RituGupta says: The development or design engineers are the ones that need to take the company’s security policy. They may also define factors such as how to identify and verify that a product is theirs and how to securely provide software and hardware updates and implement this in chips or software. The fourth part of the chain is where OEMs are involved in manufacturing products for IIoT networks, or in deployment of those products. Here, the production or operations manager needs to ensure that every electronic component has its own unique identity and can be securely authenticated at every point in the supply chain. In discussing the lack of a chain of trust in hardware and software, Robert Martin, senior principal engineer at the MITRE Corporation and a steering committee member of the IIC, said, “Connected industrial systems have so many different tech stacks.” In fact, he cautioned, “A small change in a microprocessor can have an unintended impact on the software running on it. If we recompile the software and run it on a different OS, it will work differently, but no one will be accountable for software failures resulting from the changes.” He added, “Compare this to the building trade, where you would be penalized for making changes that affected safety — there’s regulation, certification. But we just don’t have the same regime in software-based technologies.” Design considerations for IIoT security So where does one start with designing security for the IIoT, and what design considerations must be looked at? Various industry guidelines exist, such as the IIC’s IoT Security Framework together with its manufacturing profile providing details for implementing the Framework in the plant or the National Institute of Standards and Technology Cybersecurity Framework . The main task for the design engineer is determining how to translate a security policy or security framework into the design and lifecycle management of a device that forms all, or part of, an IIoT endpoint. The considerations range from enabling devices with unique identities to being able to protect the device, identify an attack, recover from it, remediate it, and patch the device. “The process is no different from safeguarding other systems,” said Chet Bablalk, vice president of solutions for IoT devices at Arm. “We need to think about security from the ground up.” He explained, “The first part is the analysis — what are the threat vectors and what are you trying to protect?” Arm introduced its own platform security architecture (PSA) last year to support developers of IoT devices. Babla says that the PSA is device-agnostic because the company is trying to encourage the industry to think about security. Analyze, architect, implement The PSA framework comprises three stages — analyze, architect, and implement. “Analysis is the core part of what we are trying to stress,” said Babla. This means, for example, conducting a threat model analysis, and Arm has introduced three analysis documents for common use cases in asset trackers, water meters, and network cameras. This analysis is essential and echoed by others. MITRE Corp.’s Martin commented, “We need to start talking about what the potential weaknesses are in the hardware and be able to emulate attack patterns and make test cases.”Design engineers need to think about the whole ecosystem, from chip to cloud, in terms of implementing a system that comprises an immutable device or one with a non-changeable identity; enabling trusted boot; and ensuring that over-the-air (OTA) updates and authentication can be carried out securely. “Then you can think about mitigation in silicon, the access points, and the cloud,” said Babla.Arm’s PSA framework encourages designers to first consider the threats and then look at design and implementation. (Source: Arm) privacy resilience Leave a Reply Cancel reply You must Register or Login to post a comment. This site uses Akismet to reduce spam. Learn how your comment data is processed. Log in to Reply development engineer CxO level security architect March 24, 2019 at 9:14 am ChristopherJames says: safety March 24, 2019 at 7:08 am Log in to Reply 2 thoughts on “Designing security into the industrial IoT” operations manager Share this:TwitterFacebookLinkedInMoreRedditTumblrPinterestWhatsAppSkypePocketTelegram Tags: IoT reliability “Considering that the whole system premise is based on information flying around. Of course a company has got to make sure that they have enough security in their system to make sure that their data doesn’t get compromised as it’s flying from one place to While design engineers might have to implement security elements into a chip, software, or platform, they may not necessarily be aware of how their work fits into their company’s bigger-picture security policies. “The security policy must be authored by both the IT team and the OT team together so that everyone knows what device is allowed to talk to what,” said Schrecker. Building a chain of trust A common theme is to establish a security policy and chain of trust from the outset and then ensure that it is maintained through design, development, production, and the entire lifecycle of a device. Trust must be built into the device, the network, and the entire supply chain. Haydn Povey, a board member of the IoT Security Foundation and CEO and founder of Secure Thingz, said that security needs to be addressed at four levels: Continue Reading Previous Tackling security vulnerabilities of the industrial IoTNext How embedded projects run into trouble: Jack’s Top Ten – Number Four security We’ve all heard of the internet of things (IoT) and the industrial internet of things (IIoT). We know that the two are different: IoT is commonly used for consumer usage, and IIoT is used for industrial purposes. But how does a professional group like the Industrial Internet Consortium (IIC) actually define the IIoT? The group sees IIoT as a system that connects and integrates operational technology (OT) environments, including industrial control systems (ICS), with enterprise systems, business processes, and analytics. These IIoT systems differ from ICS and OT because they are connected extensively to other systems and people. And they differ from IT systems in that they use sensors and actuators that interact with the physical world, where uncontrolled change can lead to hazardous conditions. The benefits of IIoT are the ability of sensors or connected devices, as part of a closed-loop system, to collect and analyze data and then do something based on what the data reveals. The very connectivity, however, also grows the risk of attack — and, increasingly, cyberattacks — by those who may want to bring down the system. One of the many projects under a Department of Energy (DoE) program to reduce cyber-incidents is being driven by Intel, looking at enhanced security for the power system edge. Because grid edge devices communicate with each other directly and through the cloud, the research is developing security enhancements to emphasize interoperability and provide for real-time situational awareness. First, this needs to be done in the form of a secure gateway for brownfield, or legacy, power system devices, then as an internal field programmable gate array (FPGA) upgrade designed as part of greenfield, or present-day, devices. The goal is to reduce the cyberattack surface in a way that doesn’t impede the normal functioning of the critical energy delivery functions. Sven Schrecker, chief architect of IoT security solutions at Intel and co-chair of the security working group at the IIC, said that security should not be the sole consideration when designing and deploying devices for IIoT systems, but developers should be thinking more broadly about five overall key factors: “It is interesting to learn of different terms understood by different industries. Though the entire classification could be just within a single notion, the broader understanding seems quite vague and explorable. In the future, the varying industries coul
Liverpool legend Aldridge dismisses Guardiola Man City claimsby Paul Vegas10 months agoSend to a friendShare the loveLiverpool legend John Aldridge has dismissed the claims of Manchester City boss Pep Guardiola ahead of Thursday’s clash.Guardiola has declared anything but a victory will end their title defence.Aldridge told the Irish Independent: “Are Liverpool title favourites? Maybe we can say they will move into that position if they get a win against Manchester City at the Etihad Stadium next Thursday, but I still feel there will be a lot of twists and turns in this title story,” says Aldridge.”None of us saw these slips from Manchester City coming and it means Liverpool will head into the crunch game against them on Thursday night in an unexpectedly dominant position.”A draw in that game would ensure Klopp’s side still have a solid lead at the top of the table, while a victory would yield the pressure on a City side that have struggled to cope in the absence of Fernandinho and David Silva in recent weeks.”There is no doubt that Liverpool are in a great position, but this is only the half way point in the season and there is a long way to go, a lot of points to play for.” About the authorPaul VegasShare the loveHave your say
Mariota was sacked eight times on 45 dropbacks over the course of the game. His QBR over the final three quarters was a miserable 19.7, while the Titans offense netted just 3.53 yards per play.In the AFC Championship Game, the Jacksonville Jaguars got off to an even stronger start. With a mix of power running and downfield throwing, they jumped out to a 14-3 second-quarter lead. Quarterback Blake Bortles was devastating on play-action passes in the first half, going 8-for-8 for 114 yards and a perfect 158.3 passer rating on throws with run fakes.After halftime, the Patriots took it away. New England did this, to some extent, by doing the opposite of what they did to Tennessee: sending extra defenders, stuffing the power run and forcing Bortles to make quick decisions.Here’s an example in the third quarter, where the Jaguars were facing 2nd-and-10. At that down and distance, either a run or a pass would make sense. So the play-action pass could be an effective option, as it had been throughout the first half: While the NFL universe has been breathlessly gushing over the New England Patriots offense for nearly two decades, the Pats defense is usually described with an old chestnut of coachspeak: “Bend but don’t break.” For years, Patriot defenses have allowed heaps of yards but denied points by tightening in the red zone,1The Patriots finished in the bottom third of the NFL in yardage defense five of the last eight seasons yet ranked in the top 10 in scoring defense seven times. and this season’s iteration is no different. But on a game-by-game level, this Patriots defense has taken on a new quality: They bend early, then straighten themselves out at halftime.There’s a huge difference between the Pats defense that takes the field at the beginning of the game and the one that walks off the field (usually) victorious. Including both playoff games, the Patriots’ first-half averages of 5.85 yards per play (30th) and 10.06 points allowed (11th) dropped to 5.43 yards per play (22nd) and 8.28 points allowed (2nd) in the second half. This suggests that even if Nick Foles and the Eagles move the ball early and put up points on Sunday, there’s reason to believe Bill Belichick and defensive coordinator Matt Patricia will draw up a way to stop them before Justin Timberlake is finished bringing sexy back. Just what kind of midgame adjustments are the Patriots making? Let’s examine the last two games.Against the Tennessee Titans in the divisional round, New England seemed to come in with a concrete game plan: Counter Tennessee’s running-back-and-tight-end heavy offense by stacking the box with defenders and playing tight man coverage. They also used a spy on quarterback Marcus Mariota to contain his running ability.Per ESPN’s Sports & Information Group, the Patriots had at least eight defenders in the box on five of 16 first-quarter Tennessee snaps. But the Titans pass-catchers were able to get open quick enough to give Mariota options. Backpedaling Pats linebackers failed to get enough depth to cover intermediate seam and out routes. Mariota posted a 99.3 first-quarter Raw Quarterback Rating, and the Titans averaged 6.75 yards per play.After the Titans found the end zone on their second drive, the Patriots stacked eight in the box on only two snaps out of the remaining 45. With more defenders dropping into coverage, the pass rush was significantly more effective. Watch on this key third-quarter 3rd-and-7, arguably the Titans’ last best chance to get into the game, as Mariota has no place to throw or run: The Patriots decide to risk the Jaguars pass-catchers getting open deep and here press both wideouts with their outside corners. Two linebackers drop into coverage, and behind them is a single-high safety.Everyone else blitzes, including slot corner Malcolm Butler. Bortles play-fakes to the fullback, then sets up to pass. But tight end Marcedes Lewis fails to recognize the blitz from Butler until it’s too late. Tailback Leonard Fournette, intending to pick up Butler, realizes too late that Lewis let defensive end Trey Flowers through. Soon Bortles is swamped and sacked.The Jaguars called six other play-action passes in the second half, per ESPN Sports & Info, and Bortles completed just three of them. His second-half passer rating was 69.1, and his QBR was 42.7. The Jags offense averaged 4.34 yards per play in the second half, down from 6.81 in the first. They added just two field goals to their first-half scoring, turning a 14-3 lead to a 24-20 loss.So what will the Patriots try to take away from the Philadelphia Eagles?The easy answer would be “whatever the Eagles manage to do well.” In their upset of the Minnesota Vikings in the NFC Championship Game, the Eagles did practically everything well — but above all, quarterback Nick Foles stayed calm in the face of pressure and attacked the Vikings secondary deep.If the Patriots try to attack Foles the way they attacked Bortles in the second half, it might go badly. Instead, Belichick and Patricia will likely drop into safe zones and wait for the Eagles to reveal their plan — perhaps using red-hot receiver Alshon Jeffery to attack a Patriots secondary that finished 26th against No. 1 wideouts in Football Outsiders’ Defense-adjusted Value Over Average.2Football Outsiders says the DVOA metric “measures a team’s efficiency by comparing success on every single play to a league average based on situation and opponent.” Whatever Eagles head coach Doug Pederson’s plan is, he’d better have a Plan B.Check out our latest NFL predictions.
Real Madrid attacking midfielder Isco is yet to feature under new club boss Santiago Solari because he is overweight, according to Dani Ceballos.Isco had appendicitis surgery but rushed back into the starting lineup by former Real Madrid boss Julen Lopetegui, in the team’s 5-1 El Clasico thumping away to Barcelona, which proved the final game of the former FC Porto manager’s tenure.But Solari, who was recently appointed full-time manager, is yet to select Isco since taking over, with the former Real Madrid Castilla manager leading the first team to four straight wins during his time as interim coach.Ceballos explained the ongoing fitness issues currently affecting Isco after his operation.Mourinho: “Lionel Messi made me a better coach” Andrew Smyth – September 14, 2019 Jose Mourinho believes the experience of going up against Barcelona superstar Lionel Messi at Real Madrid made him a greater coach.“He is a player who came from a major injury and went through surgery,” Ceballos told El Chiringuito.“With Julen, he played two consecutive games and with Solari, he said he saw him a bit out of shape, but he is training 100 per cent.“He knows the importance of managing a dressing room and has the philosophy of Madrid’s values.”
File PhotoPolice and members of Rapid Action Battalion (RAB) in a joint drive detained 79 Rohingya people in Ukhia upazila in the last eight hours between 12:00 pm and 8:00 pm on Saturday.The joint force set up a check post at Ukhia bus station on Teknaf-Cox’s Bazar highway and detained 79 Rohingyas conducting drive in different vehicles.Later, the detained Rohingyas were sent back to Kutupalang Refugee Camp.Earlier on Friday, some 210 Rohingya refugees were also sent back to refugee camp after detaining from Teknaf link road.Dr AKM Iqbal Hossain, superintendent of Cox’s Bazar police, said law enforcers in different drives detained more than 5,000 Rohingya people who remained hiding in different areas and sent to Kutupalang Refugee camp so far.After crossing the border, those Rohingyas were hiding out in different areas of the district while some of them took shelter in houses of previously entered Rohingyas.Some 15 police check-posts have been set up on Cox’s Bazar Teknaf highway, Cox’s Bazar-Chittagong highway and Cox’s Bazar Marine Drive to prevent the spread of Rohingyas across the country, the police super added.According to international agencies, up to 400,000 Rohingyas have fled recent Myanmar violence to Bangladesh since 25 August.