About EMDiS
People
Resources
Contact

Cybersecurity for IIOT and Industry 4.0

Sathish Kumar, PhD | Biography
Electrical Engineering and Computer Science Department and lab Intelligent Secure Cyber-Systems Analytics and Applications Research (ISCAR) Lab

Keywords: Cybersecurity; Machine Learning; IoT; Blockchain

Description

Cybersecurity

Cybersecurity is the protecting of one from cyber threats in systems, networks or any digital application.

Three main goals of cybersecurity are:

  • Confidentiality: Keeping confidential information private.
  • Integrity: Ensuring the consistency, precision and credibility of the information.
  • Availability: Ensuring the information should be available to approved entities consistently and readily.
Reference: Security Challenges on the Way Towards Smart Manufacturing , H. He, IoT Security Foundation White Paper, April 2016. Retrieved May 2021 online.
Business Applications
  • Confidentiality: Eavesdropping attacks due to fake reader will have the ability to read confidential tag data
  • Integrity: Poisoning methods that compromise data or the models that use the data could have significant effects on the physical integrity of the plant or the quality of its output
  • Availability: Attacks such as Denial of Service (DoS) can deny the availability of assets such as a network, a system device, or any computational resources to legitimate users and has the potential to shutdown manufacturing process for extended period of time.
 
Case Study

Introduction:

  • Manufacturers use RFID (Radio Frequency Identification) technology to track and handle thousands of supplies.
  • RFID plays an important role in IIOT and Industry 4.0 in the context of smart manufacturing.

Problem - Eavesdropping Attacks:

  • RFID readers sends request to RFID tags to check their identity information.
  • Reader reads information sent by the tag and verify it with the stored data in the server.
  • However, most of the RFID tags cannot discriminate between valid RFID reader and fake RFID reader.
  • Attacker with fake RFID reader will be able to sniff out the confidential information.

Solution:

  • Eavesdropping attacks can be defended through the encryption of the RFID communication channel.
  • Another simple remedy is to avoid storing data on the tag unnecessarily.
  • Secure transmission of tags' IDs can be achieved using anti-collision protocols
-Mitrokotsa, Aikaterini, Melanie R. Rieback, and Andrew S. Tanenbaum. "Classifying RFID attacks and defenses." Information Systems Frontiers 12.5 (2010): 491-505
 
-Quan, Cheng-Hao, Won-Kee Hong, and Hie-Cheol Kim. "Performance analysis of tag anti-collision algorithms for RFID systems." International Conference on Embedded and Ubiquitous Computing. Springer, Berlin, Heidelberg, 2006.
Reference: Li, Xuran, et al. "An analytical study on eavesdropping attacks in wireless nets of things." Mobile Information Systems 2016 (2016). Accessed online.