240 likes | 248 Views
This workshop focuses on the security needs of the transport sector, specifically TRENITALIA and Athens International Airport, and explores the challenges and solutions in implementing IoT security in transportation. It discusses the increased vulnerability to cyber threats, the importance of operational efficiency and reliability, and the need for stronger network security to protect critical infrastructure.
E N D
CHARIOT-VESSEDIA Workshop “THE ROAD AHEAD FOR A COGNITIVE COMPUTING PLATFORM SUPPORTING A UNIFIED APPROACH TOWARDS PRIVACY, SECURITY AND SAFETY (PSS) OF IOT SYSTEMS” Security needs of the Transport Sector:TRENITALIA and Athens International AirportVasos Hadjioannou, EBOS Technologies CHARIOT-VESSEDIA Workshop 9 May 2019, Dublin, Ireland CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
The need of IoT Security in Transport (1/2) IoT enables the wireless intercommunication and information exchange of devices, bringing drastic changes in the railway and aviation industries: Increased vulnerability to cyber-threats Safety Operational efficiency and reliability Enhanced passenger experience Stronger and more robust communications network security required Hardly a day goes by without the media reporting a cyber-security incident or exposure of a risk somewhere in the world. Not only are attacks becoming ever-more sophisticated, but the potential damage that can result is growing, even physical damage to critical railway infrastructure such as signaling systems. Railway infrastructure can ill afford any successful cyber-attacks. Not just financial loss is at stake; lives can be put in jeopardy. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
The need of IoT Security in Transport (2/2) The transport network needs to be seen as an infrastructure that can be targeted by hostile activities. Security vulnerabilities can have major consequences Threat levels cover a wide range FROM TO • Injuries or deaths • Country destabilization • Feeling of insecurity • Discouragement from travelling. • Affects social links and the need for territorial planning. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Security Threats (1/6) All IT infrastructures and devices have a lot of common threats that can lead to vulnerabilities. These general threats can be divided into 3 groups: Human errors. The unintentional occurrence of a harmful event cause by the human factor.Awareness and knowledge required for users and personnel. Malicious activity. Actions performed with the objective to intentionally sabotage the target. System Failure. The unsuccessful performance of a system caused by internal or external events. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Security Threats (2/6) Malicious Actions • Denial of Service: Network resource made unavailable resulting in the slow, or none at all, service of an IoT node or network element. • Malware: • Execution of a malicious software without the consent or knowledge of the user • Infected nodes can affect interconnected devices. • Software Vulnerabilities: • Exploitation of a single software vulnerability. • Can provide the ideal conditions to infiltrate a larger spectrum of devices. • Network Interception: Unauthorized access to wireless network traffic during transmission. • Misuse of authority: Access, sharing or malicious use of sensitive information for personal interest. • Social Attacks: • Acquiring confidential information through social manipulation. • IoT brings people even closer to their devices, thus increasing the risk of having personal information leaked. • Tampering: Modification of physical device. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Security Threats (3/6) Human Errors System Failures • Leading cause of data and security breaches (~90% of cyber security problems). • Hardware failure • Negligence in system testing. • Most common is the mistaken data transmission. • Can be caused by natural phenomena. • A person can be tricked and allow an infiltration (e.g. phishing) • Unawareness of threats during system implementation. • Not necessarily malicious intent. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Security Threats in Transport Sector (4/6) Analysis of statistics and reports (incl. the transport section of the Cisco 2017 Cyber Security Report). 1. Advanced persistent threats 59% of transportation security professionals said that cloud infrastructure and mobile devices are among the most challenging to defend against attacks. 2. Lack of qualified personnel Half of transportation security teams reported having fewer than 30 employees dedicated to security. 29 % said the lack of trained personnel is a major obstacle to adopting advanced technologies and processes. 3. Data Breaches Half of transportation security professionals have already dealt with public scrutiny due to a data breach. In fact, 35 % said they see thousands of daily threat alerts, of which only 44 % are investigated 4. Outsourcing 50 % organizations outsource some or all their security tasks to offset a lack of internal expertise. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Security Threats in Aviation (5/6) • According to experts, the ground management systems offer more vulnerabilities than the plane systems. • The main vulnerabilities are identified with on-the-ground networks connected to planes that upload or download flight-related information • Hackers bombard aviation sector with over 1,000 attacks per month • Sweden Airports (2015) : A DoS attack was carried out on, raising alarm to NATO and other stakeholders to come in. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Security Threats in Railway Networks (6/6) • The evolution to interconnected IP-based systems along increasing usage of internet-connected devices increases the vulnerability of railway operators to cyber attack. • The modern railway systems are reliant on a wide variety of digital tools. • Resulting in wide variety of potential means to be attacked from. • The British rail network became the victim of cyber attacks 4 times in 2015. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
2016 • The South Korean National Intelligence Service said it had halted the attempt of hacking the railway workers and close their e-mail accounts. • Hackers violated the websites of the Swiss Federal Railways exposing the vulnerability of the portals to online attacks. Switzerland were using the ERTMS (European Railway Traffic Management System) • In India, Al-Qaida hacked the Railnet page of the Indian railway along replaced the intranet created for the administrative needs of the department and left a distinctive message. • In UK Rail, hackers gained access into the system and disrupted the operations for some time. 2018 • A DoS attack hit the Danish State Rail, paralyzing several operations including the communication infrastructure and ticketing system. The attackers also took offline control of telephone infrastructure and mail system. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
CHARIOT and Security in Transport (1/4) One of the major European railways company, 100% owned by the Italian State. • Responsible for the management for long-haul and regional passengers transport Organized into two major divisions • National and International Passengers Division (long distance transport services) • Regional Passengers Division (local transport services) CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
CHARIOT and Security in Transport (2/4) CHARIOT will monitor the data traffic between the on-board IoT sensors (installed in the mechanic and electronic equipment of the train) and the Dynamic Maintenance Management System (DMMS) CHARIOT is responsible for: • Early detection of anomalous data communication (distorted data) • Early detection of unauthorized IoT devices (Gateway blockchain and SE checks on sensors’ firmware) • Early alerting for potential security violation (notify the security manager) • Determine when maintenance is needed (to prevent failure and downtime) Which is turn will: • Increase operational efficiency • Reduce of risk to passengers & personnel • Create a safe and efficient operating environment CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
CHARIOT and Security in Transport (3/4) • Central connecting hub of Greece’s domestic airline and passenger traffic. • Greece’s main gateway to the rest of the world International airports in general are considered high profile targets Exposure to a large number of multinational airlines, passengers and companies CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
CHARIOT and Security in Transport (4/4) Monitor IoT devices and communication in an airport environment CHARIOT is responsible for: • Provide an intermediate security & safety layer where by checking and evaluating the metrics coming from the sensors • Detect unusual patterns of signals from the IoT devices and identify potential cyber threats. • Resulting in enhanced protection from physical & cyber threats • Early detection & prediction of hazardous situations • Reducing the false positive alarms • Guarantee the comfort and safety of the people located to the airport (travellers and employees). CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Protective Actions (1/4) Security is everybody’s responsibility • Terrorism • Organized Crime • Cyber Threats • Insider Threats WHO are the Enemies ? Recognizing the Reality WHICH & WHAT are the Threats ? • Utilize the adaptive security • Implement solutions oriented to security • Follow processes and management procedures Identifying Protective Actions CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Protective Actions (2/4) Utilize the adaptive security Traditional Security Vs Adaptive Security Traditional security services are no longer enough for today's modern business. Adaptive security provides real-time network security monitoring that scrutinizes the network for anomalies, malicious traffic and vulnerabilities. If a threat is detected, the system will automatically take the appropriate security measures to counter it. In an agile business environment that is increasingly exposed (on a daily basis) to threats, responding to incidents after they have happened can result in lost revenue and damaged reputations. Analyzes behaviors and events to adapt and protect against threats. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Protective Actions (3/4) Implement solutions oriented to security • Security is not added later to a software solution. It needs to be a part of it from the beginning. • In CHARIOT it was decided to use Blockchain Technology as the communication paradigm. • Technical solutions need to be accompanied by processes and management procedures that instill a culture of security in all employees. • Stay updated on both the threats of today and the means to protect against them. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Protective Actions (4/4) Follow processes and management procedures Enhance a resilient and secure operating environment for transport sector • Setting cyber-security as a top priority for safety. • Creating clear cyber-security policies in airports and rail networks ensuring enough allocation of resources to cybersecurity experts. • Continuously revising the existing policies of cyber-security on the basis of good monitoring practices. • Implementation of threat management and network-based processes and policies for cyber-security in transport. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland
Contact Details EBOS Technologies Vasos Hadjioannou vasosh@ebos.com.cy The projects CHARIOT & VESSEDIA have received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 780075 & No 731453. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland