SlideShare ist ein Scribd-Unternehmen logo

Protecting IIoT Endpoints - an inside look at the Industrial Internet Security Framework

Als PPTX, PDF herunterladen
team-WIBU
team-WIBU

An attack to an Industrial Internet of Things (IIoT) system typically starts with an attack on one or more endpoints. As defined by the Industrial Internet Consortium (IIC), an endpoint is a component that has an interface for network communication and it can be of various types, including a device endpoint or an endpoint that provides cloud connectivity. Endpoints are the only place in an IIoT system where execution code is stored, started and updated and data is stored, modified or applied. In many cases, an attacker will, therefore, try to access the execution code and attack the weakest point in the devices’ security implementation, then modify or replace the execution code with malicious intent. The IIC has recently presented an endpoint protection/security model and policy in its Industry Internet Security Framework (IISF) document. The technical report is an in-depth cross-industry-focused security framework reflecting thousands of hours of knowledge and experiences from security experts, collected, researched and evaluated for the benefit of all IIoT system deployments.

Technologie
1 von 12
Protecting IIoT Endpoints Industrial Internet Security Forum Thursday, October 6, 2016 Sunnyvale, California, USA Marcellus Buchheit, mabu@wibu.com Wibu-Systems USA Inc.
Overview What is an endpoint? Why endpoint security? Security functions of an endpoint Implementing endpoint security 2
What is an Endpoint? 3 The IIoT Landscape: Where are Endpoints? EP EP EP EP EP EP EP
What is an Endpoint (II)? IISF and IIC defines endpoints similar as ISO/IEC 24791-1:2010 standard does: • An endpoint is one of two components that either implements and exposes an interface to other components or uses the interface of another component. 4 IIC simplified this definition (see IIC Vocabulary, version 2.0): • An endpoint is a component that has an interface for network communication. … but added a note for clarification: • An endpoint can be of various types including device endpoint or an endpoint that provides cloud connectivity. Endpoint 1 Endpoint 2 Communication
What is an Endpoint (III)? 5 The IIoT Landscape: Endpoints are everywhere! EP EP EP EP EP EP EP
What is an Endpoint (IV)? Summary: • Endpoints are everywhere in an IIoT System (including edge and cloud) • One single (security) model for all locations • A single computer, even a device, can have several endpoints • Example Router: One LAN endpoint, one WAN endpoint • Frequently shared code/data between multiple endpoints • Endpoint and its communication are another model 6
Why endpoint security? Endpoints are the only location in an IIoT system where: • Execution code is stored, started and updated • Data is stored, modified or applied (“Data at Rest” / “Data in Use“) • Communication to another endpoint is initiated and protected • Network security is analyzed, configured, monitored and managed 7 Result: An attack to an IIoT system typically starts in attacking one or more endpoints: • Try to access the execution code and analyze to find weak security implementation • Attack weak communication protection via network • Modify or replace (“hijack”) the execution code in a malicious way • ...
IISF Endpoint Protection Model 8
Threats and Vulnerabilities to an IIoT Endpoint 9 1. Hardware components 2/3. Boot process 4. Operating System 5. Hypervisor/Sep. Kernel 6. Non-OS Applications 7. Applications and their API 8. Runtime Environment 9. Containers 10. Deployment 11. Data at Rest, Data in Use 12. Monitoring/Analysis 13. Configuration/Management 14. Security Model/Policy 15. Development Environment
Endpoint security: Solutions • Start with a clean design of the security model and policies • Define endpoint identity, authorization, authentication • How other endpoints see me? What can they do with me? • Define proper data protection model • Integrity and confidentiality, especially of shared data-in-rest but also data-in-use • Define secure hardware, BIOS, roots of trust • Includes lifetime of hardware, BIOS update, consistent root of trust • Select secure OS, hypervisor, programming language • Consider lifetime of (open source?), dynamic of programming language • Consider isolation principles (4 different models explained in IISF) • Plan remote code update and provide code integrity • Security has an unspecific expiration date: needs update • Code integrity prevents malicious remote code-hijacking 10
Endpoint security: Solutions (II) • Plan “beyond the basics” security instantly • Plan security configuration and management • For example: defining, replacing and updating of keys and certificates • User-friendly setting of access rights and authorization • Plan endpoint monitoring and analysis • For example: log all security configuration changes • Log all unexpected remote activity • Provide user-friendly analysis, alerts etc. • Implement “state of the art”: • Have a team of experienced security implementers • Use latest versions of development tools, OS, hypervisors, libraries • Test a lot, including malicious attacks • Prepare and test your first remote update 11
Questions and Answers • Please send your comments and questions to: Marcellus Buchheit, Wibu-Systems USA, mabu@wibu.com 12

Empfohlen

IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
Industrial Internet Consortium
 
How to Lead in IIoT
How to Lead in IIoTHow to Lead in IIoT
How to Lead in IIoT
Industrial Internet Consortium
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT security
IoT613
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks
GlobalSign
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 

Empfohlen

IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
Industrial Internet Consortium
 
How to Lead in IIoT
How to Lead in IIoTHow to Lead in IIoT
How to Lead in IIoT
Industrial Internet Consortium
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT security
IoT613
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks
GlobalSign
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Intelligent Internet of Things (IIoT): System Architectures and Communications
Intelligent Internet of Things (IIoT): System Architectures and CommunicationsIntelligent Internet of Things (IIoT): System Architectures and Communications
Intelligent Internet of Things (IIoT): System Architectures and Communications
Raghu Nandy
 
IoT security
IoT securityIoT security
IoT security
YashKesharwani2
 
Internet of Things Reference Architectures
Internet of Things Reference ArchitecturesInternet of Things Reference Architectures
Internet of Things Reference Architectures
SofoklisEfremidisAIT
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Intel® Software
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
CableLabs
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_Infosecgirls
Vandana Verma
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applications
Mario Drobics
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
OWASP Delhi
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
Mayank Pandey
 
The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security Issues
European Union Agency for Network and Information Security (ENISA)
 
Security challenges in IoT
Security challenges in IoTSecurity challenges in IoT
Security challenges in IoT
Vishnupriya T H
 
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster ProjectsRisk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
SecureIoT H2020 funded project
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
CableLabs
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITY
The Avi Sharma
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
Forest Interactive
 
Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing
GlobalSign
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of Things
ChromeInfo Technologies
 
Cybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT NetworksCybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT Networks
Yokogawa1
 
To Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the QuestionTo Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the Question
team-WIBU
 
Bündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die FrageBündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die Frage
team-WIBU
 

Weitere ähnliche Inhalte

Was ist angesagt?

Intelligent Internet of Things (IIoT): System Architectures and Communications
Intelligent Internet of Things (IIoT): System Architectures and CommunicationsIntelligent Internet of Things (IIoT): System Architectures and Communications
Intelligent Internet of Things (IIoT): System Architectures and Communications
Raghu Nandy
 
Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing
GlobalSign
 

Was ist angesagt? (20)

Intelligent Internet of Things (IIoT): System Architectures and Communications
Intelligent Internet of Things (IIoT): System Architectures and CommunicationsIntelligent Internet of Things (IIoT): System Architectures and Communications
Intelligent Internet of Things (IIoT): System Architectures and Communications
 
IoT security
IoT securityIoT security
IoT security
 
Internet of Things Reference Architectures
Internet of Things Reference ArchitecturesInternet of Things Reference Architectures
Internet of Things Reference Architectures
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_Infosecgirls
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applications
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
 
The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security Issues
 
Security challenges in IoT
Security challenges in IoTSecurity challenges in IoT
Security challenges in IoT
 
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster ProjectsRisk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
Risk Assessment Solutions of H2020 IoT Security/Privacy Cluster Projects
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITY
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
 
Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of Things
 
Cybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT NetworksCybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT Networks
 

Andere mochten auch

To Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the QuestionTo Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the Question
team-WIBU
 
Bündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die FrageBündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die Frage
team-WIBU
 
Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?
team-WIBU
 
OPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on SolutionsOPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on Solutions
team-WIBU
 
Industrial Security Entmystifiziert
Industrial Security EntmystifiziertIndustrial Security Entmystifiziert
Industrial Security Entmystifiziert
team-WIBU
 
Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)
Gerardo Pardo-Castellote
 
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
CODE BLUE
 
MuVM: Higher Order Mutation Analysis Virtual Machine for C
MuVM: Higher Order Mutation Analysis Virtual Machine for CMuVM: Higher Order Mutation Analysis Virtual Machine for C
MuVM: Higher Order Mutation Analysis Virtual Machine for C
Susumu Tokumoto
 

Andere mochten auch (20)

To Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the QuestionTo Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the Question
 
Bündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die FrageBündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die Frage
 
Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?
 
Cybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for SecurityCybersecurity 2013 - Design for Security
Cybersecurity 2013 - Design for Security
 
OPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on SolutionsOPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on Solutions
 
Industrial Security Entmystifiziert
Industrial Security EntmystifiziertIndustrial Security Entmystifiziert
Industrial Security Entmystifiziert
 
Tired of playing exploit kit whack-a-mole? Let's automate
Tired of playing exploit kit whack-a-mole? Let's automateTired of playing exploit kit whack-a-mole? Let's automate
Tired of playing exploit kit whack-a-mole? Let's automate
 
Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)Using DDS to Secure the Industrial Internet of Things (IIoT)
Using DDS to Secure the Industrial Internet of Things (IIoT)
 
Introduction & Overview of Internet of Things - IoTMUM
Introduction & Overview of Internet of Things - IoTMUMIntroduction & Overview of Internet of Things - IoTMUM
Introduction & Overview of Internet of Things - IoTMUM
 
The IoT Hunger Games 2015
The IoT Hunger Games 2015The IoT Hunger Games 2015
The IoT Hunger Games 2015
 
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
 
Building Self-Defending Applications With OWASP AppSensor JavaOne 2016
Building Self-Defending Applications With OWASP AppSensor JavaOne 2016Building Self-Defending Applications With OWASP AppSensor JavaOne 2016
Building Self-Defending Applications With OWASP AppSensor JavaOne 2016
 
Track 5 session 3 - st dev con 2016 - mechanisms for trusted code execution...
Track 5 session 3 - st dev con 2016 - mechanisms for trusted code execution...Track 5 session 3 - st dev con 2016 - mechanisms for trusted code execution...
Track 5 session 3 - st dev con 2016 - mechanisms for trusted code execution...
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitation
 
Hunting For Exploit Kits
Hunting For Exploit KitsHunting For Exploit Kits
Hunting For Exploit Kits
 
MuVM: Higher Order Mutation Analysis Virtual Machine for C
MuVM: Higher Order Mutation Analysis Virtual Machine for CMuVM: Higher Order Mutation Analysis Virtual Machine for C
MuVM: Higher Order Mutation Analysis Virtual Machine for C
 
IIoT - A data-driven future for manufacturing
IIoT - A data-driven future for manufacturingIIoT - A data-driven future for manufacturing
IIoT - A data-driven future for manufacturing
 
What is next for IoT and IIoT
What is next for IoT and IIoTWhat is next for IoT and IIoT
What is next for IoT and IIoT
 
Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 

Ähnlich wie Protecting IIoT Endpoints - an inside look at the Industrial Internet Security Framework

IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
team-WIBU
 
Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017
Adrian Sanabria
 
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration TestingRuxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration Testing
eightbit
 
security_assessment_slides
security_assessment_slidessecurity_assessment_slides
security_assessment_slides
Steve Arnold
 

Ähnlich wie Protecting IIoT Endpoints - an inside look at the Industrial Internet Security Framework (20)

IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
 
Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5
 
Information Assurance And Security - Chapter 2 - Lesson 4
Information Assurance And Security - Chapter 2 - Lesson 4Information Assurance And Security - Chapter 2 - Lesson 4
Information Assurance And Security - Chapter 2 - Lesson 4
 
Lesson 4
Lesson 4Lesson 4
Lesson 4
 
Fundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product DevelopmentFundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product Development
 
Zephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdfZephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdf
 
Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017
 
C days2015
C days2015C days2015
C days2015
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
 
What's in a Jailbreak? - BSides 2019 keynote
What's in a Jailbreak? - BSides 2019 keynoteWhat's in a Jailbreak? - BSides 2019 keynote
What's in a Jailbreak? - BSides 2019 keynote
 
Ruxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration TestingRuxmon April 2014 - Introduction to iOS Penetration Testing
Ruxmon April 2014 - Introduction to iOS Penetration Testing
 
Evaluating iOS Applications
Evaluating iOS ApplicationsEvaluating iOS Applications
Evaluating iOS Applications
 
Slide Deck – Session 5 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 5 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 5 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 5 – FRSecure CISSP Mentor Program 2017
 
security_assessment_slides
security_assessment_slidessecurity_assessment_slides
security_assessment_slides
 
Tracing The Evolution Open Source & Embedded Systems - Mr. Jayakumar Balasubr...
Tracing The Evolution Open Source & Embedded Systems - Mr. Jayakumar Balasubr...Tracing The Evolution Open Source & Embedded Systems - Mr. Jayakumar Balasubr...
Tracing The Evolution Open Source & Embedded Systems - Mr. Jayakumar Balasubr...
 
Abdulkarim 1 and 2
Abdulkarim 1 and 2Abdulkarim 1 and 2
Abdulkarim 1 and 2
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
 
SOC-BlueTEam.pdf
SOC-BlueTEam.pdfSOC-BlueTEam.pdf
SOC-BlueTEam.pdf
 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
 
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
100 Security Operation Center Tools EMERSON EDUARDO RODRIGUES
 

Mehr von team-WIBU

Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
team-WIBU
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Security
team-WIBU
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Together
team-WIBU
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basics
team-WIBU
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
team-WIBU
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuity
team-WIBU
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenarios
team-WIBU
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practices
team-WIBU
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses More
team-WIBU
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
team-WIBU
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applications
team-WIBU
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magic
team-WIBU
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisive
team-WIBU
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...
team-WIBU
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevices
team-WIBU
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licenses
team-WIBU
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetite
team-WIBU
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptx
team-WIBU
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solution
team-WIBU
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
team-WIBU
 

Mehr von team-WIBU (20)

Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Security
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Together
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basics
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuity
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenarios
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practices
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses More
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applications
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magic
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisive
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevices
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licenses
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetite
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptx
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solution
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
 

Kürzlich hochgeladen

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Protecting IIoT Endpoints - an inside look at the Industrial Internet Security Framework

  • 1. Protecting IIoT Endpoints Industrial Internet Security Forum Thursday, October 6, 2016 Sunnyvale, California, USA Marcellus Buchheit, mabu@wibu.com Wibu-Systems USA Inc.
  • 2. Overview What is an endpoint? Why endpoint security? Security functions of an endpoint Implementing endpoint security 2
  • 3. What is an Endpoint? 3 The IIoT Landscape: Where are Endpoints? EP EP EP EP EP EP EP
  • 4. What is an Endpoint (II)? IISF and IIC defines endpoints similar as ISO/IEC 24791-1:2010 standard does: • An endpoint is one of two components that either implements and exposes an interface to other components or uses the interface of another component. 4 IIC simplified this definition (see IIC Vocabulary, version 2.0): • An endpoint is a component that has an interface for network communication. … but added a note for clarification: • An endpoint can be of various types including device endpoint or an endpoint that provides cloud connectivity. Endpoint 1 Endpoint 2 Communication
  • 5. What is an Endpoint (III)? 5 The IIoT Landscape: Endpoints are everywhere! EP EP EP EP EP EP EP
  • 6. What is an Endpoint (IV)? Summary: • Endpoints are everywhere in an IIoT System (including edge and cloud) • One single (security) model for all locations • A single computer, even a device, can have several endpoints • Example Router: One LAN endpoint, one WAN endpoint • Frequently shared code/data between multiple endpoints • Endpoint and its communication are another model 6
  • 7. Why endpoint security? Endpoints are the only location in an IIoT system where: • Execution code is stored, started and updated • Data is stored, modified or applied (“Data at Rest” / “Data in Use“) • Communication to another endpoint is initiated and protected • Network security is analyzed, configured, monitored and managed 7 Result: An attack to an IIoT system typically starts in attacking one or more endpoints: • Try to access the execution code and analyze to find weak security implementation • Attack weak communication protection via network • Modify or replace (“hijack”) the execution code in a malicious way • ...
  • 9. Threats and Vulnerabilities to an IIoT Endpoint 9 1. Hardware components 2/3. Boot process 4. Operating System 5. Hypervisor/Sep. Kernel 6. Non-OS Applications 7. Applications and their API 8. Runtime Environment 9. Containers 10. Deployment 11. Data at Rest, Data in Use 12. Monitoring/Analysis 13. Configuration/Management 14. Security Model/Policy 15. Development Environment
  • 10. Endpoint security: Solutions • Start with a clean design of the security model and policies • Define endpoint identity, authorization, authentication • How other endpoints see me? What can they do with me? • Define proper data protection model • Integrity and confidentiality, especially of shared data-in-rest but also data-in-use • Define secure hardware, BIOS, roots of trust • Includes lifetime of hardware, BIOS update, consistent root of trust • Select secure OS, hypervisor, programming language • Consider lifetime of (open source?), dynamic of programming language • Consider isolation principles (4 different models explained in IISF) • Plan remote code update and provide code integrity • Security has an unspecific expiration date: needs update • Code integrity prevents malicious remote code-hijacking 10
  • 11. Endpoint security: Solutions (II) • Plan “beyond the basics” security instantly • Plan security configuration and management • For example: defining, replacing and updating of keys and certificates • User-friendly setting of access rights and authorization • Plan endpoint monitoring and analysis • For example: log all security configuration changes • Log all unexpected remote activity • Provide user-friendly analysis, alerts etc. • Implement “state of the art”: • Have a team of experienced security implementers • Use latest versions of development tools, OS, hypervisors, libraries • Test a lot, including malicious attacks • Prepare and test your first remote update 11
  • 12. Questions and Answers • Please send your comments and questions to: Marcellus Buchheit, Wibu-Systems USA, mabu@wibu.com 12