Three main risks that prevent companies from adopting IIoT solutions

  /  ICS Security   /  Cybersecurity   /  Three main risks that prevent companies from adopting IIoT solutions
cybersecurity

Three main risks that prevent companies from adopting IIoT solutions

The Industrial Internet of Things (IIoT) has brought a lot of benefits and disruptive innovations. Despite this, there are 3 main IIoT project risks that prevent companies from adopting IIoT solutions:

  • IIoT security;
  • lack of open standards;
  • integrating legacy M2M/OT equipment with IIoT applications.

Driverless cars, fitness trackers, smart manufacturing, precision farming, connected clothing, smart meters that measure utilities, smart sensors to detect mechanical failures, medical devices that can monitor diseases – everywhere you look around the globe there is talk about the Internet of Things.

IIoT’s potential is endless. It changes the way that businesses, government agencies and consumers operate and interact to drive new business opportunities; it increases profits, lowers operating costs and increases productivity . Demand for connected devices is growing exponentially. Many companies – from large, multinational enterprise to SMEs – are all looking to capitalize on this trend.

Let’s analyze the 3 major IIoT project risks and the way to avoid them. This would allow companies to start integrating IIoT solutions and embracing digital transformation.

IIoT security: the number one IIoT project risk

The main concern of companies adopting IIoT solutions is data security

One of the problems that companies are facing with the growth of IIoT is security. Connected devices are being developed at a very fast pace with a general lack of security standards or protocols. Companies must look for smart products with security in mind from day one when adopting IIoT solutions. This will avoid the risk of breach vulnerabilities.

Security is a major IIoT project risk and is today a more complex task. IIoT devices are connected and interconnected into a network and are designed to collect and store increasing amount of data – even sensitive ones. Moreover, smart devices need to connect to each other, to the Internet and to the cloud to exchange data. IIoT security issues must be addressed at all levels, from the edge to the cloud.  

In earlier years firewall perimeters and virtual private networks enabled IT security. The widespread use of mobile phones, connected applications and the increased level of sophistication of the attackers has led to breaches in those fortified perimeters.

Because of the lack of best practices, security could dramatically increase the cost of IIoT projects. Moreover, this lack of IIoT security has the potential to scare users away from adopting IIoT technologies.

If companies, government organizations and consumers cannot trust that their data is safe, they will become discouraged at the thought of adopting IIoT solutions and buy smart devices. Once the breaches begin, adoption of IIoT devices is sure to slow down.

Securing IIoT devices is not a simple task, especially when projects employ large, globally-distributed deployments. A single security product solution cannot enable end-to-end security: there is no silver bullet. It is essential to look at the entire system. Security must be a fundamental part of the overall architecture of an IIoT project, i.e. be built in, not added afterwards.

Lack of open standards

Most IIoT edge solutions are based on the integration of sensors, actuators, PLCs, field buses and protocols. Quite often, the specific combination of new and legacy OT technology is the first challenge to overcome when creating an IIoT solution.

For example, PLCs are normally connected through serial or LAN interfaces using field-bus communications protocols. While some of these technologies and protocols are open standards, there are literally hundreds that are proprietary and specific to vendors and vertical solutions. Examples in the industrial domain there are field protocols like Modbus or OPC UA, in transportation CAN, or in energy M-Bus.

Open standards allow a better integration between IIoT components

Since there are many different devices, operating systems and programming languages employed on edge infrastructures, the lack of open standards stands among major IIoT project risks. It represents a barrier for companies. They would think that adopting IIoT solutions is too complex and a waste of time and resources. 

Again, the IIoT security issue shows up when there is a lack of open standards. While plenty of standards exist in the traditional IT world, they have yet to be applied in a consistent manner; this would protect IIoT devices – deployed at the edge – from breach.

This means that there is a very vulnerable IIoT ecosystem with vendors using different hardware, software and third party services, as well as APIs and patch methods. To achieve IIoT security, there is the need to establish solid solutions for device discovery with secure identity, authentication and encrypted communications or the underlying protocols are subject to abuse.

Improper security of just one device could result in situations where many other devices in the network become vulnerable. To succeed with IIoT, end-to-end security must be a priority. Device manufacturers and software developers need a security model that has a foundation based on open and industry standards to ensure platform and vendor interoperability and incorporate best practices.

Connecting legacy equipment to IIoT

To enable IIoT solutions that integrate data collected in the field with enterprise IT applications, companies need to connect their legacy equipment (e.g. industrial machinery and PLCs, on-board and in-vehicle components, power meters, etc.) to the Internet.

The simplest, yet most expensive solution to ensure seamless integration between field equipment and IIoT applications is to replace the old equipment with new, IIoT-ready one. If a person wanted to remotely access and monitor his home heater, he could replace it with a more recent one. The new one would integrate an IIoT gateway that can send temperature, consumption and other useful data to my smartphone and make them accessible on the vendor’s mobile app.

This is a so-called “greenfield” solution, and is ideal for newborn companies. For the vast majority of companies, to completely replace the old equipment is way too expensive; there is the need to adapt it to the IIoT project requirements. It is therefore necessary to retrofit field assets with sensors or IIoT smart devices and gateways. This again arises issues related to IIoT security or to the lack of open standards. 

Retrofitting legacy equipment a big challenge in the IIoT adoption

In industrial applications in particular, M2M machinery and components (such as sensors, actuators and PLCs) communicate with different protocols. The majority of sensors and IIoT gateway solutions are designed to target a specific set of protocols. This ends up having a crowd of devices with different protocols that need to be integrated and managed within the same IT/cloud application.

Read the full article here.

 

Post a Comment