Professional Documents
Culture Documents
Sri Ramachandran
Vice President – IoT Solutions
G+D Mobile Security
Industry 1.0 to 4.0
12 February 2018 2
Paradigm shift
12 February 2018 3
Smart manufacturing - use case
Asset tracking
→ Easily locate and monitor key assets, prevent quality
issues and detect theft
→ Versatile
→ Cost efficient
→ Maximum logistical efficiency
→ Security
12
Febru
4
ary
Smart manufacturing - use case
Predictive maintenance
→ Resolve problems before they occur
Remote diagnostic
→ Use sensors, cameras and data analytics to
determine when equipment will fail before it does
→ Resulting in automated parts ordering
• Versatile
• Cost efficient
• Maximum logistical efficiency
12 February 2018 5
Predictive maintenance
OEM Manufacturer
Embedded sensors
Real time, conditioned based
monitoring
Part identification and direct
ordering
Classical or additive
manufacturing 3D Printing factory
12 February 2018 6
Smart manufacturing - use case
Semi-autonomous robots
→ Help send products to customers
→ Locate the right stack of shelves
→ Pick up and deliver to human operators
→ Versatile
→ Cost efficient
→ Time efficient
→ Maximum logistical efficiency
12
Febru
7
ary
Industrial IoT- use case
Self driving tractor
→ Drives itself to the field
→ Completes task(s)
→ Drives itself back to the base
→ Monitored by farmer
→ Versatile
→ Cost efficient
→ Maximum logistical efficiency
https://newatlas.com/self-driving-tractor/45169/
12
Febru
8
ary
What we know: IoT is complex
Connected Network OEM & Cloud Partners Enterprise
Devices Customers
OEM
MNO 2G/3G/4G
Cat1, CatM, NB-
IoT OEM
OEM
WiFi/
Broadband
LPWA (LoRa
etc)
12 February 2018 9
Challenges of IoT security
Connected Network OEM & Cloud Partners Enterprise
Devices Customers
OEM
MNO 2G/3G/4G
Cat1, CatM, NB-
IoT OEM
DEVICE
SECURITY
OEM
WiFi/
Broadband
LPWA (LoRa
etc)
IMPLEMENTATION AND OPERATIONAL HURDLES
12 February 2018 10
Challenges of IoT Device security…
→ Identify every Device in the system
• Unique Identity
• Independent of network access
→ Device integrity
• Ensure Device is operating as planned
→ Data protection
• Data gathering as well as secure transport of
data
→ Secure management and monitoring
throughout life cycle
• Device is protected at all times - including
secure firmware and configuration updates
→ Differential access control
• Differentiate among privileged and regular
operations
12
Febru 1
ary 1
Unique identity
→ Current Device identities are:
• Incomplete
- IMEIs are duplicated
- MAC addresses can be changed
• Incompatible
• Insecure
12
Febru 1
ary 3
Data protection
12 February 2018 14
Monitoring
and
management
Secure
Life
Secure
configuration
cycle Secure
firmware
updates updates
12
Febru 1
ary 5
Differential access control
Traditional
Network
Equipment
Web Applications
12 February 2018 16
Essentials of Device security
→ Physical security
→ Secure Boot
→ Trusted execution enclaves
→ Access control and authentication
→ Encrypted storage
→ Firewalling
→ Regular and secure firmware and
configuration updates
12
Febru 1
ary 7
What we really need…
ROOT OF TRUST
providing irrefutable identity management
ALL DATA ENCRYPTED
between device and cloud
PREVENTION
of malware and rogue configurations
RECOVERY
of stranded devices
12
Febru 1
ary 8
Separation of functions in an IoT Device
Lifecycle Management
Activation / Deactivation / Replacement
IoT Device
Device Security
Device Recovery
Sensor
APPLICATION PLANE
Data Reporter
Actuator
12 February 2018 19
Challenges of IoT security
Connected Network OEM & Cloud Partners Enterprise
Devices Customers
Secure element Secure OEM
storage
MNO 2G/3G/4G
Secure execution
Cat1, CatM, NB-
IoT OEM
DEVICE
SECURITY
OEM PKI based mutual
authentication and
WiFi/ encryption
Broadband
12 February 2018 20
Thank you for your
attention!
Contact:
Sri.ramachandran@gi-de.com
@sri_ramach