional IT security solutions protect the IT business applications, these solutions won’t work for the embedded devices closest to the physical systems. These operational assets must be protected against cyber attacks by integrating security into the devices themselves. To achieve this requires specialized security software. Any such solution will need to provide secure boot, secure code updates, authentication, and secure communications protocols that enable integration with enterprise security management systems.
We are entering an exciting time for the next generation of industrial systems. Advances in microprocessors, software technologies, and connectivity are creating opportunities for tremendous value creation. This value creation will never be fully realized, however, unless these systems are secure from the ever-growing threat of cyber attack. Security must be addressed at all levels of the network, even into the smallest devices. As the old adage goes, security is only as strong as the weakest link.