• No results found

The Internet of Things

N/A
N/A
Protected

Academic year: 2021

Share "The Internet of Things"

Copied!
25
0
0

Loading.... (view fulltext now)

Full text

(1)

The Internet of Things

Jeff Apcar

Distinguished Services Engineer, Cisco Systems

(2)

IoT Definition

(3)
(4)

Things Connected

Things NOT

Connected

How much is CON

Over 70% of

humans are NOT

connected

(5)

IoT Rapid Growth

6.307

6.721

6.894

7.347

7.83

0

10

20

30

40

50

2003

2008

2010

2015

2020

B

illions

of

Dev

ic

es

World Population

5 0

Billion

Smart

Objects

Rapid adoption rate of digital infrastructure

5 x faster

than electricity & telephony

~6 things online

” per person

(6)

Shift In Dominant End Points

Analytics and

Modelling

Improve

Productivity

Healthcare

Precision

Agriculture

Energy Saving

Smart Grid

Safety & Security

Smart Home

S+CC

Transport and

Connected Vehicles

Intelligent

Buildings

Predictive

Maintenance

Tablets, Laptops, Phones

Human Interactions

Sensors, Smart Objects, Device Clustered Systems

Machine to machine interactions

(7)
(8)
(9)

From

To

IoT Architectural Philosophy

Standardized Networks

(IP Based/ISO Stack)

Distributed Intelligence

(e.g. Fog Computing)

Standardized Interfaces

(Wireless/Wired)

Protocol Gateways

(Inherently complex,

inefficient and fragmented

networks

)

Closed Systems

(Little external interaction

)

Proprietary Networks

(Usually layer 2 based)

Various Protocols

(M

odbus, SCADA, BACnet,

(10)

Data Centre/Cloud

Smart Objects/Endpoints

IoT Architecture

Data Points, Variety & Velocity, Security, Resiliency, Latency

Fog Ne twork

Core Ne twork

Te n s o f Millio n s t o Billio n s

Embe dde d Sys te ms & Se ns ors

Low power, low bandwidth

Tens of Thousands t o Millions

Multi- Service Edge

3G/3G/LTE/WiFi/RF Mesh/PLC

Thousands

Backhaul

IP/MPLS, Security, QoS, Multicast

Hundreds

Data Centre/Cloud

Hosting IoT Analytics

Sensing

Control

Correlation

Millsecond /seconds response

Transactional response times

KB-GB

GB-TB

TB-PB

Infinite

(11)
(12)

City Infrastructure

Synchronize Signals for

Emergency Vehicles

Improve Congestion Management

(13)

Various protocols applied to IoT networks

Relevant Protocols for different layers

Link Layer (eg., 802.15.4, PLC)

Adaption Layer (6LowPAN)

Routing (eg., RPL)

Messaging (eg., CoAP)

Security: (D)TLS, 802.1AR, 802.1X

Protocols for IoT Networks

Smart Grid Protocol Stack Example

Designed

for IPv6

(14)
(15)
(16)

IPv6 Protocol Is Subject To The Usual Attack Suspects

V i r u s e s & W o r m s

U n a u t h o r i s e d a c c e s s

L 4 Sp o o f i n g

M a n i n t h e m i d d l e at t a c k s

L

3

S

p

o

o

fi

n

g

R

o

u

ti

n

g

At

tac

k

s

Sn i f f i n g

Fl o o d i n g

Fr a g m e n t at i o n

Sm u r f i n g

Re c o n n a i s s a n c e

Pi n g Po n g i n g

Ne i g h b o u r D i s c o v e r y A t t a c k s

D

H

C

P

At

tac

k

s

Ro g u e D e v i c e s

D e n i a l o f Se r v i c e

(17)

IoT: Where The Internet Meets The Physical World

Informat ion

Act uat ion

Internet of

Yesterday

Internet of

Things

IoT Extends the attack surface

Modbus

SCADA

CIP

Modbus

TCP

SCADA

TCP/IP

Ether/IP

From

Closed

systems

To

IP based

systems

(18)

Some IoT Threats

Too many to mention, here are a few…

C o m m o n w o r m s ju m p in g fro m ICT t o Io T

Generally limited to things running consumer O/S: Windows, Linux, iOS, Android

Sc ript K iddies

*

or ot her t arget ing at resident ial IoT

Unprotected webcams

Stealing content

Breaking into home control systems

*

Unskilled individuals who use scripts or programs developed by others to assemble attacks

Or ganised Cr ime

Access to intellectual property

Sabotage and espionage

Cy ber Terrorism

Nuclear plants (Stuxnet virus)

Traffic monitoring

Railways

(19)

Shodan: The Google for hackers

(20)

IoT Security Framework

Role

B

as

ed

S

ec

ur

it

y

A

n

ti

-t

am

per

&

Det

ec

tion

Dat

a P

rot

ec

tion

&

Conf

ident

ialit

y

IP

P

rot

ec

tion

Device Classification

Standards for actuator & Sensors

Auto enrollment & Provisioning

Stateful application visibility

Connectivity Standards

Authenticated Encryption

Network Enforcement/Segmentation

Distributed Analytics & Management

(21)

IoE industry is still evolving, large potential for zero-day attacks

Opportunity to drive the security at the appropriate layer

Embedded Endpoint layer comprises highly constrained devices

So far has limited the growth of malware to this layer

Growth of IP based sensors corresponds to attack surface growth

New security protocols and identification techniques required

Corresponding to the capabilities of the device endpoint

IoT presents new challenges to network & security architects

Learning machines will play a big part in this area

Managed threat detection, anomaly detection, predictive analysis

(22)
(23)
(24)
(25)

References

Related documents

But unlike Modbus – which basically took the Modbus RTU packet and encapsulated it into a TCP/IP packet – Profinet was designed to take advantage of Ether- net and permit

This means no other Modbus TCP client device can connect to the robot and use a Priority connection except the device with the corresponding IP address.. Any Modbus TCP client

SIG supports generic MODBUS RTU/MODBUS TCP-IP or MODBUS over TCP-IP Protocols for data acquisition and uses MQT T protocol to communicate with IT application

This Setup Guide uses a sample application that shows you how to establish communication between the MVI56E-MNET module (Modbus TCP/IP Client) and a Modbus TCP/IP Server device..

If the IP Address, IP Mask, or Gateway is changed, the program will automatically try to reconnect to the PEM in 20 seconds. If reconnection is successful, the program will continue

• Two dedicated national roadshows for potential participants held in mid-August (Dublin/Cork) with strong enterprise involvement as well as Springboard colleges, career advice

 It gives employees self-esteem and makes them feel like part of the organization.  It results in more frequent and candid interaction between supervisors

High dynamic pressure in the solar wind on 7 –8 March compressed the ionosphere, resulting in an ionopause detection at relatively low altitudes in MARSIS local electron density