3. 326.01.2018
Digitalization accelerates the industrial
processes and enables new businesses …
… but the use of IoT in the cyber-physical world also
raises new threats on object, persons and businesses
To enable the full
potential of IoT we
need a holistic
approach
4. 426.01.2018
• Gartner estimates 8.4B connected things will be in use worldwide in 2017,
up 31% from 2016, and will reach 20.8 billion by 2020.
• Internet of Things (IoT) sensors and devices are expected to exceed mobile
phones as the largest category of connected devices in 2018, growing at a
23% compound annual growth rate (CAGR) from 2015 to 2021.
• Ericsson predicts there will be a total of approximately 28B connected
devices worldwide by 2021, with nearly 16B related to IoT.
IOT WILL BE EVERYWHERE
Image Source: Ericsson Mobility Report; June 2016
8. 826.01.2018
OUTLOOK 2018 – EDGE/FOG COMPUTING
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
9. Decentralization of computation & processing power
9
EDGE/FOG COMPUTING
Cloud
10^6 Data Centers
Fog
10^8 Nodes
Edge
10^10 Devices
26.01.2018
10. 10
Decentralization of computation & processing power
• Supported by 5G development
Processing on network nodes close to the device (fog) or the device itself (edge)
Reduce amount of data sent to and processed in the cloud
Aggregation of local information across different nodes/devices
New services
Enables (close to) real-time applications using remote services (low latency)
( Infrastructure/Production/Mobility)
New devices
New physical layer elements for low-latency applications
Enrich devices with enhanced functionality ( AI, Immersion)
New business models
Selling processing power for local applications
Need for trust & specific security and management mechanisms
EDGE/FOG COMPUTING
26.01.2018
11. 1126.01.2018
OUTLOOK 2018 – BLOCKCHAIN
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
26.01.2018
12. 1226.01.2018
Principal concept of blockchains is highly compatible with IoT
• Decentralized approach
• Many partners
• Limited trust between partners
• Need for interaction & exchange
• Ledger for transaction between “robots”
Blockchain is more than bitcoin & crypto currencies
• Shift from Proof-of-Work to Proof-of-Stake enables IoT devices to participate
Applications in the IoT context
• Distributed ledger for device registry (type, ownership, etc.)
• Documentation & validation of data across partners (e.g. for logistics)
• Smart contracts for service provision (e.g. selling sensor data)
Potentially disruptive impact on existing business models of intermediaries
BLOCKCHAIN
13. 1326.01.2018
OUTLOOK 2018 – ARTIFICIAL INTELLIGENCE
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
14. 1426.01.2018
Centralized AI services become widely available
• Preconfigured applications for specific domains readily available
• Localized services support low-latency responses ( Edge/Fog)
IoT provides relevant input to connect AI to the world
AI can also create the “meaning” to interpret the different IoT inputs
Applications
• Automate IoT maintenance and operation (e.g. prescriptive maintenance)
• Network security (e.g. network anomaly detection)
• Simplifies user-interaction within complex (IoT) environments by providing an
“integrated view” Immersion
ARTIFICIAL INTELLIGENCE
15. 1526.01.2018
OUTLOOK TO 2018 - IMMERSION
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
16. 1626.01.2018
IMMERSION
Omnipresent IoT devices and AI powered processing enable
new types of interaction
• Interfaces become ubiquitous available
• Interfaces become situation aware and self-responding
• Interfaces access not only a single app, but an ecosystem
Border between interface and real-world dissolves
Enabled by high volume wireless networks (5g)
Applications
• Augmented reality for production processes
• Situation aware support for maintenance tasks
17. In 2018, Smart Home will be the showcase for more immersive interaction
1726.01.2018
Immersion
New Interaction
Example Philips Hue (not yet useful approach):
• Synchronization of lighting to videos
• Integration of Razor‘s Chroma lights
Automation
What can I help you
with?
Detected you might
be cold …
Contents +
Infrastructure
• Cross-app collaboration
• Interactions across essentials in the
room
• Voice trend continued Digital
assistants
• Presence (“Heating, I am home”)
• Habits with weak “localized” AI
• Why did it play (this) music?
• Why was the room temperature raised?
AI
AI
interconnection
IMMERSION
18. 1826.01.2018
OUTLOOK 2018 – PRIVACY (GDPR)
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
19. 1926.01.2018
PRIVACY (GDPR)
GDPR forces significant changes in handling personal information
• Consent on collecting all data needs to be given
• Responsibilities need to be clear
• Mandatory notification regime in the event of personal data breaches
• Data needs to be secured (privacy by design and by default)
Challenge also for (IoT) services (e.g. AI, Immersion)
• Applies to consumer and industrial setting
(e.g. tracking of employees, tracking of products)
Need for new privacy-preserving solutions
• Methods & know-how for privacy-by-design
• Keeping data local ( Edge Computing)
• Alternative approaches ( Blockchain)
• Need for training (cyber range)
20. For consumers, IoT is the cloud; Smart home as privacy battleground
2026.01.2018
Thief or delivery?
Who ordered that?
Who killed them?
Convenience trend
• Automation, lowered control
• Intensified data collection
• Everyone talks to everyone via the
cloud
• Can we do the same more locally?
Personalization trend
• Protection against cross-app attacks
• Protection against sharing accounts of
delay lives (personal data, …)
• Data tracking will be more personal
Public data requests
• Do data requests pay of? Likely, yes
more data requests to be exptected
• Stealing personal data more likely
vs. Cloud
More local or not?
+
-
+
-
-
~
-
-
-
PRIVACY (GDPR)
21. 2126.01.2018
Openness,
transparency,
and a specified
purpose Identity
privacy
Temporal and
location
privacy
Query privacy
Access controlSecurity
Interoperability
Data
minimization
Accountability
Security
Characteristics of
a tentative privacy
framework for
the IoT
IOT PRIVACY FRAMEWORK
CHARACTERISTICS
Source: Porambage et.al., “The Quest for Privacy in the Internet of Things”, IEEE Cloud Computing, Vol.3/2, 2016.
22. 2226.01.2018
OUTLOOK 2018 – NET NEUTRALITY
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
23. 2326.01.2018
NET NEUTRALITY
IoT relies strongly on free flow of information
Possible impacts due to loss of net neutrality
• Loss in variety
QoS only for premium services but IoT involves lot of crowd-sourced data
• Loss in innovation
Big players or operators can hamper small (independent) companies in
delivering their services
Scenario
• Smart heating services from small companies can be hampered by ISPs
to support their own solution
24. 2426.01.2018
OUTLOOK 2018 – INFRASTRUCTURES,
PRODUCITON & MOBILITY
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
25. 2526.01.2018
IoT becomes a key enabler in these industries
• IoT enabled infrastructure supported by low-power networks
(LoRaWAN, Sigfox, etc.)
• Use of IoT shifts from singular usage to large scale applications
• Composite digital twins will gain momentum
• IoT together with AI enable to provide context-sensitive information for
highly complex systems (right information at the right place & time)
Transformation of technical- and business processes
• Reduced time-to-market
• Increased quality
• New services & businesses
INFRASTRUCTURES,
PRODUCTION & MOBILITY
26. TRANSFORMATION OF
INDUSTRIAL & BUSINESS PROCESSES
26
Industry 3.0 Pyramid Factory Model Industry 4.0 Smart Factory Model
Image Source: Plattform Industrie 4.0 – RAMI 4.0
26.01.2018
28. 2826.01.2018
OPPORTUNITIES OF INDUSTRIAL IOT
Technical
Level
Process
Level
Business
Level
Flexible
business
models
New value
chains
Traceability
Better
protection of
IP
Higher
throughput
Optimized
production
Better
maintenance
Individualized
production
Increased
product
quality
Faster
development
cycles
Continuous
product
improvement
Customer
Insights
Increased
robustness of
production
processes
Intelligent
Support
29. 2926.01.2018
CHALLENGES OF INDUSTRIAL IOT
•Merging products and services
•Enabling multiple value chains
•Acting simultaneously as producer and customer
New business models
•Understanding user needs by getting operational data
•Ensuring operation and interoperability over lifetime
•Providing product and security updates over lifetime
Management of products
and services over lifetime
•Batch size 1
•Production on demand (what, where and when)
•Tracking products from production to delivery
Individualization &
traceability of
(production) processes
•Integration with legacy systems
•Ensuring semantic interoperability across manufacturers & suppliers
•Enabling high scalability of components in operation
Interoperability and
scalability of systems
•Roll-out usable & scalable security
•Ensuring trust & privacy during production across manufacturers &
suppliers
Safety & security in
distributed environments
•Synchronize operation of production facilities in millisecond range
•Synchronize production between production plants across countries
and manufacturers
Synchronizing on micro
and macro level
Technical
Level
Process
Level
Business
Level
31. 3126.01.2018
OUTLOOK 2018 – SAFETY CRITICAL
Technological
Development
Users&Society
Policies
Use-Cases
Applications
Devices
Standards
Domains
Cloud
IoT
32. 3226.01.2018
• IoT is becoming widely applied in safety-critical environments
• Combination of IT and OT raises new challenges
• IoT affects both IT and OT
• Different regulations, needs and tools
• Complexity of IoT networks requires specific security approaches
Combined approach towards safety & security
Specific tools & methods to ensure safety & security
Security and safety must be ensured along the product lifecycle
IOT BECOMES SAFETY-CRITICAL
34. 3426.01.2018
The connection of virtual and physical world, raises new dangers:
• 2013, Austrian PowerGrid almost shut down by misguided control
command from German gas system
• 2015, German steel mill in Germany was
hacked causing massive damage
• 2015, Jeep Cherokee hacked,
including steering and braking system
• 2016, Ukraine power grid was
hacked and partially taken down
• 2016, DDoS attack by botnet of
hacked IoT devices
• 2018, ???
IOT BECOMES SAFETY-CRITICAL
Image Source: https://www.sentryo.net/cyberattack-on-a-german-steel-mill/
35. 3526.01.2018
The New Model for Digital Security
SAFETY, RELIABILITY AND PRIVACY:
DIGITAL SECURITY IMPERATIVES
Privacy
Safety
Reliability
Confidentiality
Integrity
Availability
People
Environment
Data
Lifecycle Management
IoT
36. 3626.01.2018
SAFETY & SECURITY CO-DESIGN
IEC TC65 WG20 “Industrial-process measurement, control and automation – Framework to bridge the requirements for safety and security”
37. 3726.01.2018
BALANCE OF RISK AND RESILIENCE
RISK
• Governance
• Compliance
• Control
• Protection
RESILIENCE
• Reliability
• Speed
• Assurance
• Openness
Privacy
Safety Value
Costs
38. 3826.01.2018
• Fit-for-Purpose
• Physical
• Safety
• Embedded
• Variety of Types
• High Velocity
• Dynamic Network
Graphs
• Myriad Platforms
• Age
• Protocols, Types
• Varied Vendors
• Millions of Devices
• Multiple Networks
• Big Data, BIG Data
• Longer Supply
Chains
Scale Diversity
FunctionDynamics
WHAT IS DIFFERENT ABOUT IOT
SECURITY?
IoT
39. 3926.01.2018
PERMEATION OF TRUST
Source: Industrial Internet Consortium Security Working Group, “Industrial Internet of Things Volume G4: Security Framework,” 2016.
40. 4026.01.2018
• Detect incidents
• Confirm and
prioritize risks
• Contain incidents
• Remediate
• Design / model
policy change
• Investigate incidents /
retrospective analysis
• Harden systems
• Isolate systems
• Prevent attacks
• Risk-prioritized
exposure assessment
• Anticipate
threats/attacks
• Baseline systems and
security posture
Predict Prevent
DetectRespond
ADAPTIVE SECURITY ARCHITECTURE
Adaptive
Security
41. 4126.01.2018
SECURITY IS A KEY ISSUE TO YOUR BUSINESS
Your brand will be held
responsible for all security
issues!
42. 4226.01.2018
HOLISTIC APPROACH TOWARDS IOT
Regulations & standards
to support trust across platforms
Information & competence
to raise awareness and provide support
Integrated training and education
to empower people & companies
Tools and methods
to enable safe & secure solutions
43. • 180+ experts (1/3 with PhD): 51% Scientists, 39% Engineers, 10% Admin
• 50% of new employees with international education
• 30+ EU running projects
• Strategic partners:
New Sensor Technologies
Intelligent Cameras & Video Analytics
43
AIT – CENTER FOR DIGITAL SAFETY & SECURITY
Dependable Systems Engineering
Video Analytics
Digital Identity Management
Design & Dev. of Embedded Vision Systems
Safety & Security Co-Engineering
Automated Test Case Generation
V&V of Complex Systems
Runtime Verification
Predictive System Health Monitoring
Late-stage software customization
Automated Backdoor Analysis
Adaptive Systems Analysis
Security for Industrial Control Systems
Cyber Attack Information System (CAIS)
Cyber Incident Information Sharing (CIIS)
Cloud Security
Risk Management
Security by Design
Cryptography
Cyber Range
Data Science
Machine Learning
Scalable Data Analytics
Blockchain Technologies
Physical Layer Security
Wireless M2M Communication
5G & Broadband Technologies
Optical Quantum Technologies
Crisis and Disaster Management
IoT Sensor Networks
Command & Control Systems
Community Engagement
Environmental Management
Opt. Sensor Systems for Industrial Processes
3D Scene and Motion Analysis
Situational Awareness & Decision Support
Cyber Security
Highest System ReliabilitySurveillance and Protection Critical Cyber Infrastructures
44. THANK YOU!
Dr. MARIO DROBICS
Senior Research Engineer
Center for Digital Safety & Security
Information Management
AIT Austrian Institute of Technology GmbH
Donau-City-Straße 1 | 1220 Wien, Austria
T +43 50550-4810 | M +43 664 8251007
mario.drobics@ait.ac.at | www.ait.ac.at