Security for IoT and OT – An Industrial Perspective – Oliver Pfaff (Siemens), Wednesday, Oct 7, 14h CEST

Oliver Pfaff from Siemens will talk about Security for IoT and OT – An Industrial Perspective at the 3rd Future-IoT PhD school on Wednesday, Oct 7, 14h CEST. Join the free live stream at https://school.future-iot.org/stream.

What will the keynote be about?
IoT (Internet-of-Things) as well as OT (Operational Technology) provide distributed cyber-physical systems: they are characterized by network components (sensors/actuators) that interact with real world resources.

Protecting the communications between system components in IoT/OT is fundamental for cybersecurity. Historically, OT relied on physical protection utilizing network segregation/isolation. This approach provides blocking points for new use cases in Digitalization and I4.0. To overcome them, OT protocol stacks e.g. PROFINET need to be enhanced to support information security based on cryptographic techniques. This is different in IoT: the IoT protocol stacks e.g. CoAP-over-UDP emerge in an ecosystem that supports security using cryptographic means since decades.

But security for the IP stack and IP-based applications e.g. TLS and OAuth for securing Web applications was designed for the needs of IT (Information Technology). Ideas such as “just use TLS or DTLS” might be false friends in IoT/OT security. This presentation determines whether and to which extent well-known IT-security solutions match IoT/OT needs and identifies the state-of-the-art in security-enabling IoT/OT protocol stacks.

There also is no ‘out-of-nothing’ security: preparatory steps are needed to use cryptography in distributed systems. One example is the supply of initial credentials/keys to system components. IoT/OT has specific challenges with respect to setting-up information security:

  • There are components (e.g. field devices) that do not provide side-channel options for provisioning information to them – such means are often used in IT to setup security.
  • Users expect a uniform way of security setup when an IoT/OT component uses multiple stacks in parallel – setting-up for security is a cross-cutting concern, silo solutions must be avoided.

This presentation sketches blueprints for a uniform handling of preparatory steps for security and considers IoT/OT security initiatives with respect to their potential to avoid or overcome security silos.

We are looking forward to seeing you online for the keynote!

Please talk about our event…

using the hashtag #fiot20

Please follow and like our social media channels…

Olivia Pahl

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.