An essential aspect within the Industrial Internet of Things (IIoT) is the identification and authentication of different subcomponents. Starting with the so-called edge devices, gateway solutions and connected IoT platforms up to the back-office systems. The aim here is to establish a continuous chain of trust, as the only way to guarantee a reliable and trustworthy path for exchanging data. In order to realize these advantages, an IIoT solution must first be reliable. Which means users and communication partners, must be sure the IIoT systems will behave as intended and are safe from attacks and manipulation attempts – without restricting the reliability and availability of the application. That’s achievable through two basic and established security technologies:
- a Public Key Infrastructure (PKI) in conjunction with
- Code Signing, a digital signature on the program’s code, put in place by the manufacturer.
Public Key Infrastructures (PKIs) – as of today – are widely established and used in many areas of IT (server certificates for application servers, data servers, certificates for smart energy etc.). They establish a bond of trust between the respective IT/OT systems and components. In the case of Smart Energy, for example, certificates enable trust between electricity meters and energy supply systems. The basis for this is the aforementioned certificates, which are generated individually for each device, and thus contain the device's identification data as well as providing it with an individual electronic signature. This prevents an attacker from imitating the identity of the device within the network. Without the use of these certificates, a cyber-criminal could, for example, plant a device in an IIoT infrastructure and have it infiltrate and hijack the IIoT network.
One of the characteristics of IIoT environments is that systems in different locations often need to communicate with each other. But this doesn’t always happen via secure network connections. Here, too, a PKI can be the solution by verifying the identity and integrity of the respective communication participants. In conjunction with transport protocols such as TLS (Transport Layer Security), this solution ensures a secure data exchange between IIoT components, gateways and IIoT platforms. Secure communication in tandem with these authentications is especially critical, since mobile radio or wireless LAN frequencies are still commonly used in IIoT scenarios, like remote oil drilling facilities or wind farms. They transmit important status information and error messages via wireless communication networks but are much easier to tap into than wired industrial Ethernet infrastructures in a factory.
Securing software with Code Signing
In order to protect the software of IIoT systems from unauthorized access, different approaches are possible, for example with a dongle or an integrated security chip in the electronic circuits of the device. Another common tool is code signing. Here, the manufacturer of a Software Stack ensures the integrity and the authenticity by signing the data with a digital signature, thus protecting both the software itself and their copyright. For this purpose, the provider or manufacturer of the application requires a digital certificate with the corresponding cryptographic key. By using this private key as part of a digital signature, the program code of the application is then sealed. If the public key is then integrated within the code of IIoT components, the integrity and authenticity of the signed application software executed on the system can be verified at any time. If a software update is pending, the IIoT system can recognize from the signature of the update package whether this new iteration actually comes from the provider or from a hacker impersonating them. To conclude, PKI, digital certificates and signing enables a number of security services that IoT and IIoT solutions rely on to be able to deliver their services to the business application in a trusted way. These basic security services are Authentication, Integrity and Confidentiality.
Authentication of users, devices and infrastructure components (e.g. gateways, routers, etc.), systems (data) and control devices (commands): This ensures that only authorized and trusted communication partners exchange information. Firstly, all participants must identify themselves. The system then checks whether the communication partner is actually the one in question or an instance that only pretends to be.
Integrity: Data and commands cannot not be easily manipulated or substituted.
Confidentiality: Sensitive information must be protected from unauthorized access. This applies to data that is transmitted as well as persistent data. “Sensitive” in this context includes data for operating machines or data that is part of the production process. In addition, PKI and Signing solutions should adhere to relevant standards and demonstrate security certifications where applicable.
Certifications and Compliance also very often come in to play: A PKI, Signing and its complementary solutions such as a Secure Execution Environment should fulfill the standards of relevant certificates such as the FIPS 140-2 and Common Criteria. Prospective customers should always check whether a provider takes the required compliance regulations into account. Finally, cyber security is a global problem and all stakeholders benefit from openness for increased trust.
PrimeKey believes in open source and that our users can feel an increased trust in us and our solutions knowing that the source code is open. There are no back doors, no secrets, and no hidden agendas. If you are in the business of creating trust, then PrimeKey believes that trust and openness go hand in hand.
Read about PrimeKey PKI, Signing Secure Execution Environment products that can be used in IIoT solution:
This is an abstract from the PrimeKey white paper that takes a deep dive into Security for IIoT environments. The white paper is available here: https://www.primekey.com/security-for-iiot-environments