The explosion of Industry 4.0 and the Internet of Things (IoT) is driving companies to produce a broad range of products and services. These are indeed exciting times. But the question keeping executives and plant managers awake at night is, “How secure is my IIoT network?”
One assumes that today’s connected devices are designed to properly handle security issues, but the non-compatibility of technology among various equipment vendors and suppliers has created a new set of security challenges.
Fieldbus protocols have been around for years, and continue to be a critical component for many applications. But today there are new types of protocols that specifically address connectivity in highly automated and connected industrialized environments. Some of the more popular protocols in use today include OPC UA, EtherCAT, EtherNet/IP, Modbus TCP/IP and BACnet IP.
OPC UA has emerged as a standard within the industry as an open exchange vehicle for safe, flexible and reliable data transfer over platform-independent industrial communication systems. OPC UA has a comprehensive built-in security model which provides secure channel client/server communications.
Partitioning and separation
ARM Holdings’ TrustZone is a hardware-based security feature that enables partitioning of system resources in an ARM-based system-on-chip (SoC). TrustZone separates two parallel execution worlds: the non-secure “normal” execution environment, and a trusted “secure” world. Within the processor, software running in the non-secure world is blocked from accessing, or even being aware of, resources in the secure world. For security at the device level, TrustZone enables secure storage, processing and data communication as defined by system security requirements.
If hardware separation isn't an option, the next best thing for security is to use software to isolate and protect applications. In the past, particularly on a single-core SoCs, designs used simple separation enforced by a memory management unit (MMU). These days, with multicore SoCs supporting virtualization extensions in the silicon, there are more designs using embedded hypervisors. The beauty of a hypervisor is that it allows multiple instances of the same or different operating systems to execute on the same SoC, enforcing simple partitioning of resources, or providing complete virtual machines. This separation can be used to protect and secure resources and assets that run in defined partitions.
Developers should consider a secure, safe and proven IIoT embedded development platform for their projects. Ideally, a customizable IoT platform should support the many connectivity protocols mentioned here, and provide integrated solutions for management of IIoT systems, as well as support the most common cloud protocols including MQTT, XMPP, AMQP and CoAP. It should also leverage modern SoCs, which enable secure IIoT gateways capable of data aggregation, infrastructure throughput, remote provisioning, local analytics and security controls.
For example, Mentor Graphics provides a proven industrial IoT platform that supports today’s connectivity protocols, and includes an edge device reference design for low power and an IoT gateway reference design “Certified for IoT” with Microsoft Azure. The IoT platform also includes a deterministic, real-time operating system (RTOS) called Nucleus RTOS and a Yocto Project-based open source Linux platform called Mentor Embedded Linux. An RTOS is suitable for constrained and low-power devices (actuators, sensors, etc.) where a very small footprint is required. Nucleus enables a number of security precautions, such as the use of public key infrastructure (PKI) for boot-time and code authentication; establishing a “chain of trust” to ensure downloaded code and data are authenticated and validated; and process separation using MMU-based memory protection to partition critical code and memory spaces.
Mentor Embedded Linux is also becoming more widely used in the IIoT industry because of its free distribution model, feature-rich capabilities and large network of developers devoted to its continued success. In addition to the breadth of networking security features available in open source, and certificate-related security features already enumerated above for Nucleus, Mentor Embedded Linux includes a number of security features built into the Linux kernel such as SELinux and the more recently developed (and easier to use) Simplified Mandatory Access Control Kernel (SMACK).
Certification and vulnerabilities
With billions of IoT devices in use globally, IIoT security will require strong authentication to ensure communication between known and trusted devices (including the smallest endpoints). For today’s embedded devices and systems, security features need to be designed-in early to address advanced security threats. To further augment security, Mentor partners with software security companies, including Icon Labs and GE Wurldtech. Icon Labs is a leading embedded security company that offers products to effectively manage, secure and protect devices and networks. GE Wurldtech offers cross-platform security by subjecting devices that will be connected to an IIoT network to rigorous testing and granting certification that security standards were met.
Security is a moving target, and the ability to respond quickly to security vulnerabilities is quickly becoming a critical component throughout the development and post-deployment processes. Mentor software customers receive the benefit of Mentor’s Core Critical Security team that proactively monitors ICS-CERT and other websites to identify common vulnerabilities and exposures (CVE) that might affect an upcoming, current or past software release. If necessary, customers are then notified, and security patches are made available.
As the number of assets connected to the IIoT increases, so does the attack surface of the industrial system.More companies are realizing security, along with a safe and proven IoT development platform, are part of a future investment and not just a necessary cost.