220 likes | 229 Views
This workshop explores the need for IoT security in industrial building environments and discusses the state of the art in privacy, security, and safety supervision in IoT systems. It also presents the proposed solution of Chariot IPSE for addressing these challenges.
E N D
CHARIOT-VESSEDIA Workshop “THE ROAD AHEAD FOR A COGNITIVE COMPUTING PLATFORM SUPPORTING A UNIFIED APPROACH TOWARDS PRIVACY, SECURITY AND SAFETY (PSS) OF IOT SYSTEMS” IoT Security Needs in Industrial Building EnvironmentsBora Caglayan, IBM CHARIOT-VESSEDIA Workshop 9 May 2019, Dublin, Ireland CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
IBM Living Lab • IBM Ireland Campus and The Business Needs • CHARIOT IPSE and the Relevance for the State of the Art in Privacy, Security and Safety Supervision in IoT Systems • Final Remarks CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Number of network enabled Components is growing. Everything is getting smarter. • Buildings, cities • Airports, trains CHARIOT – 1st Workshop, 11 October 2018, Rome
In a connected World, the systems are exposed in surprising indirect ways! CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
IBM Living Lab Living Lab Requirements Business Problems Limited visibility and actionable insight from sensor data. Multiple protocols for different sensors. No unified topological view of the “system of systems”. Current Setup IBM Technology Campus is a 100-acre site situated in northwest Dublin. It is comprised of 6 main buildings that occupy a total approximate area of 65,000 sqm and which accommodate approximately 3000 staff members. The campus has thousands of IoT sensors reporting to multiple safety and workspace management systems. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
IBM Living Lab Living Lab Requirements Current Setup CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
IBM Living Lab Living Lab Requirements Current Setup CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
IBM Living Lab Living Lab Requirements Business Problems Limited visibility and actionable insight from sensor data. Multiple protocols for different sensors. No unified topological view of the “system of systems”. Current Setup IBM Technology Campus is a 100-acre site situated in northwest Dublin. It is comprised of 6 main buildings that occupy a total approximate area of 65,000 sqm and which accommodate approximately 3000 staff members. The campus has thousands of IoT sensors reporting to multiple safety and workspace management systems. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
IBM Living Lab Living Lab Requirements • New Functionality Requirements: • Plug sensors to cloud via IBM Cloud services • Audit capability • Checking updates • Easy to implement different safety scenarios. • Generate a digital twin of the campus environment with logical dependencies CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
State of the Art in Safety Systems for Industrial IoT in Cloud CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
State of the Art in Safety Systems for Industrial IoT: • Machine learning centrally with rule based systems on edge. • Shortcomings: • Single point of failure. • Inconsistencies in systems are not tracked. • No machine learning on edge. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Proposed Solution of Chariot IPSE • CHARIOT IoTL: • IoTL Provides a DSL to define the metadata of an IoT Deployment and share with the nodes in the system topology and active policies and deploy to any edge node. • Inconsistencies in IoT setup are tracked and automatically resolved. • Safety alerts can be easily propagated in the system. CHARIOT – 1st Workshop, 11 October 2018, Rome
Proposed Solution of Chariot IPSE • Anomaly Detection in IoT Readings • Rule based: • Use rules (Example Temperature < 25). • Machine Learning Based • Forecast the value of the timeseries using one or more time series. • Observe abnormal performance over time. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Proposed Solution of Chariot IPSE Near- Real Time Anomaly Detection Loop in CHARIOT Rule based enforcement example: define sensor tempTest enforce [tempTest < 25] ... Machine learning based anomaly detection example: plug adbasiclstm (tempTest) enforce adbasiclstm ... CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Proposed Solution of Chariot IPSE CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Problem • State of the Art in Privacy Systems for Industrial IoT: • There is no privacy enforcement standard for IoT Systems and no IoT solution privacy enabled by design. • Shortcomings: • Data leaks are not audited or audited ad-hoc. • With the implementation of GDPR in Europe the loss and leak of sensitive data is a business critical problem for all industries. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Proposed Solution of Chariot IPSE • Runtime privacy engine and service is a part of the CHARIOT architecture that ensures the data transmitted from the safety critical system to the IoT will not compromise sensitive information. • The Privacy Engine analyses a model of the interactions between the controlled safety critical system and the IoT system by using model-based information security techniques to ensure that no sensitive information will be exposed in locations where it can be accessed by third/unauthorized parties. • Privacy engine uses the IoTL for CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Problem • State of the Art in Firmware Security for Industrial IoT: • The firmware checking is done ad-hoc in current systems. • Shortcomings: • A firmware provided by a malicious entity can cause significant problems to the IoT network. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Proposed Solution of Chariot IPSE • The output of Security Engine will indicates the security status of the analysed firmware. • It sends a warning message to the system operator / external IT security department when any security related issue arises. A confidence measure is sent with the output prediction. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Final Remarks • Security, safety and privacy are three interlinked concerns for critical IoT systems. • Unified approach proposed by CHARIOT will enable addressing these concerns on system of systems level. • The proposed domain specific language in CHARIOT Project will enable keeping the state of the system consistent and enable enforcing complex distributed rule based and machine learning based alert mechanisms. • Chariot H2020 project will address these important issues and evaluate them in three different settings IBM Ireland Campus, Trenitalia and Athens Airport. Stay tuned for updates! https://www.chariotproject.eu/ CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Contact Details IBM Bora Caglayan bora.Caglayan@ibm.com The projects CHARIOT & VESSEDIA have received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 780075 & No 731453. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland