Skip navigation

Investigation of security and functional safety in industrial IoT

Security vulnerabilities in industrial systems, which are considered less likely to be exploited in conventional closed settings, have now started to become a major concern with Industrial Internet of Things. One of the critical components of any industrial control system, which can turn into a target for attackers, is functional safety. This vital function is not originally designed to provide protection against intentionally malicious parties, but only against accidents and errors.

For this reason, most current functional safety protocols and standards do not have integrated security measures, but rely on the cryptographic features of the underlying communication channel, which need to be carefully configured for industrial environments. Therefore, potential security issues of the safety function in Industrial IoT are worth investigating and analyzing.

In this paper, we explore a generic IoT-based smart manufacturing use-case from a combined perspective of security and functional safety, which are indeed tightly correlated. Our main contribution is the presentation of a taxonomy of threats directly targeting the critical safety function in industrial IoT applications. In addition, based on this taxonomy, we have identified particular attack scenarios that might have severe impact on physical assets like manufacturing equipment, cyber-assets like availability of applications, and even human life. We recommend solutions to mitigate such attacks, which are mainly based on industry standards and advanced security features of mobile communication technologies.

Full abstract in IEEEXplore DOI: 10.1109/CSR51186.2021.9527921

Authors:

Emrah Tomur, Utku Gülen, Elif Ustundag Soykan, Mehmet Akif Ersoy, Ferhat Karakoç, Leyli Karaçay, Pinar Çomak – Ericsson Research

 

Published in 2021 IEEE International Conference on Cyber Security and Resilience (CSR) , July 26, 2021

©2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse.