Cybersecurity risks affect IIoT fog computing
Cloud computing within IIoT is creating new opportunities for manufacturers and industrial systems. From connected cars and smart cities to real-time analytics and 5G mobile, IIoT sensors are generating data in unprecedented volumes.
Since most essential smart factory services would be inefficient without lightning responses from IIoT systems, many factory systems rely on sensors and actuators with built-in time constraints. Any latency or break in signal to operational sensors or actuators could have catastrophic consequences.
To overcome this challenge, leading technology providers have developed fog computing; a virtualized platform that runs essential cloud processes locally across a distributed network of IIoT devices. Fog computing enables consistent, two-way cloud communications between local operational components and remote management points via the Internet in milliseconds.
Closer to the edge
Though still in its infancy, fog computing is already being rolled out for a range of IIoT-based applications. For example, smart cities rely on access to data in real time to run public services more efficiently. In the case of connected cars, sensor data pertaining to road conditions, geo-positioning and physical surroundings is analyzed in real time at a local level. Other types of data, such as engine performance, can also be communicated to the manufacturer so they know when to offer maintenance services or repairs.
Sometimes, IIoT devices are located in remote areas where processing data close to edge devices becomes essential. An oil rig is a good example. A typical oil platform may have about 100,000 sensors generating data at the rate of several TBs every day. To relay all this data over the Internet and back for analysis and response is neither practical nor economical. Instead, cloud services must be brought closer to the edge.
Other applications in the cloud, such as mobile 5G, analyze the aggregated data from many thousands of sensors to identify opportunities for productivity improvements or trends over time. For example, in dense antenna deployment areas, a fog computing architecture with a centralized controller may be used to manage local applications and connectivity with remote data centers in the cloud.
It’s widely acknowledged that most IIoT devices do not have security built-in, and energy providers and manufacturers still deploy IIoT systems in remote, exposed locations. As a result, thousands of smart yet vulnerable mechanisms in physical isolation is a cause for concern as data shared across factory ecosystems and the cloud may be readily visible to unauthorized third-parties.
The best way to compensate for the lack of built-in security is to implement enterprise-grade privacy and protection measures to fog computing systems. Encryption can prevent confidential industrial data, such as intellectual property or operational information, from being observed by cybercriminals, hackers or spies.
Surprisingly, many industrial and manufacturing organizations have yet to introduce encryption into their IIoT environments. More than half — 51% — of organizations still do not use encryption to protect sensitive data in the cloud, according to a Thales study involving more than 3,000 IT and IT security practitioners worldwide.
The most effective way to ensure communications are encrypted and connectivity throughout IIoT networks is secure is to implement professional, enterprise-grade VPN software. A VPN can encrypt all digital communications flowing between local systems and the cloud with advanced algorithms such as Suite B cryptography. Even if a third-party were to penetrate a device or application, the information itself would be indecipherable.
A growing number of manufacturers and industrial organizations are pivoting to cloud-based VPN services for secure management of remote IIoT equipment because cloud VPN services offer airtight security as well as additional flexibility, scalability and reduced technical complexity. Cloud-based VPN services create end-to-end encryption between an on-premises central management point and remote IIoT devices. The cloud server conducts authentication checks automatically and establishes appropriate tunnels. Best of all, it does not decrypt or store any data that passes through.
Remote access to IIoT devices may also be on-demand and restricted to times and other parameters specified by the owner. For example, access may be limited to service engineers according to the principle of least privilege, which ensures security remains as airtight as possible.
Although fog computing can improve productivity, efficiency and revenue, it also can put data at risk. Securing all data processed by these critical ecosystems with VPN software is paramount.
A VPN provides secure and reliable connectivity for remote IIoT machines and cloud-based control hubs by encrypting all digital communications passing over the Internet between innumerable devices and the remote administration center. These encrypted connections allow smart systems to send confidential data over the Internet while being shielded from unauthorized third parties.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.