Security Framework
12 : Looking Ahead — The Future of the IIoT
Enabling edge devices to make decisions more autonomously can lead to more efficient processes , and provides the ability to react more quickly to events at the edge . This is analogous to the human reflex operation . There , the stimuli do not travel all the way to the brain for a response to be sent , rather , they are intercepted in the spinal column so that a response , to very specific stimulus , is returned very quickly . In industrial terms , this leads to a more scalable solution since all the raw data does not need to travel to central management , but rather faster reflexive actions are enabled through intelligence at the edge . Of course , as we empower the edge more , we need to protect those edge devices better .
Security management will likely face a similar shift from centralized to decentralized as the number of devices skyrockets as predicted . Similarly , as the sheer volume of data required for managing devices increases , it becomes clear there ’ s a point where centralized management ceases to be effective and efficient . Instead , embedding security into each piece of equipment individually , and empowering the equipment with the security context required to make safe decisions , might become a far more scalable approach .
Meanwhile , the security aspects of such an autonomous world , if not handled correctly , could be devastating . Imagine a multitude of autonomous smart devices , all making decisions on their own . We must ensure that security can be implemented to maintain the integrity of the devices against attack . Therefore , a malicious entity cannot compromise the devices and cause them to make the wrong decisions at critical times . The key elements in this security scenario are ensuring integrity of the endpoints , enabling communications security , and providing the ability to update the endpoints more securely . To ensure compatibility across all of the various types of devices , it is desirable to have a common infrastructure that enables communications and management ( and monitoring ) across them all .
There are many related advances in technology that may enable improving the security of IIoT systems . Some of these technologies have been available for some time with varying degrees of deployment .
A software-defined network can separate networks and prevent packets from crossing between them , thus increasing security . They also allow IP addresses to be dynamically changed , making it harder for attackers to learn about the network and benefit from previous explorations .
Software-defined platforms and virtual machines allow separating computer systems and reducing the risks of an attack on a system affecting multiple functionalities on that system .
Protecting the confidentiality of private keys in endpoint devices and simplifying the provisioning can improve IIoT . Technologies such as physical unclonable function ( PUF ) [ MIT-PUF ] allow endpoint devices to behave as if they have private keys without storing a key , reducing the risk associated with attacks on hardware to retrieve a stored key . The adoption of this technology has been slow , possibly due to concerns with stability over time .
Privacy could be enhanced while still allowing analytics through techniques that allow calculations to be performed on encrypted text , such as homomorphic encryption . This may impose constraints on the data design used in the system .
IIC : PUB : G4 : V1.0 : PB : 20160926 - 122 -