Upload
morteza-ansari
View
73
Download
3
Tags:
Embed Size (px)
Citation preview
IoT Security• Trustworthiness
Integrity
Tamperproof
Anti-cloning
• Device identity & identity context
• Provisioning & associated life cycle
• Authorization and access
• Bridging modern & legacy
• … IDENTITY
AppApp
OperatorSystem
Integrator
Typical Industrial Relationship
OEM
OEMSystem
Integrator
Owner
Operator
…
AppApp
OperatorSystem
Integrator
Typical Industrial Relationship
OEM
OEMSystem
Integrator
Owner
Operator
…
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
✓ Read diagnostic data✓ Run diagnostic routines✗ Read movement✗ Write movement✗ Read program? Update firmware
Other Challenges• Bridging legacy & modern
• Not all devices are created equal
• Life expectancy of industrial devices
• IT vs. OT
• Access:Remote locations
Unreliable connectivity
Low bandwidth
Very complex failure scenarios
• Privacy!
• Too static, too fragile, too vulnerable
• Device identity context
• Risk based policies
• Dynamic & continuous identity
• Standardization
• Identity life cycle
• Identity security
Now What?