Analysis and implementation of IT security goals in the Industrial Internet of Things
The industrial Internet of Things (IIoT) will grow enormously in the upcoming years. The Internet plays a central role for this technology. A lack of IT security is currently the biggest issue when integrating local and networked devices into an industrial environment. Research and development projects, such as safe-UR-chain, but also ongoing industrial projects, deal with the improvement of IT security mechanisms between end devices that communicate over wide area networks. As part of these activities, the Fraunhofer IWU aims to contribute to the improvement of communication processes in the IIoT environment.
The Internet of Things is currently characterized by consumer products and a generally weak IT security. Communication often takes place via Hypertext Transfer Protocol (HTTP) or Message Queuing Telemetry Transport (MQTT), where numerous attack vectors exist. So far, the same communication technologies have been used in the industrial domain. Other standards, such as Open Platform Communications Unified Architecture (OPC UA) increase IT security but make it more difficult to use due to high licensing costs or complex procedures. In a specific application, sensor data is sent via MQTT and is evaluated on a central instance. The IT security level of the application needs to be analysed and a contribution to improvement is to be made with free standards and procedures.
The following activities are part of the work to solve the problem statements:
- Investigation and classification of possible attack scenarios in the IIoT environment.
- Elaboration of a requirement analysis for IT security goals between end devices in a specific application.
- Implementation of at least one transmission method as a contribution to increase the IT security in the application.
The objective of this thesis is to find an approach or combination of approaches for the previously mentioned problems and tasks in the context of IT Security in IIoT. This particularly includes the state of the art regarding Security of an IIoT environment, possible attacks and their countermeasures. The demonstration of feasibility with an implementation prototype of the concept is part of this thesis as well as a suitable evaluation with exemplary use cases.