Temel Ağ Teknolojilerinin Endüstriyel Nesnelerin İnterneti Üzerindeki Güvenlik Etkileri

Nesnelerin İnterneti (IIoT) ağının uygulanması, Endüstri 4.0'ın yaygınlaşmasına uygun olarak genişlemektedir. Her türlü ağda olduğu gibi, güvenlik, bireylerin veya ekipmanın güvenliği dışında ana endişelerden biri olmalıdır. Yine de güvenlik önlemlerindeki herhangi bir zayıflık, ağ bileşenlerinin ve ayrıca bunların etrafındaki operatörlerin güvenliğini doğrudan etkileyebilir. Bu nedenle, bu makalede, özellikle de altta yatan ağ teknolojileri ile ilgili olanlar olmak üzere, IIoT'nin güvenlik üzerindeki etkileri tartışılmaktadır; BACnet, LoRa, Modbus, PROFIBUS, PROFINET, WirelessHART, vs. gibi. Ayrıca, sis (fog) hesaplama - IIoT entegrasyonunun güvenlik üzerindeki etkileri de değerlendirilip ve sunulmuştur. Son olarak, alanda çalışan araştırmacılara yönelik gelecek çalışmalar önerilmiştir.

Anahtar Kelimeler:

Fieldbus, HART, PROFIBUS, PROFINET, IoT, IIoT, yetkisiz erişim, modbus, mirai, torii

Security Implications of Underlying Network Technologies on Industrial Internet of Things

Application of Industrial Internet of Things (IIoT) network is expanding in accordance with the proliferation of Industry 4.0. As in any kind of network, security should be one of the main concerns apart from the safety of the individuals or the equipment. Yet any weaknesses in the security measures can directly affect the safety of the network components and also operators around them. Therefore, in this article security implications of IIoT are discussed, especially those related to the underlying network technologies; such as BACnet, LoRa, Modbus, PROFIBUS, PROFINET, WirelessHART, etc. Furthermore, the security implications of fog computing - IIoT integration are also evaluated and presented. Finally, future directions are provided for the researchers in the field.

Keywords:

Fieldbus, HART PROFIBUS, PROFINET, intrusion, fog, IoT, IIoT, modbus, torii, botnet, mirai,

PDF

___

[1] Laros, S., “5 Examples of How the Industrial Internet of Things is Changing Manufacturing,” available online: https://www.engineering.com/AdvancedManufacturing/ArticleID/13321,(2016).
[2] Roberts, F., “9 examples of manufacturers making IIoTwork for them,” available online: https://internetofbusiness.com/9-examples-manufacturers-iiot/, (2016).
[3] Forsstrom S., Butun I., Eldefrawy M., Jennehag U. and Gidlund M., “Challenges of securing the industrial internet ofthings value chain,” in IEEE Workshop on Metrology for Industry4.0 and IoT, pp. 218–223, (2018).
[4] Butun I., Morgera S. D. and Sankar R., “A survey of in-trusion detection systems in wireless sensor networks,” IEEE Communications Surveys & Tutorials, vol. 16, no. 1, pp. 266–282, (2014).
[5] Butun I., Sari A. and Osterberg P., “Security implicationsof fog computing on the internet of things,” in IEEE International Conference on Consumer Electronics (ICCE), pp. 1–6, (2019).
[6] Karnouskos S., “Stuxnet worm impact on industrial cyber-physical system security,” in IECON 37th Annual Conference on IEEE Industrial Electronics Society, pp. 4490–4494, (2011).
[7] Yang W., Wang Q., Wan Y. and He J., “Security vulnerabili-ties and countermeasures for time synchronization in ieee802.15.4 e networks,” in IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud), pp. 102–107, (2016).
[8] Mayzaud A., Sehgal A., Badonnel R., Chrisment I. and Schonwalder J., “A study of rpl dodag version attacks,” in Springer IFIP international conference on autonomous infrastructure, management and security, pp. 92–104, (2014).
[9] Singh M., Rajan M., Shivraj V. and Balamuralidhar P. , “Secure mqtt for internet of things (iot),” in IEEE Fifth International Conference on Communication Systems and Network Technologies, pp. 746–751, (2015).
[10] Al F., Dalloro L., Ludwig H., Claus J., Frohlich R. and Butun I., “Networking elements as a patch distribution platform fordistributed automation and control domains,” U.S. patent App., PCT/US2012/043,084., Dec. 27, (2012).
[11] Zurawski R., “Industrial communication technology handbook”, CRC Press, 2nd Edition, (2015).
[12] Lora Alliance, “LoRaWAN 1.1 Specification.”, available online: http://lora-alliance.org/lorawan-for-developers, (2020).
[13] Butun I., Pereira N. and Gidlund M., “Analysis of lorawan v1.1 security,” in Proceedings of the 4th ACM MobiHoc Workshop on Experiences with the Design and Implementation of Smart Objects, p. 5, (2018).
[14] Butun I., Pereira N. and Gidlund M., “Security risk analysis of lorawan and future directions,” MDPI Future Internet, vol. 11, no. 1, p. 3, (2019).
[15] O. Patau. “Security of nb-iot devices,” available online: https://accent-systems.com/blog/security-of-nb-iot-devices/, (2018).
[16] A. Sari, A. Lekidis, and I. Butun, “Industrial Networks and IIoT: Now and Future Trends,” in Industrial IoT by Springer, pp. 3–55, (2020).
[17] B. Drury, “Control techniques drives and controls handbook,” by IET, 2nd Edition, no. 35, (2009).
[18] Lewis T. G., “Critical infrastructure protection in homeland security: defending a networked nation,” by John Wiley & Sons, (2014).
[19] “What is LoRa?,” available online: https://www.semtech.com/lora, (2020).
[20] “LoRaAlliance,” available online: http://lora-alliance.org, (2020).
[21] Butun I., Sari A. and Osterberg P., “Hardware Security of Fog End-Devices for the Internet of Things,” MDPI Sensors, vol. 20, no. 20, p. 5729, (2020).
[22] Aydogan E., Yilmaz S., Sen S., Butun I., Forsstrom S. and Gidlund M., “A Central Intrusion Detection System for RPL-Based Industrial Internet of Things,” in 15th IEEE International Workshop on Factory Communication Systems (WFCS), pp. 1–5, (2019).
[23] Butun I., Almgren M., Gulisano V. and Papatriantafilou M., “Intrusion Detection in Industrial Networks via Data Streaming,” in Industrial IoT by Springer, pp. 213–238, (2020).
[24] Butun I., dos Santos D., Lekidis A. and Papatriantafilou M., “Adaptive and Continuous Intrusion and Anomaly Detection for Smart Grid Systems,” (2020).