The power of the gateways in the IIoT

Posted date 27/04/2023
Autor
INCIBE (INCIBE)
gears with shadow of a walking man image

The Industrial Internet of Things (IIoT) refers to the use of different interconnected devices in the industrial environment, whether within factories, energy companies or other types of industries. 

The Industrial Internet or also known as Industry 4.0, involves the use of intelligent sensors and actuators to improve industrial and manufacturing processes, using all the benefits provided by smart machines and obtaining data at high speed and in real time. All this added to the interoperability between systems granted by different protocols at industrial level, has been achieved to improve different aspects, such as error detection (reducing costs), time saving (improving efficiency), improving quality control sustainable practices, traceability of the supply chain, energy management or asset tracking.

Entorno industrial
- Internet Industrial de las Cosas (IIoT) -

All these advantages have led to substantial progress in industrial processes incorporating IIoT devices, although this has also made them a target for attackers, since  the possibility off obtaining large amounts of information and data is easy if the network is poorly protected.

With the need to further increase this interoperability, so characteristic and necessary in industrial IIoT systems, IIoT gateways have emerged, capable of connecting new generation industrial devices with older industrial devices, thus avoiding the need for companies to upgrade all devices to a ‘next generation’ version and therefore reducing costs.

Gateway deployment and its importance

Going more deeply and technically into the concept of IIoT gateway (industrial gateway), it can be said that these devices are a point of vital importance in industrial. Industrial gateways bridge the gap between the “Edge devices” (devices and local network) and the cloud by collecting, processing and standardizing data from sensors, I/O devices and PLCs before sending it to the cloud, ensuring complete connectivity regardless of the type of based device.

Layout of an Industrial IoT Gateway in a network architecture
Layout of an Industrial IoT Gateway in a network architecture. Source.

One of the main characteristics of these devices is their ability to connect to different types of equipment, systems, and devices, and to be able to transform the data into a standard model so that it can be used and transmitted to cloud-based systems.

On the other hand, IIoT gateways provide different functions or capabilities to increase efficiency in industrial environments. The following are some of these main capabilities within industrial environments, some integrated in certain hardware models, others as modules developed by third parties, compatible with many software gateways depending on the installed operating systems.

  • Remote upgrade capabilities: this capability is of paramount importance in industrial environments, as it greatly reduces the risk of service unavailability due to firmware errors or security vulnerabilities in the IIoT gateway. Thanks to this capability, the gateway can periodically check if it has the latest firmware version installed, download it and install it automatically.
  • Connectivity, data collection and communication: cloud-based systems often have limited resources for data storage and analysis, and require network connectivity, which increases system latency. IIoT gateways would solve that problem in the industrial environment, thanks to the processing of perimeter devices and the standardization of data before sending it to the cloud, thus significantly reducing the processing load on end systems. In addition, they also enable:
    • Local storage of IoT device data such as passwords, models, configuration parameters etc.
    • Ability to automate communication thanks to the stored data.
    • Ability to reboot industrial devices, remotely execute commands and update or modify the behavior of these devices.
  • Real-time processing and decision making: they can process a large amount of data in real time, discarding irrelevant information and sending only the necessary data to the cloud systems. In addition, they enable the ability to store a certain amount of data (depending on the model) so that in case of failure in the cloud systems, this data can be stored until the service is available.
  • Monitoring and maintenance: one of the main problems of maintenance teams in industrial systems is the ability to monitor both individual devices and entire industrial plants effectively. The inclusion of IIoT gateways allows teams and manufacturers to monitor the status of assets in a simple way, thanks to the standardization made by the gateway software. There is a shift from reactive maintenance to predictive or condition-based maintenance.

These functions in the form of applications within IIoT gateways, known as edge computing, are a very efficient way of distributing the process between nodes, reducing the workload, execution response times and being able to execute actions much closer to the final industrial devices.

How to defend against bad guys

Once the capabilities of IIoT gateways have been defined and explained, as well as their importance in industrial systems with many interconnected devices, an attack on these devices can trigger a serious cybersecurity incident in any industrial process. This is why gateways have certain security measures implemented as standard or that can be implemented manually and that are like the hardening of other devices in the OT environment:

  • Use of cryptography: the implementation of this technique results in better control of access to the device, the possibility of encrypting remote administration and management sessions.
  • Use of PUF function: the Physical Unclonable Function allows the generation of a unique key for device and communication authentication.
  • Encryption capability for communications with IoT devices: the inclusion of a specific module can enable secure encryption of communications, thus preventing attacks bases on sniffing by an attacker.
  • Firewall function: if the gateway acts as a security proxy, it can implement firewall functionality thanks to the possibility of defending whitelists and rules for traffic filtering.
  • Physical protection: in many cases, IIoT gateways are physically exposed to possible attacks, which is why physical hardening of these devices must be performed.
  • Use of the remote update function: this prevents the use of other physical devices on the gateway, which can transfer malware or firmware modified by an attacker to the IIoT gateway.
  • Activation of the event logging function: this functionality will allow to have a complete log of all events that take place on the processes running on the gateway, facilitating security audits and automating threat detection.
  • IDS/IPS functionality: this function is also available in some industrial firewalls, allowing to have a control of different intrusions in the network.
Defensive capabilities against cybersecurity threats
Defensive capabilities against cybersecurity threats. Source

Conclusions

Throughout the article, the benefits and solutions offered by IIoT gateways have been presented, as well as some methods of protection against possible attacks, since these devices have a large number of attack vectors as they are the point of union between IT and OT systems.

This is why the hardening of these devices is of vital importance to be able to defend the transfer of data between environments, as well as the ability to control the end devices of the industrial environment. In the previous section, some best practices are detailed in order to best harden of the industrial gateways, thus securing the OT system architecture.

Etiquetas