尊敬的 微信汇率:1円 ≈ 0.046166 元 支付宝汇率:1円 ≈ 0.046257元 [退出登录]
SlideShare a Scribd company logo

IoT Security Challenges and Solutions

Intel® Software
Intel® Software

The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.

Technology
1 of 27
Download to read offline
1 IoT Security Overview Steve Orrin Chief Technologist, Intel Federal
INTEL PROPRIETARY Intel Federal Agenda • Overview of Security Challenges in IoT • The Vision for IoT Security • Fundamental Capabilities • Example Solutions / Use Cases • Summary
INTEL PROPRIETARY Intel Federal Current Issues in Protecting IoT and ICS Increased Connectivity  Company Enterprise Network and ICS  Internet Interdependencies  Cascading Failure Concerns Complexity  Real Time Control Leads to Increased System Complexity  Access to Systems Granted to More and More Users, Business Systems, Control Systems Legacy Systems  Just Not Built for Security Market Restructuring  Increased Volume of Transactions  Narrower Operating Margins (Engineering and Monetary) System Accessibility  Vulnerabilities and Back Doors  Wireless Access Offshore Reliance Information Availability  Manuals and Training Videos Available Publicly  Hacker Tools Readily Available on Internet 3,000 Industrial Plants Per Year Infected with Malware Targeted industrial control systems-themed malware including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find. From: DarkReading 3/21/17 by Kelly Jackson Higgins
INTEL PROPRIETARY Intel Federal Threats to IoT and ICS • Disrupt operation of ICS by delaying or blocking the flow of information through control networks, thereby denying network availability to control system operators • Send false information to control system operators, either to disguise unauthorized changes or to initiate inappropriate actions by system operators. • Modify the system software – producing unpredictable results • Interfere with the operation of a safety system(s) • Make unauthorized changes to programmed instructions in PLCs, RTUs, or DCS controllers • Change alarm thresholds and settings • Order premature shutdown of processes • Disable control equipment
INTEL PROPRIETARY Intel Federal Adversary Trends The interest in IoT and ICS is increasing:  Number of IoT / ICS presentations at conferences  Number of conference locations globally  Number of subculture information sharing networks  Visibility of Connected ‘things’ & ICS vulnerability research
INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Pipeline Communication Infrastructure Compromise Devices used in an attack against a third party. Device configuration contributed to compromise Large volume of network traffic generated Compromised not detected by traditional means Nuclear Power Plant cyber infection Recovery time: SPDS – 4 hours 50 minutes PPC – 6 hours 9 minutes Event: Slammer worm infects plant. Impact: Complete shutdown of digital portion of Safety Parameter Display System (SPDS) and Plan Process Computer (PPC). Specifics: Worm started at contractors site. Worm jumped from corporate to plant network and found an unpatched server. Patch had been available for 6 months. Lessons learned:  Verify device configuration  Ensure Defense-in-depth strategies are in place  Isolate critical systems from the internet. Lessons learned:  Secure remote (trusted) access channels  Ensure Defense-in-depth strategies with appropriate procurement requirements  Critical patches need to be applied Automobile Manufacturing Impact Event: Internet worms shuts down major US automobile manufacturer’s industrial control systems Impact: Production lines were idle as infected systems were patched Specifics: The malware infected 13 automobile manufacturing plants. Revenue impact was approximately $1M USD/HR Lessons learned:  Critical patches need to be applied  Provide adequate network segmentation between control and business networks  Place controls between segments to limit congestion and cascading effects Automobile computer systems hacked Event(s): Researchers take away driver control of a moving vehicle by remotely hacking into relatively insecure computer systems Impact: Computerized systems in modern cars control many critical components and safety devices Specifics: Several Team managed to break into key vehicle systems to kill the engine, apply or disable the brakes and even send various taunting messages to radio or dashboard displays Lessons learned:  Automobile control systems are vulnerable to the same kind of attacks which are launched against Internet- connected computers
INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Oil Platform Cyber Incident Event: Insider computer attack on an energy company’s process control system. Impact: By disrupting one of the process control computer systems, the leak detection system was periodically disabled. Specifics: Disgruntled IT contractor damaged company computer systems by impairing the integrity and availability of critical operational data. Water Utility Loses Control Event: Residents of a rural town experienced loss of water pressure Impact: Approximately 10,000 residents without water Specifics: Utility operator updated its HMI OS (Windows) with a direct connection to the Internet and evidence points to a virus infecting the SCADA system; causing it to crash. The ICS was outdated, not supported by the vendor, and not patched to current updates. Lacked a firewall between the business and control networks Water facility accessed via Internet Event: Cyber researcher used new search engine “SHODAN” to identify an online link to a utility company’s SCADA system. The system was then accessed using the default user name and passwords Impact: The researcher gained administrative control over the regional water treatment system Specifics: After connecting to the water control and management system via the internet the researcher as able to access all control systems for water pumping and waste water treatment Lessons learned:  Do not underestimate the insider threat  Ensure access controls  Policies and Procedure, with regards to contract personnel, background checks Lessons learned:  Utilize DMZ to ensure isolation from business side and Internet  Keep systems patched  Establish and enforce sound security policies Lessons learned:  Change system default user names and passwords  Avoid posting system details to public facing devices  Not all public facing system details are obviously visible
INTEL PROPRIETARY Intel Federal 8 Overview of Security Challenges in IoT: Complexity and lack of Standards and Interoperability Protocols  Standards based protocols slowly replacing vendor-specific proprietary communication protocols Interconnected to other systems  Connections to business and administrative networks to obtain productivity improvements and mandated open access information sharing Reliance on public information systems  Increasing use of public telecommunication systems and the Internet for portions of the ICS
INTEL PROPRIETARY Intel Federal 9 Overview of Security Challenges in IoT: Security Requirements & Required Certifications
INTEL PROPRIETARY Intel Federal focus Provide security capabilities that enable protection, identification, and assurance to all nodes in the IoT ecosystem InternetofthingssecurityStrategy • Designed-In Security Foundation – Consistent security features and a unified programming model which speeds up ecosystem enablement. • Built-In IOT Platform Security Architecture – Solutions integrated to work edge to cloud which lead to HW protected, market ready vertical solutions. • On-Demand Device Lifecycle Security Services – Trust services equip threat defenses with HW verified and attested devices.
INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy  Device onboarding & attestation  Integrated into IoT platform & security management ISV offerings On-Demand DeviceLifecycle SecurityServices Equipsthreatdefenses withHWVerified& attestedDevices TrustServices3. BuilT-In IoTPlatform Security Architecture SolutionsIntegratedtowork EdgetoCloud HWProtected, MarketReady VerticalSolutionsHarden Edge Secure Comms Security Managemen t 2. Protected Storage Protected Boot Trusted Execution Environment Hardware and Software Identities Speeds Ecosystem Enablement ConsistentSecurityFeatures & UnifiedProgrammingModelDesigned-in Security Foundation All Product Lines 1.
INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy FOUNDATION (Consistency - WIP) Ecosystem 1 Client IoT Auto Drones Data Center 3 Memory Comms Altera D E V E L O P E R S 2 4 S e r v i c e s 5
INTEL PROPRIETARY Intel Federal 13 The Vision for Device Security 13 Protected Workloads Trusted Execution Environment Identity Verifies boot process and enables software identification. Enforces platform boot policies • Secure Boot using TXT & TPMVerified Boot Execution environment that isolates the operations from manipulation or disclosure • SGX (SW Guard Extensions) Trusted Execution Environment (TEE) Provides a unique identifier for the device and can serve as the basis for authentication • EPID (Enhanced Privacy ID)Device Identification Sensitive data (including key material) protected from misuse or disclosure when in use, transit, or storage • TPM – Trusted Platform Module • PTT – Platform Trust Technology Secure Storage ExamplesDefinitionsSecurity Themes Provides device management, provisioning, and policy • MeshCentral for IoT GatewaysManagement
INTEL PROPRIETARY Intel Federal 14 Fundamental Capabilities Embedded Security (Security Isolation) • Physical Security • Endpoint Protection Secure Communication • Machine-to-Machine AA-A • Confidentiality & Integrity Security Monitoring & Management • Security Policy Management • Security Event Monitoring
INTEL PROPRIETARY Intel Federal 15 Security Isolation Options • No Silver Bullet for Security • No “one-size-fits-all” approach • Enable a spectrum of security implementations • Choose best solution for use case • Process Isolation • Security in same OS as other components • Separate security processes • Containerization Isolation • Software Containers • Hardware Containers • Virtualization Isolation • Security in separate OS • Physical Isolation • Gateway or Bump-in-the-Wire
INTEL PROPRIETARY Intel Federal 16 Embedded Security Deployment Models 16 • Process Separation • Security in same OS as other components • Separate security processes • Containerization Separation • Security in same OS, but in software containers (jails) • Application separation (apps) • Virtualization Separation • Security in separate OS • Physical Separation • Gateway or Bump-in-the-Wire Gateway Virtualization In same OS Containerization It’s all about separation of concerns to keep security apart from the Operational components
INTEL PROPRIETARY Intel Federal 17 Security Comms Channel • Provide Security Management and Monitoring Services • Back-end Services • Edge Services • Traffic channels independent of Operational Flows and Services • Separate payload and frequency • Independent QoS • Transport Security (Confidentiality and Integrity) • Machine-to-Machine AA-A • Device ID • Authentication and Access Control • Security and other Endpoint Events aggregated and correlated • Back-end aggregation • Edge aggregation • Enables Security Analytics capabilities • Back-end analytics • Edge analytics • Does not affect the existing Operational Services • Loosely coupled to Operational Technologies • Allows security to evolve independently from OT process Management Monitoring Analytics Secured Unsecured ApplicationData Security Data Security Data
INTEL PROPRIETARY Intel Federal 18 Security Management • All devices have consistent security APIs, whether security is mixed in with the OS, below the OS in a virtualized instance, or in an OS in a physically separate instance. • All devices now look the same from the management perspective, regardless of Make, Model, Manufacturer. • The security policies can be pushed out to devices regardless of their deployment model, all from a centralized management “cloud”.
INTEL PROPRIETARY Intel Federal 19 Security Monitoring • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Global visibility of all endpoints and all communications means that situational awareness spans the entire environment. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints.
INTEL PROPRIETARY Intel Federal 20 Security Management & Monitoring Feedback Loop • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints. • Crossing a risk threshold triggers a state change in the management system, resulting in automated responses • Notify appropriate personnel • Push new policy out
INTEL PROPRIETARY Intel Federal Management and Monitoring Security as a Service (SecaaS) Logical View 21 IT & Security Ops Context Operational Context Security Management & Monitoring Communication Security Endpoint Security Management & Monitoring Services Time Sequence Data Custom Data Operational Services Context Overlay • IT data is out of band from OT data • OT “cloud” services do not change • Security encapsulated in IT “cloud” • Time Sequence Data = Events • Properties = Endpoints • Policy = Management • IT/OT Service Context Dichotomy Metrics Rules Alarms etc Use or disclosure of the contents of this page is restricted by the terms on the notice page
INTEL PROPRIETARY Intel Federal Brownfield: Using Gateway Greenfield: Using Embedded Security in Device
INTEL PROPRIETARY Intel Federal 23 Example IoT Use Case: C4ISR + Analytics C4ISR Command, Control, Communications, Computers Intelligence, Surveillance and Reconnaissance Foundational USG Big Data Computer Vision
INTEL PROPRIETARY Intel Federal Things To Do First Protect what’s most important  Data “islanding” / secure enclaving Consider new layers Think beyond intrusion prevention  Post-infection detection and response  Mitigation  Monitoring logs; think about exfiltration Deny, Disrupt, Disable, Destroy Actively protect your supply chain Maintain open dialogue with ISP, suppliers, customers, employees CLASSIC PERIMETER Intellectual Property (Secrets) HR Data Process Control Recipes Competitively Sensitive Data CLASSIC PERIMETERCLASSICPERIMETER CLASSICPERIMETER
INTEL PROPRIETARY Intel Federal Security is a Journey, not a Destination
INTEL PROPRIETARY Intel Federal 26 Intel IoT Platforms and Analytics Capabilities: Increasing intelligence and value over time
INTEL PROPRIETARY Intel Federal 27 Thank you Steve Orrin Chief Technologist, Intel Federal steve.orrin@intel.com

Recommended

Security challenges in IoT
Security challenges in IoTSecurity challenges in IoT
Security challenges in IoT
Vishnupriya T H
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
Ahmed Mohamed Mahmoud
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and Solutions
Liwei Ren任力偉
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
IoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | Edureka
IoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | EdurekaIoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | Edureka
IoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | Edureka
Edureka!
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
gr9293
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Iot architecture
Iot architectureIot architecture
Iot architecture
Anam Iqbal
 

Recommended

Security challenges in IoT
Security challenges in IoTSecurity challenges in IoT
Security challenges in IoT
Vishnupriya T H
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
Ahmed Mohamed Mahmoud
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and Solutions
Liwei Ren任力偉
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
IoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | Edureka
IoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | EdurekaIoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | Edureka
IoT Technology Tutorial | IoT Technology Stack | IoT Project Hands-On | Edureka
Edureka!
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
gr9293
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Iot architecture
Iot architectureIot architecture
Iot architecture
Anam Iqbal
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 
Introduction to IoT Architecture
Introduction to IoT ArchitectureIntroduction to IoT Architecture
Introduction to IoT Architecture
Emertxe Information Technologies Pvt Ltd
 
Security in Cyber-Physical Systems
Security in Cyber-Physical SystemsSecurity in Cyber-Physical Systems
Security in Cyber-Physical Systems
Bob Marcus
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
Fog computing in IoT
Fog computing in IoTFog computing in IoT
Fog computing in IoT
sreelesh balan
 
Internet of Things (IoT) Presentation
Internet of Things (IoT) PresentationInternet of Things (IoT) Presentation
Internet of Things (IoT) Presentation
Jason K
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
Hitesh Mohapatra
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
Shreya Pohekar
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
Pierluigi Paganini
 
Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)
3G4G
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
 
Security technologies
Security technologiesSecurity technologies
Security technologies
Dhani Ahmad
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and Protocols
Abdullah Alfadhly
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystem
Md. Shamsul Haque
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
IJECEIAES
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
Charles Li
 

More Related Content

What's hot

IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Iot Security
Iot SecurityIot Security
Iot Security
MAITREYA MISRA
 
Introduction to IoT Architecture
Introduction to IoT ArchitectureIntroduction to IoT Architecture
Introduction to IoT Architecture
Emertxe Information Technologies Pvt Ltd
 
Security in Cyber-Physical Systems
Security in Cyber-Physical SystemsSecurity in Cyber-Physical Systems
Security in Cyber-Physical Systems
Bob Marcus
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
Fog computing in IoT
Fog computing in IoTFog computing in IoT
Fog computing in IoT
sreelesh balan
 
Internet of Things (IoT) Presentation
Internet of Things (IoT) PresentationInternet of Things (IoT) Presentation
Internet of Things (IoT) Presentation
Jason K
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
Hitesh Mohapatra
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
Shreya Pohekar
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
Pierluigi Paganini
 
Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)
3G4G
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
 
Security technologies
Security technologiesSecurity technologies
Security technologies
Dhani Ahmad
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and Protocols
Abdullah Alfadhly
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystem
Md. Shamsul Haque
 

What's hot (20)

IoT Security
IoT SecurityIoT Security
IoT Security
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Iot Security
Iot SecurityIot Security
Iot Security
 
Introduction to IoT Architecture
Introduction to IoT ArchitectureIntroduction to IoT Architecture
Introduction to IoT Architecture
 
Security in Cyber-Physical Systems
Security in Cyber-Physical SystemsSecurity in Cyber-Physical Systems
Security in Cyber-Physical Systems
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
Fog computing in IoT
Fog computing in IoTFog computing in IoT
Fog computing in IoT
 
Internet of Things (IoT) Presentation
Internet of Things (IoT) PresentationInternet of Things (IoT) Presentation
Internet of Things (IoT) Presentation
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
 
Security technologies
Security technologiesSecurity technologies
Security technologies
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and Protocols
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystem
 

Similar to IoT Security Challenges and Solutions

Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
IJECEIAES
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
Charles Li
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
Industrial Internet Consortium
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
iQHub
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
iQHub
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
team-WIBU
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
Ivan Carmona
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
IRJET Journal
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
IRJET Journal
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
ezzAyman1
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
Nozomi Networks
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
Microsoft Tech Community
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
CableLabs
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Dawn Yankeelov
 
Securing your IoT Implementations
Securing your IoT ImplementationsSecuring your IoT Implementations
Securing your IoT Implementations
TechWell
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of Things
Intel IoT
 
Security aspect of IOT.pptx
Security aspect of IOT.pptxSecurity aspect of IOT.pptx
Security aspect of IOT.pptx
PrinceGupta789219
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11
Irsandi Hasan
 
CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11
Irsandi Hasan
 

Similar to IoT Security Challenges and Solutions (20)

Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
 
Securing your IoT Implementations
Securing your IoT ImplementationsSecuring your IoT Implementations
Securing your IoT Implementations
 
Intel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of ThingsIntel Gateway Solutions for the Internet of Things
Intel Gateway Solutions for the Internet of Things
 
Security aspect of IOT.pptx
Security aspect of IOT.pptxSecurity aspect of IOT.pptx
Security aspect of IOT.pptx
 
CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11CCNA RS_NB - Chapter 11
CCNA RS_NB - Chapter 11
 
CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11CCNA RS_ITN - Chapter 11
CCNA RS_ITN - Chapter 11
 

More from Intel® Software

AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology
Intel® Software
 
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaPython Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Intel® Software
 
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciStreamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Intel® Software
 
AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.
Intel® Software
 
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Intel® Software
 
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Intel® Software
 
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Intel® Software
 
AWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchAWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI Research
Intel® Software
 
Intel Developer Program
Intel Developer ProgramIntel Developer Program
Intel Developer Program
Intel® Software
 
Intel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview Slides
Intel® Software
 
AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019
Intel® Software
 
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
Intel® Software
 
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Intel® Software
 
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Intel® Software
 
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Intel® Software
 
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
Intel® Software
 
AIDC India - AI on IA
AIDC India - AI on IAAIDC India - AI on IA
AIDC India - AI on IA
Intel® Software
 
AIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesAIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino Slides
Intel® Software
 
AIDC India - AI Vision Slides
AIDC India - AI Vision SlidesAIDC India - AI Vision Slides
AIDC India - AI Vision Slides
Intel® Software
 
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Intel® Software
 

More from Intel® Software (20)

AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology AI for All: Biology is eating the world & AI is eating Biology
AI for All: Biology is eating the world & AI is eating Biology
 
Python Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and AnacondaPython Data Science and Machine Learning at Scale with Intel and Anaconda
Python Data Science and Machine Learning at Scale with Intel and Anaconda
 
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSciStreamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
Streamline End-to-End AI Pipelines with Intel, Databricks, and OmniSci
 
AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.AI for good: Scaling AI in science, healthcare, and more.
AI for good: Scaling AI in science, healthcare, and more.
 
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
Software AI Accelerators: The Next Frontier | Software for AI Optimization Su...
 
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
Advanced Techniques to Accelerate Model Tuning | Software for AI Optimization...
 
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
Reducing Deep Learning Integration Costs and Maximizing Compute Efficiency| S...
 
AWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI ResearchAWS & Intel Webinar Series - Accelerating AI Research
AWS & Intel Webinar Series - Accelerating AI Research
 
Intel Developer Program
Intel Developer ProgramIntel Developer Program
Intel Developer Program
 
Intel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview SlidesIntel AIDC Houston Summit - Overview Slides
Intel AIDC Houston Summit - Overview Slides
 
AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019AIDC NY: BODO AI Presentation - 09.19.2019
AIDC NY: BODO AI Presentation - 09.19.2019
 
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
AIDC NY: Applications of Intel AI by QuEST Global - 09.19.2019
 
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
Advanced Single Instruction Multiple Data (SIMD) Programming with Intel® Impl...
 
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
Build a Deep Learning Video Analytics Framework | SIGGRAPH 2019 Technical Ses...
 
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
Bring Intelligent Motion Using Reinforcement Learning Engines | SIGGRAPH 2019...
 
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
RenderMan*: The Role of Open Shading Language (OSL) with Intel® Advanced Vect...
 
AIDC India - AI on IA
AIDC India - AI on IAAIDC India - AI on IA
AIDC India - AI on IA
 
AIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino SlidesAIDC India - Intel Movidius / Open Vino Slides
AIDC India - Intel Movidius / Open Vino Slides
 
AIDC India - AI Vision Slides
AIDC India - AI Vision SlidesAIDC India - AI Vision Slides
AIDC India - AI Vision Slides
 
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
Enhance and Accelerate Your AI and Machine Learning Solution | SIGGRAPH 2019 ...
 

Recently uploaded

Chapter 5 - Managing Test Activities V4.0
Chapter 5 - Managing Test Activities V4.0Chapter 5 - Managing Test Activities V4.0
Chapter 5 - Managing Test Activities V4.0
Neeraj Kumar Singh
 
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
UiPathCommunity
 
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc
 
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - MydbopsMySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
Mydbops
 
Day 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data ManipulationDay 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data Manipulation
UiPathCommunity
 
Elasticity vs. State? Exploring Kafka Streams Cassandra State Store
Elasticity vs. State? Exploring Kafka Streams Cassandra State StoreElasticity vs. State? Exploring Kafka Streams Cassandra State Store
Elasticity vs. State? Exploring Kafka Streams Cassandra State Store
ScyllaDB
 
So You've Lost Quorum: Lessons From Accidental Downtime
So You've Lost Quorum: Lessons From Accidental DowntimeSo You've Lost Quorum: Lessons From Accidental Downtime
So You've Lost Quorum: Lessons From Accidental Downtime
ScyllaDB
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
UiPathCommunity
 
CTO Insights: Steering a High-Stakes Database Migration
CTO Insights: Steering a High-Stakes Database MigrationCTO Insights: Steering a High-Stakes Database Migration
CTO Insights: Steering a High-Stakes Database Migration
ScyllaDB
 
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time MLMongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
ScyllaDB
 
An All-Around Benchmark of the DBaaS Market
An All-Around Benchmark of the DBaaS MarketAn All-Around Benchmark of the DBaaS Market
An All-Around Benchmark of the DBaaS Market
ScyllaDB
 
New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024
ThousandEyes
 
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
zjhamm304
 
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeckPoznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
FilipTomaszewski5
 
MongoDB to ScyllaDB: Technical Comparison and the Path to Success
MongoDB to ScyllaDB: Technical Comparison and the Path to SuccessMongoDB to ScyllaDB: Technical Comparison and the Path to Success
MongoDB to ScyllaDB: Technical Comparison and the Path to Success
ScyllaDB
 
ScyllaDB Real-Time Event Processing with CDC
ScyllaDB Real-Time Event Processing with CDCScyllaDB Real-Time Event Processing with CDC
ScyllaDB Real-Time Event Processing with CDC
ScyllaDB
 
Automation Student Developers Session 3: Introduction to UI Automation
Automation Student Developers Session 3: Introduction to UI AutomationAutomation Student Developers Session 3: Introduction to UI Automation
Automation Student Developers Session 3: Introduction to UI Automation
UiPathCommunity
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
DanBrown980551
 
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
dipikamodels1
 
intra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_Enintra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_En
NTTDATA INTRAMART
 

Recently uploaded (20)

Chapter 5 - Managing Test Activities V4.0
Chapter 5 - Managing Test Activities V4.0Chapter 5 - Managing Test Activities V4.0
Chapter 5 - Managing Test Activities V4.0
 
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
 
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
TrustArc Webinar - Your Guide for Smooth Cross-Border Data Transfers and Glob...
 
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - MydbopsMySQL InnoDB Storage Engine: Deep Dive - Mydbops
MySQL InnoDB Storage Engine: Deep Dive - Mydbops
 
Day 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data ManipulationDay 4 - Excel Automation and Data Manipulation
Day 4 - Excel Automation and Data Manipulation
 
Elasticity vs. State? Exploring Kafka Streams Cassandra State Store
Elasticity vs. State? Exploring Kafka Streams Cassandra State StoreElasticity vs. State? Exploring Kafka Streams Cassandra State Store
Elasticity vs. State? Exploring Kafka Streams Cassandra State Store
 
So You've Lost Quorum: Lessons From Accidental Downtime
So You've Lost Quorum: Lessons From Accidental DowntimeSo You've Lost Quorum: Lessons From Accidental Downtime
So You've Lost Quorum: Lessons From Accidental Downtime
 
Day 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio FundamentalsDay 2 - Intro to UiPath Studio Fundamentals
Day 2 - Intro to UiPath Studio Fundamentals
 
CTO Insights: Steering a High-Stakes Database Migration
CTO Insights: Steering a High-Stakes Database MigrationCTO Insights: Steering a High-Stakes Database Migration
CTO Insights: Steering a High-Stakes Database Migration
 
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time MLMongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
MongoDB vs ScyllaDB: Tractian’s Experience with Real-Time ML
 
An All-Around Benchmark of the DBaaS Market
An All-Around Benchmark of the DBaaS MarketAn All-Around Benchmark of the DBaaS Market
An All-Around Benchmark of the DBaaS Market
 
New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024New ThousandEyes Product Features and Release Highlights: June 2024
New ThousandEyes Product Features and Release Highlights: June 2024
 
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...QA or the Highway - Component Testing: Bridging the gap between frontend appl...
QA or the Highway - Component Testing: Bridging the gap between frontend appl...
 
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeckPoznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
 
MongoDB to ScyllaDB: Technical Comparison and the Path to Success
MongoDB to ScyllaDB: Technical Comparison and the Path to SuccessMongoDB to ScyllaDB: Technical Comparison and the Path to Success
MongoDB to ScyllaDB: Technical Comparison and the Path to Success
 
ScyllaDB Real-Time Event Processing with CDC
ScyllaDB Real-Time Event Processing with CDCScyllaDB Real-Time Event Processing with CDC
ScyllaDB Real-Time Event Processing with CDC
 
Automation Student Developers Session 3: Introduction to UI Automation
Automation Student Developers Session 3: Introduction to UI AutomationAutomation Student Developers Session 3: Introduction to UI Automation
Automation Student Developers Session 3: Introduction to UI Automation
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
 
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
Call Girls Kochi 💯Call Us 🔝 7426014248 🔝 Independent Kochi Escorts Service Av...
 
intra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_Enintra-mart Accel series 2024 Spring updates_En
intra-mart Accel series 2024 Spring updates_En
 

IoT Security Challenges and Solutions

  • 1. 1 IoT Security Overview Steve Orrin Chief Technologist, Intel Federal
  • 2. INTEL PROPRIETARY Intel Federal Agenda • Overview of Security Challenges in IoT • The Vision for IoT Security • Fundamental Capabilities • Example Solutions / Use Cases • Summary
  • 3. INTEL PROPRIETARY Intel Federal Current Issues in Protecting IoT and ICS Increased Connectivity  Company Enterprise Network and ICS  Internet Interdependencies  Cascading Failure Concerns Complexity  Real Time Control Leads to Increased System Complexity  Access to Systems Granted to More and More Users, Business Systems, Control Systems Legacy Systems  Just Not Built for Security Market Restructuring  Increased Volume of Transactions  Narrower Operating Margins (Engineering and Monetary) System Accessibility  Vulnerabilities and Back Doors  Wireless Access Offshore Reliance Information Availability  Manuals and Training Videos Available Publicly  Hacker Tools Readily Available on Internet 3,000 Industrial Plants Per Year Infected with Malware Targeted industrial control systems-themed malware including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find. From: DarkReading 3/21/17 by Kelly Jackson Higgins
  • 4. INTEL PROPRIETARY Intel Federal Threats to IoT and ICS • Disrupt operation of ICS by delaying or blocking the flow of information through control networks, thereby denying network availability to control system operators • Send false information to control system operators, either to disguise unauthorized changes or to initiate inappropriate actions by system operators. • Modify the system software – producing unpredictable results • Interfere with the operation of a safety system(s) • Make unauthorized changes to programmed instructions in PLCs, RTUs, or DCS controllers • Change alarm thresholds and settings • Order premature shutdown of processes • Disable control equipment
  • 5. INTEL PROPRIETARY Intel Federal Adversary Trends The interest in IoT and ICS is increasing:  Number of IoT / ICS presentations at conferences  Number of conference locations globally  Number of subculture information sharing networks  Visibility of Connected ‘things’ & ICS vulnerability research
  • 6. INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Pipeline Communication Infrastructure Compromise Devices used in an attack against a third party. Device configuration contributed to compromise Large volume of network traffic generated Compromised not detected by traditional means Nuclear Power Plant cyber infection Recovery time: SPDS – 4 hours 50 minutes PPC – 6 hours 9 minutes Event: Slammer worm infects plant. Impact: Complete shutdown of digital portion of Safety Parameter Display System (SPDS) and Plan Process Computer (PPC). Specifics: Worm started at contractors site. Worm jumped from corporate to plant network and found an unpatched server. Patch had been available for 6 months. Lessons learned:  Verify device configuration  Ensure Defense-in-depth strategies are in place  Isolate critical systems from the internet. Lessons learned:  Secure remote (trusted) access channels  Ensure Defense-in-depth strategies with appropriate procurement requirements  Critical patches need to be applied Automobile Manufacturing Impact Event: Internet worms shuts down major US automobile manufacturer’s industrial control systems Impact: Production lines were idle as infected systems were patched Specifics: The malware infected 13 automobile manufacturing plants. Revenue impact was approximately $1M USD/HR Lessons learned:  Critical patches need to be applied  Provide adequate network segmentation between control and business networks  Place controls between segments to limit congestion and cascading effects Automobile computer systems hacked Event(s): Researchers take away driver control of a moving vehicle by remotely hacking into relatively insecure computer systems Impact: Computerized systems in modern cars control many critical components and safety devices Specifics: Several Team managed to break into key vehicle systems to kill the engine, apply or disable the brakes and even send various taunting messages to radio or dashboard displays Lessons learned:  Automobile control systems are vulnerable to the same kind of attacks which are launched against Internet- connected computers
  • 7. INTEL PROPRIETARY Intel Federal Attacks on IoT and ICS Oil Platform Cyber Incident Event: Insider computer attack on an energy company’s process control system. Impact: By disrupting one of the process control computer systems, the leak detection system was periodically disabled. Specifics: Disgruntled IT contractor damaged company computer systems by impairing the integrity and availability of critical operational data. Water Utility Loses Control Event: Residents of a rural town experienced loss of water pressure Impact: Approximately 10,000 residents without water Specifics: Utility operator updated its HMI OS (Windows) with a direct connection to the Internet and evidence points to a virus infecting the SCADA system; causing it to crash. The ICS was outdated, not supported by the vendor, and not patched to current updates. Lacked a firewall between the business and control networks Water facility accessed via Internet Event: Cyber researcher used new search engine “SHODAN” to identify an online link to a utility company’s SCADA system. The system was then accessed using the default user name and passwords Impact: The researcher gained administrative control over the regional water treatment system Specifics: After connecting to the water control and management system via the internet the researcher as able to access all control systems for water pumping and waste water treatment Lessons learned:  Do not underestimate the insider threat  Ensure access controls  Policies and Procedure, with regards to contract personnel, background checks Lessons learned:  Utilize DMZ to ensure isolation from business side and Internet  Keep systems patched  Establish and enforce sound security policies Lessons learned:  Change system default user names and passwords  Avoid posting system details to public facing devices  Not all public facing system details are obviously visible
  • 8. INTEL PROPRIETARY Intel Federal 8 Overview of Security Challenges in IoT: Complexity and lack of Standards and Interoperability Protocols  Standards based protocols slowly replacing vendor-specific proprietary communication protocols Interconnected to other systems  Connections to business and administrative networks to obtain productivity improvements and mandated open access information sharing Reliance on public information systems  Increasing use of public telecommunication systems and the Internet for portions of the ICS
  • 9. INTEL PROPRIETARY Intel Federal 9 Overview of Security Challenges in IoT: Security Requirements & Required Certifications
  • 10. INTEL PROPRIETARY Intel Federal focus Provide security capabilities that enable protection, identification, and assurance to all nodes in the IoT ecosystem InternetofthingssecurityStrategy • Designed-In Security Foundation – Consistent security features and a unified programming model which speeds up ecosystem enablement. • Built-In IOT Platform Security Architecture – Solutions integrated to work edge to cloud which lead to HW protected, market ready vertical solutions. • On-Demand Device Lifecycle Security Services – Trust services equip threat defenses with HW verified and attested devices.
  • 11. INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy  Device onboarding & attestation  Integrated into IoT platform & security management ISV offerings On-Demand DeviceLifecycle SecurityServices Equipsthreatdefenses withHWVerified& attestedDevices TrustServices3. BuilT-In IoTPlatform Security Architecture SolutionsIntegratedtowork EdgetoCloud HWProtected, MarketReady VerticalSolutionsHarden Edge Secure Comms Security Managemen t 2. Protected Storage Protected Boot Trusted Execution Environment Hardware and Software Identities Speeds Ecosystem Enablement ConsistentSecurityFeatures & UnifiedProgrammingModelDesigned-in Security Foundation All Product Lines 1.
  • 12. INTEL PROPRIETARY Intel Federal Intel’s IoT Security Portfolio Strategy FOUNDATION (Consistency - WIP) Ecosystem 1 Client IoT Auto Drones Data Center 3 Memory Comms Altera D E V E L O P E R S 2 4 S e r v i c e s 5
  • 13. INTEL PROPRIETARY Intel Federal 13 The Vision for Device Security 13 Protected Workloads Trusted Execution Environment Identity Verifies boot process and enables software identification. Enforces platform boot policies • Secure Boot using TXT & TPMVerified Boot Execution environment that isolates the operations from manipulation or disclosure • SGX (SW Guard Extensions) Trusted Execution Environment (TEE) Provides a unique identifier for the device and can serve as the basis for authentication • EPID (Enhanced Privacy ID)Device Identification Sensitive data (including key material) protected from misuse or disclosure when in use, transit, or storage • TPM – Trusted Platform Module • PTT – Platform Trust Technology Secure Storage ExamplesDefinitionsSecurity Themes Provides device management, provisioning, and policy • MeshCentral for IoT GatewaysManagement
  • 14. INTEL PROPRIETARY Intel Federal 14 Fundamental Capabilities Embedded Security (Security Isolation) • Physical Security • Endpoint Protection Secure Communication • Machine-to-Machine AA-A • Confidentiality & Integrity Security Monitoring & Management • Security Policy Management • Security Event Monitoring
  • 15. INTEL PROPRIETARY Intel Federal 15 Security Isolation Options • No Silver Bullet for Security • No “one-size-fits-all” approach • Enable a spectrum of security implementations • Choose best solution for use case • Process Isolation • Security in same OS as other components • Separate security processes • Containerization Isolation • Software Containers • Hardware Containers • Virtualization Isolation • Security in separate OS • Physical Isolation • Gateway or Bump-in-the-Wire
  • 16. INTEL PROPRIETARY Intel Federal 16 Embedded Security Deployment Models 16 • Process Separation • Security in same OS as other components • Separate security processes • Containerization Separation • Security in same OS, but in software containers (jails) • Application separation (apps) • Virtualization Separation • Security in separate OS • Physical Separation • Gateway or Bump-in-the-Wire Gateway Virtualization In same OS Containerization It’s all about separation of concerns to keep security apart from the Operational components
  • 17. INTEL PROPRIETARY Intel Federal 17 Security Comms Channel • Provide Security Management and Monitoring Services • Back-end Services • Edge Services • Traffic channels independent of Operational Flows and Services • Separate payload and frequency • Independent QoS • Transport Security (Confidentiality and Integrity) • Machine-to-Machine AA-A • Device ID • Authentication and Access Control • Security and other Endpoint Events aggregated and correlated • Back-end aggregation • Edge aggregation • Enables Security Analytics capabilities • Back-end analytics • Edge analytics • Does not affect the existing Operational Services • Loosely coupled to Operational Technologies • Allows security to evolve independently from OT process Management Monitoring Analytics Secured Unsecured ApplicationData Security Data Security Data
  • 18. INTEL PROPRIETARY Intel Federal 18 Security Management • All devices have consistent security APIs, whether security is mixed in with the OS, below the OS in a virtualized instance, or in an OS in a physically separate instance. • All devices now look the same from the management perspective, regardless of Make, Model, Manufacturer. • The security policies can be pushed out to devices regardless of their deployment model, all from a centralized management “cloud”.
  • 19. INTEL PROPRIETARY Intel Federal 19 Security Monitoring • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Global visibility of all endpoints and all communications means that situational awareness spans the entire environment. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints.
  • 20. INTEL PROPRIETARY Intel Federal 20 Security Management & Monitoring Feedback Loop • All devices can send events, logs, properties, etc. back to the centralized analytics “cloud”. • Create a near-realtime risk algorithm measuring the level of risk on the endpoints and the communications between the endpoints. • Crossing a risk threshold triggers a state change in the management system, resulting in automated responses • Notify appropriate personnel • Push new policy out
  • 21. INTEL PROPRIETARY Intel Federal Management and Monitoring Security as a Service (SecaaS) Logical View 21 IT & Security Ops Context Operational Context Security Management & Monitoring Communication Security Endpoint Security Management & Monitoring Services Time Sequence Data Custom Data Operational Services Context Overlay • IT data is out of band from OT data • OT “cloud” services do not change • Security encapsulated in IT “cloud” • Time Sequence Data = Events • Properties = Endpoints • Policy = Management • IT/OT Service Context Dichotomy Metrics Rules Alarms etc Use or disclosure of the contents of this page is restricted by the terms on the notice page
  • 22. INTEL PROPRIETARY Intel Federal Brownfield: Using Gateway Greenfield: Using Embedded Security in Device
  • 23. INTEL PROPRIETARY Intel Federal 23 Example IoT Use Case: C4ISR + Analytics C4ISR Command, Control, Communications, Computers Intelligence, Surveillance and Reconnaissance Foundational USG Big Data Computer Vision
  • 24. INTEL PROPRIETARY Intel Federal Things To Do First Protect what’s most important  Data “islanding” / secure enclaving Consider new layers Think beyond intrusion prevention  Post-infection detection and response  Mitigation  Monitoring logs; think about exfiltration Deny, Disrupt, Disable, Destroy Actively protect your supply chain Maintain open dialogue with ISP, suppliers, customers, employees CLASSIC PERIMETER Intellectual Property (Secrets) HR Data Process Control Recipes Competitively Sensitive Data CLASSIC PERIMETERCLASSICPERIMETER CLASSICPERIMETER
  • 25. INTEL PROPRIETARY Intel Federal Security is a Journey, not a Destination
  • 26. INTEL PROPRIETARY Intel Federal 26 Intel IoT Platforms and Analytics Capabilities: Increasing intelligence and value over time
  • 27. INTEL PROPRIETARY Intel Federal 27 Thank you Steve Orrin Chief Technologist, Intel Federal steve.orrin@intel.com
  翻译: