IOT DEVICE SECURITY AND THE SAFETY IMPLICATIONS FOR INDUSTRIAL SETTINGS
BY FRANCESCA BOEM – IEEE SENIOR MEMBER AND ASSOCIATE PROFESSOR WITH THE ELECTRONIC AND ELECTRICAL ENGINEERING DEPARTMENT AT UCL
they can be points of access for cyber threats that could not just compromise data integrity – they threaten physical safety, operational continuity and infrastructure resilience. That is why we talk about cyber-physical attacks: cyber-attacks that aim at causing a damage in the real physical world, often targeting the critical infrastructures our societies are based on. The consequences can be tremendous in terms of economic, health, environmental, and reputational costs. Therefore, for the engineers designing and deploying these systems, security must become a foundational element of system architecture.
There has been a huge proliferation of Internet of Things( IoT) devices in recent years. From wearable health tech and connected homes to smart manufacturing, energy and transport systems, IoT is at the forefront of a revolution. AI and novel communication and sensing technologies are introducing impressive capabilities, including realtime monitoring, adaptability, personalisation and remote-control functionality. Consequently, we are surrounded by a host of devices able to sense the environment, record audio and images, communicate and harness data in order to make decisions and even take action in response. IoT devices quintessentially represent a feedback control loop.
Yet as this transformation accelerates, so do the risks. IoT devices offer great opportunities but also pave the way for new challenges and vulnerabilities. The rapid integration of IoT into industrial environments is reshaping automation and control. From energy grids to manufacturing systems, connected devices now enable real-time data exchange, remote diagnostics and control and predictive maintenance. However, being connected to the internet or to our phones,
McKinsey Global Institute has estimated the economic impact of IoT for energy and power systems in 2025 to be in the range of $ 200 billion to $ 500 billion. The sector is looking to transform existing electric and energy systems into intelligent cyber-enabled ones, which are efficient, resilient and sustainable. The role of IoT is to provide a sustainable solution to dynamic energy management by maximising revenue generation, minimising energy costs and reducing carbon emissions. The IoT is empowering energy systems by providing situational awareness, monitoring and distributing control of renewable energy.
For example, smart meters and smart chargers for Electric Vehicles( EVs) allow us to make informed decisions when it comes to the best time to use our appliances and purchase electricity, so as to reduce our costs. They also support operators and energy providers to plan and optimise the control of the grid, by reducing uncertainty in demand and renewable generation. This is fundamental to boosting net zero targets. The promises of smart meters, EVs and smart buildings all rely on having access to a large quantity of data, which has been made possible thanks to the advancements and affordability of sensing and communication technologies.
But what happens if an attacker compromises or modifies the communicated sensor data and gains control of connected energy devices? Cyber threat actors could potentially modify sensors or meter readings to provide an economic advantage or
58 AUTOMATION, CONTROL & ENGINEERING