Cybersecurity Considerations for Industrial IoT in Critical Infrastructure Sector

Neha Priya

doi:https://doi.org/10.14445/22492593/IJCOT-V12I1P306

Research Article | Open Access | Download PDF

Volume 12 | Issue 1 | Year 2022 | Article Id. IJCOT-V12I1P306 | DOI : https://doi.org/10.14445/22492593/IJCOT-V12I1P306

Cybersecurity Considerations for Industrial IoT in Critical Infrastructure Sector

Neha Priya

Received	Revised	Accepted
18 Mar 2022	27 Apr 2022	29 Apr 2022

Citation :

Neha Priya, "Cybersecurity Considerations for Industrial IoT in Critical Infrastructure Sector," International Journal of Computer & Organization Trends (IJCOT), vol. 12, no. 1, pp. 27-36, 2022. Crossref, https://doi.org/10.14445/22492593/IJCOT-V12I1P306

Abstract

There is an increasing demand for Internet of Things (IoT) technology in industries, especially in nations with large populations but limited resources. Critical infrastructure is one such industrial sector on which the population depends for sustainable development. Industrial IoT or IIoT has the potential to drive growth in critical infrastructures. However, technology transformation is time-consuming before large-scale investment and deployment can occur. Besides research and standardization, adequate business assessment, planning, and decision-making are required to leverage IoT technology's advantages. IIoT environment consists of cyber-physical systems in Industry 4.0 applications. Therefore, cybersecurity is a major challenge that critical infrastructures have to deal with while implementing IIoT solutions; this paper discusses cybersecurity considerations for Industrial Automation and Control systems that can be adopted in the critical infrastructure sector to implement IIoT security. To ensure safeguard from threats and adversaries and reliable operation of critical infrastructures, there are three focus areas of the proposed framework: security objectives, security standards, and enabling technologies in the IIoT environment.

Keywords

Critical infrastructure, Cybersecurity, Cyber-physical system, Industrial Automation, Control System, Industrial IoT.

References

[1] Sreedevi T. R., Internet of Things: A Survey of Iot Applications Based on Their Desirable Device Characteristics, Int. J. of Recent Engineering Research and Development. 02(10) (2017) 10-20.

[2] S.O. Muhanji, A.E. Flint and A.M. Farid, The Development of Iot Within Energy Infrastructure, In Iot, 1st Ed., Cham, Germany: Springer. (2019) 27-90.

[3] T. Lynn, P. T. Endo, AMNC Ribeiro, G.B.N. Barbosa, and P. Rosati, The Internet of Things: Definitions, Key Concepts, and Reference Architectures, In The Cloud-To-Thing Continuum, 1st Ed., T. Lynn, J. Mooney, B. Lee, P. Endo, Eds., Ser. Palgrave Studies In Digital Business & Enabling Technologies. Cham, Germany: Palgrave Macmillan. (2020) 1-22.

[4] (2017) Internet of Things Outlook, The Ericsson Mobility Report. [Online]. Available: Https://Www.Ericsson.Com/En/Mobility-Report/Internet-of-Things-Outlook.

[5] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications, IEEE Communication Survey & Tutorials, 17(4) (2015) 2347–2376.

[6] S. Mittal, M. A. Khan, and T. Wuest, Smart Manufacturing: Characteristics and Technologies, In Product Lifecycle Management For Digital Transformation of Industries, 1st Ed., R. Harik, L. Rivest, A. Bernard, B. Eynard, A. Bouras, Eds., Ser. IFIP Advances In Information and Communication Technology. Cham, Germany: Springer. 492 (2016) 539-548.

[7] R. Nicolescu, M. Huth, P. Radanliev and D. De Roure, Mapping The Values of Iot, J. of Information Technology, 33(4) (2018) 345-360.

[8] V. Moulos, G. Chatzikyriakos, V. Kassouras, A. Doulamis, N. Doulamis, G. Leventakis, T. Florakis, T. Varvarigou, E. Mitsokapas, G. Kioumourtzis, P. Klirodetis, A. Psychas, A. Marinakis, T. Sfetsos, A. Koniaris, D. Liapis and A. Gatzioura, A Robust Information Life Cycle Management Framework For Securing and Governing Critical Infrastructure Systems, Inventions, 3(4) (2018) 71-109.

[9] A. B. Pawar and S. Ghumbre, A Survey on Iot Applications, Security Challenges, and Countermeasures, In Proc. Int. Conf. on Computing, Analytics, and Security Trends, Pune, India, Paper (2016) 294-299.

[10] G. Stergiopoulos, V. Kouktzoglou, M. Theocharidou and D. Gritzali, A Process-Based Dependency Risk Analysis Methodology For Critical Infrastructure, Int.J. of Critical Infrastructures, 13(2/3) (2017)184-205

[11] M. Ghita, B. Siham, M. Hicham, Et Al., Digital Twins: Development and Implementation Challenges Within Moroccan Context, SN Applied Sciences, 2(5) (2020) 885.

[12] S. Walker-Roberts, M. Hammoudeh, O. Aldabbas, Et Al., Threats on The Horizon: Understanding Security Threats In The Era of Cyber-Physical Systems, The J. of Supercomputing, 76 (2020) 2643–2664.

[13] Q. Qassim, N. Jamil, M. Daud, and H. Hasan, Towards Implementing Scalable and Reconfigurable SCADA Security Testbed In The Power System Environment, Int. J. of Critical Infrastructures, 15(2) (2019) 91-120.

[14] V. S. Kumar, J. Prasad, and R. Samikannu, A Critical Review of Cyber Security and Cyber Terrorism - Threats To Critical Infrastructure In The Energy Sector, Int. J. of Critical Infrastructures, 14(2) (2018) 101-119.

[15] I. Kozine, B. Petrenj, and P. Trucco, Resilience Capacities Assessment For Critical Infrastructures Disruption: The READ Framework (Part 1), Int. J. of Critical Infrastructures, 14(3) (2018) 199-220.

[16] J. Jansen and A. Van Der Merwe, A Framework For Industrial Internet of Things, In Responsible Design, Implementation and Use of Information and Communication Technology, 1st Ed., M. Hattingh, M. Matthee, H. Smuts, I. Pappas, Y. Dwivedi, M. Mäntymäki, Eds., Ser. Lecture Notes In Computer Science. Cham, Germany: Springer. 12066 (2020) 138-150.

[17] N. Skandhakumar, J. Reid, F. Salim and Ed Dawson, A Policy Model For Access Control Using Building Information Models, Int. J. of Critical Infrastructure Protection, 23 (2018) 1-10.

[18] N. Wallace, T. Atkison, on The Detection of Cyber-Events In The Grid Using PCA, Int. J. of Critical Infrastructures, 13(2/3) (2017) 96- 112.

[19] P. Haller, B. Genge, and Adrian-Vasile Duka, on The Practical Integration of Anomaly Detection Techniques In Industrial Control Applications, Int. J. of Critical Infrastructure Protection, 24 (2019) 48–68.

[20] X. Clotet, J. Moyano, and G. Leon, A Real-Time Anomaly-Based IDS For Cyber-Attack Detection At The Industrial Process Level of Critical Infrastructures, Int. J. of Critical Infrastructure Protection, 23 (2018) 11-20.

[21] X. Jie, H. Wang, M. Fei, D. Du, Q. Sun and T.C. Yang, Anomaly Behavior Detection and Reliability Assessment of Control Systems Based on Association Rule, Int. J. of Critical Infrastructure Protection, 22 (2018) 90-99.

[22] Y. Yang, L. Wu, G. Yin, L. Li, and H. Zhao, A Survey on Security and Privacy Issues In Internet-of-Things, IEEE Internet of Things Journal, 4(5) (2017) 1250-1258.

[23] Pramod T. C., Kianoosh G. Boroojeni, M. Hadi Amini, N.R. Sunitha and S.S. Iyengar, Key Pre-Distribution Scheme With Join Leave Support For A SCADA System, Int. J. of Critical Infrastructure Protection, 24 (2019) 111-125.

[24] I. Farris, T. Taleb, Y. Khettab, and J. Song, A Survey on Emerging SDN and NFV Security Mechanisms For Iot Systems, IEEE Communication Survey & Tutorials, 21(1) (2019) 812–837.

[25] S. Yu, K. Lv, Z. Shao, Y. Guo, J. Zou and B. Zhang, A High-Performance Blockchain Platform For Intelligent Devices, In Proc. 2018 1st IEEE Int. Conf. on Hot Information-Centric Networking (Hoticn), Shenzhen, Paper (2018) 260-261.

[26] M. Singh, A. Singh, and S. Kim, Blockchain: A Game-Changer For Securing Iot Data, In Proc. 2018 IEEE 4th World Forum on Internet of Things (WF-Iot), Singapore, Paper (2018) 51-55.

[27] D. Fakhri and K. Mutijarsa, Secure Iot Communication Using Blockchain Technology, In Proc. 2018 International Symposium on Electronics and Smart Devices (ISESD), Bandung, Paper (2018) 1-6.

[28] K. Elbehiery and H. Elbehiery, 5G as A Service (5gaas), SSRG Int. J. of Electronics and Communication Engineering, 6(8) (2019) 22-30.

[29] D. Wang, D. Chen, B. Song, N. Guizani, X. Yu and X. Du, From Iot To 5G I-Iot: The Next Generation Iot-Based Intelligent Algorithms and 5G Technologies, IEEE Communications Magazine, 56(10) (2018) 114-120.

[30] P. Kiss, A. Reale, C. J. Ferrari, and Z. Hestenes, Deployment of Iot Applications on 5G Edge, In Proc. 2018 IEEE Int. Conf. on Future Iot Technologies (Future Iot), Eger Hungary, Paper (2018) 1-9.

[31] S. Paliwal and S. O. Hasan, 5G as The Principal Enabler Towards The Establishment of ‘Iot’ Society, In Proc. Int. Conf. on I-SMAC (Iot In Social, Mobile, Analytics, and Cloud), Palladam, Paper (2017) 16-21.

[32] G. Begum, M. Ramabai and M. C. Mohan, Challenges and Concerns of Privacy In Internet of Things, SSRG Int. J. of Computer Science and Engineering, 3(2) (2016) 28-33.

[33] N. R. Rodofile, K. Radke and E. Foo Extending The Cyber-Attack Landscape For SCADA-Based Critical Infrastructure, Int. J. of Critical Infrastructure Protection, 25 (2019) 14-35.

[34] G. Falco, C. Caldera, and H. Shrobe, Iiot Cybersecurity Risk Modelling For SCADA Systems, IEEE Internet of Things Journal, 5(6) (2018) 4486-4495.

[35] K. Kimani, V. Oduol and K. Langat, Cyber Security Challenges For Iot-Based Smart Grid Networks, Int. J. of Critical Infrastructure Protection, 25 (2019) 36-49.

[36] B. Mohandes, R. Al Hammadi, W. Sanusi, T. Mezher and S. El[1]Khatib, Advancing Cyber-Physical Sustainability Through Integrated Analysis of Smart Power Systems: A Case Study on an Electric Vehicle, Int. J. of Critical Infrastructure Protection, 23 (2018) 33-48.

[37] U. B. Baloglu and Y. Demir, Lightweight Privacy-Preserving Data Aggregation Scheme For Smart Grid Metering Infrastructure Protection, Int. J. of Critical Infrastructure Protection, 22 (2018) 16- 24.

[38] K. Demir, H. Ismail, T. Vateva-Gurova and N. Suri, Securing The Cloud-Assisted Smart Grid, Int. J. of Critical Infrastructure Protection, 23 (2018) 100-111.

[39] M. S. Varalakshmi, an Introduction To Multilevel Security In Cyber[1]Physical Systems, SSRG Int. J. of Computer Science and Engineering, 4(7) (2017) 26-29.

[40] L. Russell, R. Goubran, F. Kwamena, and F. Knoefel, Agile Iot For Critical Infrastructure Resilience: Cross-Modal Sensing as Part of A Situational Awareness Approach, IEEE Internet of Things Journal, 5(6) (2018) 4454- 4465.

[41] R. Leszczyna, Cybersecurity and Privacy In Standards For Smart Grids – A Comprehensive Survey, Computer Standards & Interfaces, 56 (2018) 62-73.

[42] R. Leszczyna, Standards with cybersecurity controls for smart grid – A systematic analysis, Int. J. of Communication Systems, 32(6) (2019) e3910.

[43] D. Makupi and N. Masese, Determining Information Security Maturity Level of an organization based on ISO 27001, SSRG Int. J. of Computer Science and Engineering, 6(7) (2019) 5-11.

[44] Al-Rubaye, E. Kadhum, Q. Ni and A. Anpalagan, Industrial Internet of Things Driven by SDN Platform for Smart Grid Resiliency, IEEE Internet of Things Journal, 6(1) (2019) 267-277.

[45] K. Hajri, A. Sowailem, S. Shahrani, and M. Yami, 5G Deployment in the Oil and Gas Industry, SSRG Int. J. of Industrial Engineering, 8(2) (2021) 13-15.

[46] Lakshwanth Prasad K, Bhuvanesh H, Vasanth S and Subramaniam M, Consortium Blockchain for Certificateless Signatureless Scheme in Industrial IOT Environments, SSRG - SCA-2020, (2020) 60-64.

[47] S. Alam, M.M.R. Chowdhury, and J. Noll, Interoperability of security-enabled Internet of Things, Wireless Personal Communications, 61 (2011) 567–586.

[48] S. J. Moore, C.D. Nugent, S. Zhang, et al., IoT reliability: a review leads to 5 key research directions, CCF Transactions on Pervasive Computing and Interaction, 2(3) (2020) 147–163.

[49] S. Cheruvu, A. Kumar, N. Smith and D. M. Wheeler, IoT Frameworks and Complexity, in Demystifying Internet of Things Security, 1st ed., Berkeley, CA: Apress. (2020) 23-148.

[50] A. Jurcut, T. Niculcea, P. Ranaweera, et al., Security Considerations for Internet of Things: A Survey, SN Computer Science, 1(4) (2020) 193.

[51] S. Cheruvu, A. Kumar, N. Smith and D. M. Wheeler, IoT Software Security Building Blocks, in Demystifying Internet of Things Security, 1st ed., Berkeley, CA: Apress. (2020) 213-346.

[52] (2013) Mitigating attacks on Industrial Control Systems (ICS); the new Guide from EU Agency ENISA. [Online]. Available: https://www.enisa.europa.eu/ news/enisa-news/mitigating-attacks-on-industrial-control-systems-the-new-guide-from-enisa

[53] S. Cheruvu, A. Kumar, N. Smith and D. M. Wheeler, IoT Vertical Applications and Associated Security Requirements, in Demystifying Internet of Things Security, 1st ed., Berkeley, CA: Apress. (2020) 413-462.

[54] P. Radanliev, D. C. De Roure, J. R. C. Nurse, et al., Future developments in standardization of cyber risk in the Internet of Things (IoT), SN Applied Sciences, 2(2) (2020) 169.

[55] K. Kandasamy, S. Srinivas, K. Achuthan, et al., IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process, EURASIP J. on Information Security (2020)8.

[56] S. Cheruvu, A. Kumar, N. Smith and D. M. Wheeler, Connectivity Technologies for IoT, in Demystifying Internet of Things Security, 1st ed., Berkeley, CA: Apress. (2020) 347-411