Abstract
The Industrial Internet of Things (IIoT) has been positioned as a key pillar of the Industry 4.0 revolution, which is projected to continue accelerating and realizing digital transformations. The IIoT is becoming indispensable, providing the means through which modern communication is conducted across industries and offering improved efficiency, scalability, and robustness. However, the structural and dynamic complexity introduced by the continuous integration of the IIoT has widened the scope for cyber-threats, as the processes and data generated by this integration are susceptible and vulnerable to attacks. This article presents an in-depth analysis of the state-of-the-art in the IIoT ecosystem from security and digital forensics perspectives. The dimensions of this study are twofold: first, we present an overview of the cutting-edge security of IIoT ecosystems, and second, we survey the literature on digital forensics. The key achievements, open challenges, and future directions are identified in each case. The challenges and directions for future studies that we identify will provide important guidance for cybersecurity researchers and practitioners.
1 INTRODUCTION
For the past decade, the Internet of Things (IoT) has been embraced as a futuristic concept with a diverse focus cutting across numerous domains of information and communication technology (ICT) [1]. This trend has always been characterized as both a disruptive technology and a major player in the provision of effective services and communication. Indeed, the influence of the IoT has been felt across many application domains [2]. The emergence of Industry 4.0, with its focus on automation and manufacturing technologies, has acted as an enabler of cyber-physical systems (CPS) and the IoT [3, 4]. The major sectors that have benefited as a result of IoT proliferation include transport systems, healthcare, home automation systems, smart cities, and autonomous vehicles [5]. Industry 4.0 has the potential to optimize logistics, automation of equipment, smart manufacturing techniques, the IoT, and cloud systems. Additionally, while the number of IoT devices in use has increased, a more pertinent issue is the integration with CPS, as supported by various vendors and providers of IoT-based platforms. This has led to the development of IoT-based ecosystems that are mainly composed of “things” and service providers who ensure interoperability across IoT-based environments [6].
Leveraging the IoT to realize industrial tasks centered on Industry 4.0 goals such as smart transportation, smart manufacturing, smart energy management, service, and automation, constitutes the Industrial IoT (IIoT). In this context, the domain of the IIoT ranges from machine-to-machine (M2M) applications to the dynamics of industrial communication [7, 8]. Notably, the relevance of exploring IIoT ecosystems and their constituents is intended to propel Industry 4.0 objectives by operationalizing technology across diverse information technology domains [7]. The ultimate goal is for devices to become pervasive, as the majority of IoT-based devices possess powerful computing capabilities.
IIoT ecosystems play a significant role in collaborative communication as a means of achieving the desired Industry 4.0 objectives. For example, IIoT ecosystems have a consistent need for reliable application-centric processes as far as digital connectivity and data decisions are concerned. This is because the realization of day-to-day Industry 4.0 strategies requires a more secure and resilient approach during inter-process communication. It should be noted that IIoT ecosystems have also led to the diffusion of heterogeneous environments over which massive data and applications are exchanged on a daily basis, with little regard to safety and other ramifications.
While the IIoT spectrum has seen significant diversification through the emergence of prolific ecosystems, it is worth noting that critical aspects such as emerging configurations, applications, and resource migration have not been able to match the ever-changing IoT landscape. Regardless, to ensure the security of IIoT ecosystems, it is vital to enforce continuous, effective, and secure communication, given that both the IIoT and Industry 4.0 have the objectives of robustness, scalability, and security. Consequently, the current IIoT requirements and technological advances geared toward realizing Industry 4.0 goals have created the need to enforce secure communication and post-incident response strategies as a means of achieving secure, efficient, and reliable industrial processes. Sengupta, Ruj, and Bit [9] identified several security limitations that are still yet to be overcome. While there is a large body of literature focused on the IIoT as a whole, our study is entirely focused on the security and digital forensics aspects of the IIoT, which in our view pose serious research challenges. The IIoT is a novel and still emerging phenomenon, and given the structural and dynamic complexity involved in the integration of IIoT systems, there exist many unknown vulnerabilities and attacks, and there is a limited range of digital forensic processes, methodologies, and tools that can be used to address attribution problems in digitized IIoT ecosystems. The uniqueness of the present survey lies in its integrated consideration of both security and digital forensics.
1.1 Motivation and Research Gaps
With the growing number of devices and enhanced connectivity, there is a need for effective and secure control and management systems. In this regard, the interplay between operational technology (OT) and information technology (IT) is necessitated by the need for effective and secure communication and control techniques. As a result, the tenets of Industry 4.0 have led to the development of several trends in automation technologies for manufacturing industries, which have further enabled the integration of the IoT, IIoT, and CPS across cyberspace [3, 4]. These technologies, however, face a number of complexities associated with dynamic ecosystems [10], emergent behaviors, industrial systems, security challenges [7, 11], and reactive and proactive digital forensic challenges in the IIoT [12, 13]. Such complexities, which in the context of this study represent obstacles that hinder the achievement of system targets [14], lead to the possible emergence of vulnerable points in IIoT ecosystems. These vulnerabilities further exacerbate the perennial and diverse security and digital forensics challenges introduced by the proliferation and integration of automation technologies.
1.2 Contributions
Various previous studies have considered the IIoT and security [15, 16, 17, 18, 19, 20, 21, 22, 23], but at present, no significant research results are available that provide guidance on how to evaluate the security and digital forensics ramifications of the interplay between OT and IT associated with the proliferation of the IIoT. To address these challenges, this article presents a comprehensive review of security and digital forensics in IIoT ecosystems. The main contributions of this article can be summarized as follows:
– | First, this study provides an in-depth analysis of relevant research on IIoT ecosystems from the perspectives of security and digital forensics. We identify and address pertinent research limitations in IIoT ecosystems by highlighting the relevant security requirements, weaknesses in the IIoT, and the present state of protocols, architectures, and standards, as well as proposing ways to strengthen these technologies. | ||||
– | From a holistic viewpoint, this study illustrates the key IIoT security achievements with the actualization of Industry 4.0. In particular, we explore key management strategies, edge and fog security, and the essence of the blockchain. | ||||
– | While this study has a strong emphasis on the realization of the IIoT and its impact, we also explore state-of-the-art studies in IIoT forensics and identify several key challenges. | ||||
– | We explore open problems in security and digital forensics and discuss possible high-level solutions. Finally, we provide a contextual evaluation of this study and identify avenues for future work. |
The remainder of this article is structured as follows: Section 2 provides an overview, describing the scope of the present study, as well as related work with regard to the IIoT. This is followed by an explanation of IIoT ecosystems in Section 3. An overview of IIoT security, including security requirements, security weaknesses, and security standards, is presented in Section 4. Cutting-edge research results on the security of the IIoT are reported in Section 5. This is followed by a presentation of state-of-the-art investigations in IIoT forensics in Section 6. Open challenges are discussed in Section 7. Finally, future directions and conclusions are summarized in Sections 8 and 9, respectively. An overview of the entire article in terms of sections, subsections, and main concepts is shown in Figure 1.
2 SCOPE AND RELATED WORK
The scope of this study is determined by the assumption that the amalgamation of IoT-based techniques with industrial processes represents the realization of a smart manufacturing concept, herein referred to as Industry 4.0. Within the context of Industry 4.0, connected devices and processes are automated in a fashion that enables them to realize quick and efficient production. Although the concepts of the IoT, the IIoT, and Industry 4.0 may not be used interchangeably [7], we explore relevant studies in all three areas, with the aim of identifying gaps that exist in research on the security and digital forensics of IIoT ecosystems. Table 1 summarizes previous surveys of security and digital forensics relevant to the IoT, the IIoT, and Industry 4.0 [15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28]. Note that the current study mainly considers the IoT and IIoT; however, where necessary, Industry 4.0 is referenced. The uniqueness of this research stems from the fact that it explores security achievements, the need for application-specific standards, IIoT-enabling technologies, and proactive and reactive digital forensic models that are tailored to post-event response strategies in IIoT ecosystems.
REF | Year | IoT | IIoT | Security | Digital forensics | Focus |
---|---|---|---|---|---|---|
[24] | 2021 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Attacks exploiting hardware vulnerabilities and deep learning detection approaches in the IIoT |
[15] | 2021 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Characterizes CPS architectures and models in an industrial environment |
[12] | 2021 | \(\times\) | \(\checkmark\) | \(\checkmark\) | \(\checkmark\) | Emphasizes the need for IIoT forensics |
[16] | 2020 | \(\checkmark\) | \(\checkmark\) | \(\checkmark\) | \(\times\) | Explores current challenges and searches for the future IoT |
[17] | 2020 | \(\checkmark\) | \(\checkmark\) | \(\checkmark\) | \(\times\) | Studies how fog computing can be leveraged to improve the security of IIoT |
[25] | 2020 | \(\checkmark\) | \(\times\) | \(\checkmark\) | \(\times\) | Explores relevant technologies essential for the growth of Industry 4.0 |
[26] | 2020 | \(\checkmark\) | \(\times\) | \(\checkmark\) | \(\times\) | Investigates existing tools and techniques for modeling attacks on the IoT and their key limitations |
[18] | 2019 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Evaluates the current state of the IIoT. |
[27] | 2019 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Industry 4.0 as a turning point for smart manufacturing and a defeat for centralized applications |
[19] | 2018 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Explores the IIoT, cloud, and edge from the CPS perspective |
[20] | 2018 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Highlights intrusion and attacks on the IIoT and generates a comparative analysis |
[21] | 2018 | \(\checkmark\) | \(\checkmark\) | \(\times\) | \(\times\) | Focuses on the importance of edge and fog frameworks in supporting automation |
[22] | 2018 | \(\times\) | \(\checkmark\) | \(\times\) | \(\times\) | Provides insights on the IIoT based on analyzed data |
[28] | 2018 | \(\checkmark\) | \(\checkmark\) | \(\checkmark\) | \(\times\) | Presents an analytical framework to enumerate and characterize the IIoT and analyze security threats and vulnerabilities |
[23] | 2015 | \(\checkmark\) | \(\checkmark\) | \(\checkmark\) | \(\times\) | Explores security issues and suggests a holistic security framework for the IIoT |
Boyes et al. [28] highlighted the relevance of the IIoT and associated relationships and concepts, such as CPS and Industry 4.0. They also presented a framework for analyzing the IIoT and an IoT-based taxonomy for enumerating and characterizing the IIoT while exploring security threats, vulnerabilities, and system architectures. As noted by Oztemel and Gursev [25], Industry 4.0 is part of the smart networked environment and an enabler of real-time CPS. It is also responsible for the management of complex systems, where safety and security are key to successful implementation. It has been shown that Industry 4.0 has a disruptive impact on companies, where it is seen as a threat to the security of conventional centralized technologies [24]. Other research with a focus on IoT/IIoT has illustrated the effects of various types of attacks, such as software attacks that exploit hardware vulnerabilities in IIoT. While such studies have explored malicious attack vectors in the IoT/IIoT, reactive forensics techniques have received little attention. Existing attack models and architectures have been comprehensively examined [26] alongside further assessment of the challenges related to secure application design in the IoT. While this research has identified essential approaches in the IIoT, post-incident response strategies have not been considered, although secure strategies that can be adopted have been listed as key aspects. In identifying the challenges and opportunities facing the development of a secure IIoT, the component lifespan and number of devices needed for deployment, configuration, and management of the IoT and IIoT, as well as IT/OT and human-centered factors that affect the IIoT, have been investigated in detail [29]. This research has suggested the IIoT is at greater risk of attack compared with the consumer IoT. In addition, the challenges in supervisory control and data acquisition (SCADA) forensics have been highlighted as a lack of forensic models and tools, a lack of live forensics, volatility in memory, limited logging, and challenges associated with current forensic tools [30]. In our opinion, these shortcomings exacerbate the security and forensic challenges addressed in this survey.
This article presents a comprehensive review of state-of-the-art studies on the IIoT from the perspective of security and digital forensics. Table 1 lists previous relevant review articles, indicating the scope and main focus of each one. The ultimate aim of the present study is to address the essential aspects of secure communication and post-event response strategies in IIoT ecosystems while highlighting the remaining challenges according to the layered architecture in Figure 2. The scope and focus of previous studies, as shown in Table 1, illustrate the intricacies that determine the success or failure of an IIoT ecosystem. From a security perspective, the present review focuses explicitly on the intrinsic existence, resilience, and robustness of IIoT ecosystems. It should also be noted here that the variations in the scope of previous studies demonstrate the propensity for inconsistencies in the definition of IIoT ecosystems.
Overall, previous studies have not comprehensively considered digital forensics in the context of the IIoT, owing to the limitations of the standard methodologies and tools for conducting digital investigations on the IIoT. As a consequence, there remain longstanding security and digital forensics challenges, which are being exacerbated by digital proliferation and integration (see Table 1). This study differs from previous work in its extensive exploration of both proactive and reactive approaches in IIoT ecosystems. Notably, it provides an extended scope that, through contextualized descriptions, is able to show the impact of fusing specific emergent technologies.
3 IIoT Ecosystems
The context of the IIoT, although dynamic, is based on the interrelationship of components and communication, and the diversification, proliferation, and interoperability mechanisms of the constituent parts. There are different views of what constitutes an IIoT ecosystem. We consider an IIoT ecosystem to be a fusion of technologies that utilizes process automation approaches to achieve efficient manufacturing strategies [31]. Through a coordinated approach, IIoT tasks incorporate network augmentation, IoT-based applications, and CPS to enhance convenience, efficiency, and personalization of tasks [32, 33]. Figure 2 shows the layered architecture of the IIoT, including potentially vulnerable layers. For example, the perception layer is vulnerable to node capture attacks, timing attacks, eavesdropping, encryption, and key agreement. The network layer is vulnerable to integrity, confidentiality, and availability attacks. The control layer, however, is tasked with controlling the physical systems and processes in the industrial environment. It consists of control algorithms, industrial equipment management, SCADA systems, distributed control systems (DCS), programmable logic controllers (PLCs), human-machine interface (HCI), and maintenance actions. The control layer can be vulnerable to active adversarial attacks in control algorithms [34, 35], infrastructure attacks [36], and integrity attacks, while the application layer has vulnerabilities based on cloud security and encryption strategies [37]. It is worth noting that security vulnerabilities span more layers of other IIoT architectures. For instance, in the IIoT five-layer architecture, the key agreement strategies introduce vulnerabilities in the business layer [20]. This study focuses on the vulnerabilities introduced in the basic three-layer IIoT architecture.
The fusion of IoT processes with industrial processes supports the digital ubiquity and automation of advanced robotic techniques, edge computing, smart industries, the application of machine learning technologies, and the leveraging of CPS and IoT-based techniques. These trends are intended to digitize and propel the Industry 4.0 transformation. In the context of this article, Industry 4.0 is taken as an already-realized revolutionary industrial technology that relies on digital technology to achieve its objectives (e.g., real-time access to data of CPS, the IoT, and the IIoT), while Industry 4.0 transformation is taken to depict an umbrella revolution with continuously emerging technologies and concepts that allow key objectives to be realized. The overarching objective is to guarantee process automation and data exchange across manufacturing systems with the support of technologies such as artificial intelligence (AI), cognitive processing, and cloud computing [31]. While IIoT and M2M applications are envisioned as the enablers of Industry 4.0 [38], the IIoT ecosystem requires the backing of fused technologies for smart industries or Industry 4.0 for its full realization.
According to Schmid et al. [39] and Broring et al. [40], an ecosystem is a cross-platform, cross-standard, and cross-domain entity that provisions IIoT services and applications. By contrast, Mazhelis, Luoma, and Warma [41] see it as the interconnection of a global network with a service infrastructure that has a self-configuration capability over interoperable protocols with a number of roles [42]. Similarly, Westerlund, Leminen, and Rajahonka [43] view an IIoT ecosystem as having techno-economic as well as human-centric aspects that play a significant role in determining what things do within a connected environment [43]. Delicato et al. [44] perceive an ecosystem to be able to integrate heterogeneity to realize real-time data collection and control mechanisms with the visualization, processing, and storage of data. It is thus evident that an ecosystem is dependent on resources, technologies, platforms, standards, and processes. Madaan, Ahad, and Sastry [45] suggest that for an IoT ecosystem, such as a smart home, the acquired data that are aggregated to guarantee quality of service are of critical importance [46, 47].
Consequently, an IIoT ecosystem’s objective is centered on optimizing production processes through monitoring and analysis while targeting effective outcomes [45]. From the perspective of processing, this is a reflection of how future supply chains will operate as a result of the integration of information systems with operational processes in factories [48]. Other pertinent existing research illustrates that IIoT ecosystems co-exist with smart technologies, where a pool of network devices collaborate to extract and share digital data with the ultimate goal of boosting production [49]. On a similar note, the need for a dynamically digitized IIoT ecosystem has been highlighted by Skwarek [50], in which the digitization of industrial processes is subsumed into smart entities for the purpose of creating a highly dynamic reconfiguration of production processes.
The core foundation on which IIoT ecosystems thrive has been attributed to CPS. This is mainly due to the capability of CPS to monitor and control physical processes, which ultimately forms the basis for smart factories [23]. The relevance of this is that smart factories can dynamically arrange and optimize processes while processing the generated data [51, 52]. Mazhelis, Luoma, and Warma [41] portrayed an ecosystem as a hub-centered structure created on an IoT-based setup, which can also be viewed as a business ecosystem [53, 54]. This forms part of what constitutes the day-to-day use of the IoT and its application as services to be provisioned. For example, the movement of data and normal services can easily be strengthened and trust increased by leveraging the blockchain [55, 56]. Other uses include software-defined networks (SDNs) [57], event management for IIoT ecosystems [53], digital construction to transform expectations with the emergence of Industry 4.0 [58], and crowd-sensing techniques for enhancing data processes and agility [59].
3.1 IIoT versus IoT
The IIoT and the IoT are distinct concepts that also share some similarities. They are based on similar principles of connecting diverse devices to the Internet, but they differ in scope of application and purpose. The IIoT, which can be seen as a subset of IoT, employs sophisticated devices equipped with sensors and processors that have connectivity capabilities that allow them to collect, analyze [68], optimize, and act on data [63] in real-time in the industrial sector, with the aim of improving efficiency in production. However, the IoT is a network of interconnected devices that can communicate using the Internet to gather, analyze, and share data, and that are mainly consumer products. Although the IoT utilizes sensors and other embedded technologies to collect and exchange data over the Internet, IIoT systems are able to integrate a variety of sensors and actuators with sophisticated software to monitor and control production processes [60].
Table 2 summarizes the technical differences between the IIoT and the IoT system in terms of a number of parameters: focus, communication, scale, amount of data [63], security perspectives, standards and protocols that are leveraged, areas of application, connectivity, differences in devices, and quality of service [46, 47]. The main focus of the IIoT is on connecting and integrating industrial devices to optimize industrial processes, and it uses wired and wireless networks, low latency networks, WiFi, Bluetooth, and Ethernet to provide reliable and real-time communication. It is deployed on a larger scale than the IoT, with thousands of devices in industrial settings, and it generates and uses large amounts of data to optimize industrial processes. The latency tolerance is higher for IoT devices basically due to the limitation in bandwidth and other resources. This makes real-time response unrealistic, hence making IoT devices able to tolerate delay during transmission. However, IIoT systems generally require low-latency owing to the fact they are used in real-time process control and monitoring. In addition, to allow smooth and efficient operations, industrial processes and equipment rely on low latency data transmission [69, 70].
Parameter | Industrial Internet of Things (IIoT) | Internet of Things (IoT) | Related research |
---|---|---|---|
Focus | Connects and integrates industrial devices (manufacturing, logistics, etc.) | Connects everyday devices and appliances (smart home, wearables, etc.) | [60] |
Communication | Uses wired and wireless networks, low latency, WiFi, Bluetooth, Ethernet | Uses WLAN with lower reliability, high latency, cellular networks, WiFi, Bluetooth | [61] |
Scale | Large scale, thousands of devices in an industrial setting | Small scale | [62] |
Data | Large amounts used to optimize industrial processes | Relatively small amount collected for personal use (fitness tracking, home automation, etc.) | [63] |
Security | Higher levels, protects critical industry infrastructure | Relatively low, protects personal information and unauthorized access to devices | [23, 64] |
Standards/Protocols | Protocols such as OPC UA, MQTT, and COAP meet industrial requirements | Wider variety, such as HTTP, TCP/IP, Zigbee, Z-Wave, and LoRaWAN, are used in variety of applications | [65] |
Applications | Predictive maintenance, manufacturing, process optimization, energy, transport, etc. | Consumer, personal, and commercial settings | [66] |
Connectivity | Specialized, high-bandwidth, real-time monitoring of ICS | Variety of low-power, low-bandwidth wireless connectivity | [61] |
Devices | Rugged and designed for industrial environments, e.g., industrial sensors, actuators, and controllers | Designed for consumers, found in homes, cars, smartphones, and public spaces | [67] |
Quality of service | Reliability and real-time delivery | Based on best-effort delivery | [46, 47] |
Reliability | Important, but not a primary concern | High reliability is critical for safety and productivity | [46, 47] |
Security is a key parameter that reveals the similarities and differences between the IIoT and IoT. Given that the IIoT operates within industrial environments such as oil and gas refineries, power plants, and water supplies, high device security is necessary to protect critical infrastructure [23, 64]. Security is also essential in consumer-based devices, and both the IIoT and IoT may be subject to regulatory compliance, which means that security measures need to be increased.
IIoT systems often need to operate in manufacturing plants with data being collected and processed in a near real-time manner with minimal latency, and it is essential that delays in these processes be prevented to avoid disruption to production. Downtime failures in IIoT systems could also have significant adverse consequences. Thus, real-time processing, critical system reliability, and seamless system integration impose upon the IIoT a requirement for the prevention of delay that, in particular, differentiates it from the IoT [71, 72, 73].
The IIoT uses specialized protocols such as MQTT, CoAP, LoRaWAN, and 6LowPAN to meet industrial requirements for specialized, high-bandwidth, and real-time monitoring of industrial control systems (ICS). It also uses devices such as sensors, actuators, and controllers that are suitably rugged for industrial environments and that provide an adequate quality of service [65].
4 IIoT Security: Overview
The transition from conventional and proprietary-based communication techniques to industrial automation processes represents a paradigm shift. In the current state-of-the-art, ecosystems embrace IoT environments that connect to smart environments, relying on sensors, actuators, timely controllers, and SCADA services [38]. This aspect of system digitization in readiness for Industry 4.0 requires secure technologies and standards. Furthermore, this integration opens up a threat landscape, with increased vulnerabilities that, from a security perspective, could lead to attacks on smart factories and compromise production processes [23, 74]. In this section, we explore the security requirements of IIoT ecosystems, weaknesses in the IoT and IIoT, and the state of the protocols, security architectures, and standards employed in the IIoT.
4.1 Security Requirements in IIoT Ecosystems
Given the convergence of industrial OT with IT, there has been a paradigm shift in IIoT ecosystem complexity and sophistication. As a result, the potential for cyber-attacks has increased [75]. This subsection assesses several industry-specific critical security requirements.
ICS are associated with the control and monitoring of key critical infrastructure and SCADA in industry. The continued integration of industrial production processes in the IIoT makes these systems susceptible to attacks. The security requirements in the IIoT are mainly positioned to address how secure programmable logic controllers (PLCs) maintain control of the physical processes, how sensor data are protected from attacks, how production processes can be optimized, how remote monitoring strategies can be secured, and how CPS integrity and confidentiality can be maintained.
To enforce secure communication strategies in the IIoT, it is imperative to identify how the state of security has been altered in the transition from conventional processing to the IIoT [23]. Taking general security requirements and goals as a baseline, the alterations to security requirements are summarized in Table 3.
No. | Security parameter | Challenges | Reference |
---|---|---|---|
1 | Availability | Tradeoff between security and availability during a potential attack | [76] |
2 | Encryption | Complexity applying encryption to diverse device firmwares | [76] |
3 | IIoT device integrity | IIoT devices have modified firmwares, and hence it is not easy to verify authentic ones | [76] |
4 | Security by design | Devices are not designed to be secure | [78, 79] |
5 | Insider threats | Social engineering, insider attacks, and human factors | [80] |
6 | Heterogeneity | The IIoT is becoming a larger network, with massive transmission, and more security issues are arising | [81] |
The existence and proliferation of diverse technologies make enforcing security across IIoT ecosystems more difficult. This is because of existing inconsistencies in the digitization of manufacturing processes in the quest to achieve Industry 4.0 objectives. In Table 2, there is a tradeoff between availability and security in the event that an IIoT ecosystem suffers an attack [76]. Normally, security solutions place a system offline when it is under attack, but this conflicts with the need to maintain availability [76]. Encrypting connections in an IIoT ecosystem, either at the application or network level, may need to be forwarded or verified in advance by IIoT devices. However, given that some IoT devices have diverse firmware, the strategy of encryption is somewhat complex [76, 77]. As IIoT ecosystems include diverse industrial devices, some of which have altered firmware, verifying the integrity of all devices is challenging. Other pertinent security requirements include the existence of diverse attack types, such as insider attacks on industrial units [78, 79]. The fact that IIoT devices are not built with security capabilities complicates the provision of secure strategies [80].
Consequently, heterogeneity among IIoT ecosystems continues to hinder the achievement of major security goals. In general, new security threats and vulnerabilities are constantly being detected or propagated through malicious content or misuse of data. This heterogeneity introduces formidable security challenges. For example, an effective IIoT ecosystem allows nodes and interaction-based processes that coordinate communication with the cyber-physical world. From a generic point of view, Bodei, Chessa, and Galletta [82] showed that communication should start from a given node and that data should be collected during this communication process. Hence, there may be a possibility of vulnerable nodes. As part of a major requirement to secure IoT systems and incorporate end-to-end security, authentication, and authorization, the enforcement of continuous security is key to preventing adverse attacks [83, 84].
A major bottleneck for IIoT ecosystems is the fact that trust between industrial units is not guaranteed. This stands out as a major issue, illustrating the need to incorporate secure technologies that offer solutions through the establishment of secure immutable channels to prevent potential attacks [85]. IIoT-based applications such as Amazon Web Services (AWS) have security mechanisms that allow secure connectivity of hardware and cloud authentication while exchanging messages. In this context, every layer of the AWS/IoT technology stack is coated with the Azure security feature, e.g., authentication for connecting any new IoT device using X.509 certificates, authorization and access control that highlights policies, and secure communication of traffic through encryption (SSL/TLS) [86]. This ensures that confidentiality is maintained for protocols such as MQTT and HTTP. Other potential solutions include the Azure IoT security architecture, which supports authentication (TLS protocol for encryption), authorization and access control (Azure active directory) for policy authentication [87], and SSL/TLS for integrity and confidentiality of information [87].
While the focus of this article is on IIoT security and digital forensics, IIoT and IoT also share some common elements, even though they differ in applications and use-cases. However, there are also security weaknesses that are common to both systems, and as such, it is important to highlight the security weaknesses in both IoT and IIoT ecosystems to provide a comprehensive understanding of the overall security landscape faced by these technologies. By comparing the security requirements and weaknesses of both IoT and IIoT, we can identify similarities and differences in their security postures and better understand the unique challenges and opportunities for improving the security of IIoT ecosystems.
4.2 Key IoT Security Weaknesses
Diversification and the multitude of devices and protocols within IoT environments have led to an increased number of security shortcomings. The current security weaknesses, as highlighted by the open web security project (OWASP) [94], are mainly concentrated in each of the IoT’s three layers (perception, network, and application). This subsection explores the key IoT security weaknesses based on the three-tier IoT architecture (see Table 4).
Layer | Key security weaknesses | Reference |
---|---|---|
Tampering and jamming attacks | [88] | |
Node capturing by adversaries | [88] | |
Perception layer | False data injection attacks | [88] |
Cloning of tags | [89] | |
Unauthorized access to systems | [89] | |
Protocol insecurity | [90] | |
RFID spoofing | [91] | |
Network layer | Sink-holing attacks | [89] |
Vulnerabilities in IoT devices | [92] | |
Communication weaknesses with nodes | [92] | |
Malicious code injections | ||
Sniffing attacks | [89] | |
Phishing attacks | ||
Application layer | Denial-of-service (DoS) attacks | [92] |
Buffer overflow attacks | [92] | |
Software-based vulnerabilities | [93] |
4.2.1 Perception Layer Weaknesses.
The current security shortcomings in the perception layer are mainly attributable to external sources. This includes targeted attacks that focus on the transmission among IoT nodes, which compromise confidentiality, integrity, availability, and authorization. The key weaknesses in this context, as listed in Table 4, are tampering and jamming attacks [88], nodes being captured by adversaries [88], injection of malicious data by adversaries [88], cloning of tags [89], and gaining unauthorized access to systems [89].
4.2.2 Network Layer Weaknesses.
At the network layer, adversaries have the ability to compromise confidentiality and integrity during the data exchange stage of end-to-end communication. The key weaknesses in the network layer include protocol insecurity [90], RFID nodes [91], spoofing, sink-holing attacks [89], communication bottlenecks with nodes [92], and man-in-the-middle (MITM) attacks. As far as the IoT is concerned, attackers are able to capitalize on the heterogeneity of IT environments.
4.2.3 Application Layer Weaknesses.
The absence of widely accepted IoT standards for how applications are handled has opened a variety of security concerns at the interface layer. Integrating applications brings about authentication problems owing to the existence of diverse mechanisms arising from different applications. As a result, key vulnerabilities may allow malicious code injections, sniffing attacks [89], phishing attacks, DoS attacks [92], and buffer overflow attacks [92], and are responsible for key software-based vulnerabilities [93].
4.3 Key IIoT Security Weaknesses
The quest to achieve the security objectives of Industry 4.0 is increasingly significant, given that the integration of OT environments with information systems and cyber-based technologies effectively extends the attack surface. In assessing the key security challenges in the IIoT, we concentrate on those aspects that correspond to how the connectivity between technologies is achieved. Based on these security aspects, the key IIoT issues are identified and mapped to IoT weaknesses. As shown in Table 5, the key IIoT weaknesses are classified as cybersecurity- and physical-based vulnerabilities.
Category | Target | Attack mechanisms | Effects | Layer |
---|---|---|---|---|
Cyber-based | IT and OT systems | Spoofing attacks | Denial of service (DoS) | Network layer |
Physical-based | IoT devices | Device compromise |
4.3.1 Cybersecurity-based Weaknesses.
The integration of OT and IT environments allows key security threats to target the operating system (OS), OT/IT system/network, industrial control system (ICS) and network, IIoT-based applications and servers, and the supporting cloud resources. The mechanisms used to realize these attacks leverage spoofing attacks, phishing-based attacks, and malicious software to compromise systems and hijack sessions. The outcome is continuous denial of service (DoS), failure of the ICS, and leakage of critical data.
4.3.2 Physical-based Security Weaknesses.
IIoT systems combine a number of physical devices that have other constraints in terms of, for example, energy and power. However, there is also a need to enforce the security of these devices. Generally, IIoT applications are tasked with the connectivity of industrial machines and processes, comprising sensors and actuators that process data in real-time. These data have a direct influence on the physical infrastructure and users, and failure could be catastrophic. Additionally, IIoT devices are mainly CPS-based, and so verifying the integrity of the CPS is a key task in detecting potential malicious modifications [23].
In the long run, verification of CPS integrity is essential. However, there exist limitations on computational power in any hardware architecture [64]. As illustrated in Table 5, physical-based security weaknesses can be exploited to affect sensors, actuators, and ICS/SCADA systems through device manipulation and human beings through psychological manipulation to extract information. Another critical aspect is the ICS, which was traditionally isolated from the IT infrastructure but is now connected and therefore exposed to cyber-security risks [64, 95]. Recent research [96, 97, 98] has led to proposals for security and safety standard compliance for CPS, possibly by automating the assessment of the IIoT and CPS using monitoring and verification frameworks.
Existing physical-based weaknesses include authentication techniques that require the storage of secret information in the device memory and cloning IIoT attacks in which a compromised physical device is cloned [99]. Side-channel attacks may open up access to adversaries, such as through electromagnetic attacks, power monitoring, and timing attacks based on statistical cryptographic techniques. With the emergence of Industry 4.0, more attacks on control systems are to be expected [99]. Security plays a major role where the IoT meets the physical ecosystem, and vulnerabilities can be seen in important areas such as SCADA systems, ICS, and IP-based physical systems [100].
4.4 State of IIoT Protocols
Assessments of the security of IIoT connectivity protocols stem from the need to explore the suppositions that underlie the digitization of industrial processes. This subsection explores the state of the wireless technologies that support IIoT ecosystems, as summarized in Table 6 and Figure 3, which shows the IIoT protocols with the respective parts of the open systems interconnection (OSI) reference model.
Reference | Protocols | Focus | Significance to IIoT Ecosystems |
---|---|---|---|
[104] | MQTT | Offers support to data exchange | Suitability due to its lightweight nature |
[65] | CoAP | Enables constrained devices to communicate with the Internet | Dedicated communication in the IIoT infrastructure |
[65] | MoDBUS:TCP | Shows its suitability in control and monitoring | Can be used in monitoring across IIoT environments |
[105] | Zigbee | Role played by its variants | Supports cryptographic transmission |
[108] | NB-IoT | Connects devices to the IoT | Compatible with low power and reduced data rates |
[105] | LoraWAN/6LowPAN | How information secrecy can be enhanced | Encryption and decryption could enhance secrecy in the IIoT |
[113] | IEEE 802.15.4 | Operation for LoraWAN and basis for Zigbee | Provides general IIoT connectivity |
[114] | WirelessHART | HART is an open and realizable protocol for WSN | HART is suitable for industrial automation |
4.5 Application Layer
4.5.1 MQTT.
Data exchange between IIoT systems is through the MQTT protocol, owing to its lightweight nature. MQTT relies on a broker to publish and retrieve data, and as a result, it has several key vulnerabilities. First, a client is able to publish and subscribe to any topic. Second, the broker may be overloaded if a subscriber forgets to collect the message. Third, there are no distinct access control techniques to prevent a client from subscribing to and publishing any topic. In this context, a potential attacker may try to find the most subscribed topic and exploit this information [101].
4.5.2 CoAP.
The constrained application protocol (CoAP) is a lightweight communication protocol designed specifically for the IoT and IIoT. In IIoT applications, where devices are often constrained in terms of limitations on resources such as memory, processing power, and battery life, CoAP can be a valuable protocol choice. It allows devices to communicate efficiently and effectively while conserving resources. Also, CoAP is particularly useful in IIoT applications, because it provides support for resource discovery, observation, block transfer, and proxying. These features make it easy for devices to discover each other and communicate efficiently. As an application layer protocol, CoAP is used for communication where dedicated devices are prevalent in an IoT-based infrastructure [65]. The security services in CoAP are more dependent on datagram transport layer security [102]. In the context of the IIoT, a massive payload may cause data fragmentation, which further opens the IIoT surface to potential attacks.
4.6 Transport Layer
4.6.1 MODBUS TCP.
MODBUS TCP is suitable for the control and monitoring of industrial applications in IIoT environments [65]. This can be complemented by the MQTT protocol through a publish and subscribe approach. Security threats include DoS attacks, privilege escalation, tampering, and spoofing. These vulnerabilities arise from the data transfer carried out by SSL/TLS, which is open to attacks [103, 104].
4.7 Network Layer
4.7.1 Zigbee.
This connectivity protocol is suitable for IIoT environments [105], and variants such as Zigbee Pro and Zigbee RFCE guarantee integrity by providing cryptographic security during transmission, confidentiality, and authenticity. Zigbee Pro is suitable for IIoT implementations, since it supports cryptographic transmission through encryption [106]. Among the security concerns associated with Zigbee is the key distribution method, where keys are pre-installed to devices in an insecure manner. Additionally, nodes can access communication even after leaving the network, and special software can be used to eavesdrop on or manipulate communication [107].
4.7.2 NB-IoT.
The narrowband IoT (NB-IoT) is suitable for IIoT ecosystems that have low power and reduced data rate constraints. The NB-IoT supports authentic communication via end-to-end security. However, the carriers in the NB-IoT are fully open, which creates an open surface for attacks, especially at the traffic nodes [108].
4.7.3 LoRaWAN and 6LowPAN.
The LoRaWAN protocol guarantees that information will be kept secret in IIoT environments through data encryption and decryption strategies. However, security flaws related to jamming and selective jamming attacks have been identified during communication [105]. The 6LowPAN protocol supports IIoT network connection based on low-power WPAN through IPv6, but it uses IPSEC for security services, which is a heavyweight and complex protocol [105].
4.8 Physical and Data Link Layers
4.8.1 Bluetooth.
Bluetooth supports short-range, low-power communication with a frequency of 2.4 GHz [109]. Its current security modes do not fully guarantee secure communication, given that there is a need to enforce service security levels. Bluetooth variants such as Bluetooth Low Energy (BLE) address authenticity, privacy, and integrity concerns, typically permitting a change of address to maintain privacy [110]. BLE suffers from numerous vulnerabilities, however, allowing attackers to leverage foot-printing approaches to collect information such as domain names, IP addresses, and access control lists. Additionally, attackers can perform bluesniffing, where unauthorized data is extracted from Bluetooth devices, and bluebugging, where attackers take control of the target device [111, 112].
4.8.2 IEEE 802.15.4.
This protocol provides general IIoT connectivity while guaranteeing data confidentiality, integrity, and a secure MAC layer [105]. However, 802.15.4 is vulnerable to keying techniques. Specifically, the single shared key aspect of this protocol offers little defense against a number of attacks [113].
4.8.3 WirelessHART.
WirelessHART is a key communication protocol for industrial process automation and the IIoT and has been approved as an open standard for WSN. This protocol is mainly concerned with energy and equipment monitoring, asset management, and general diagnosis. The HART protocol employs a single parity check for errors. This enables confidentiality, integrity, and authentication. While this protocol has been designed to be open and reliable, it has several limitations, since it does not support public cryptography and there is a lack of specification of the complete key management methodology. Additionally, there is no distinct authorization technique [114].
Note that the research discussed in this review is ongoing at the time of writing, and there are still some overlaps and similarities between generic IoT and IIoT, especially in terms of protocols. Generally, the weaknesses in generic IoT protocols are also relevant to the IIoT. Although the prime objective of the IIoT is to reinforce industrial system processes, it is also dependent on the actions involved in the generic IoT. Thus, failure of the actions in generic IoT protocols may have an impact on the IIoT.
4.9 IIoT Security Architectures and Standards
IIoT deployments are currently governed by the Industrial Internet Reference Architecture (IIRA) established by the Industrial Internet Consortium (IIC) [115], which explicitly stipulates the main roles played by cyber-physical-based technologies in the IIoT. From a security perspective, the IIC reference architecture includes a recommendation that the IIoT should position itself to give support to authentication protocols, non-repudiation, cryptographic protection, leveraging of quantum-resistant techniques during data transportation, connectivity, and efficient interoperability across systems. The OpenFog consortium [116] has devised a mechanism that brings IIoT processing close to the edge to guarantee the integrity, confidentiality, and availability of IIoT processes.
With the convergence of OT and IT, given that these prioritize systems differently, the industrial internet security framework (IISF) has been established as a common framework for security investigations in IIoT. This framework is, however, very generic and does not specifically articulate the key security aspects of the IIoT. Other key standards related to the security of the IIoT include ISO/IEC 29115 [117], which focuses on the security of endpoints, ISA/IEC 62443 [118], which focuses on authentication and vulnerability checks, ISO/IEC 29115 [117], which focuses on multifactor authentication and the need for cryptographic protocols, ISO/IEC 24760-1 [119], which focuses on secure identity, NIST-SP-800-82 [120], which stipulates the need for network segmentation in the IIoT and highlights communication requirements, NIST-FICIC [121], which focuses on risk management and security in the IIoT, and NISTIR-7628 [122], which focuses on cyber-security for smart grids. A summary of the security architectures and standards in the IIoT is presented in Table 7.
REF | Architecture/ | Focus | Security description | Limitations |
---|---|---|---|---|
[115] | IIoT reference architecture | Industrial Internet Security Framework | Cybersecurity assessment in the IIoT | Generic security measures |
[118] | ISA/IEC 62443 | IIoT levels of security | Identification and authentication check | Security levels depend on the system |
[117] | ISO/IEC 29115 | IIoT levels of authentication | Multifactor authentication | The credentials lifespan is too long |
[119] | ISO/IEC 24760-1 | IIoT levels of secure identity | Identifies a unique and secure identity | It is not definitely established what constitutes a secure identity |
[120] | NIST-SP-800-82 | Industrial control system security | Network segmentation | Does not accommodate dynamic changes in IIoT ecosystems |
[121] | NIST-FICIC | Cybersecurity for critical infrastructure | Principle of risk management and security | Complexity of cybersecurity risk management |
[122] | NISTIR-7628 | Guidelines for securing smart grid | Cybersecurity strategy for smart infrastructures | Changes in cybersecurity requirements |
[118] | ISA/IEC 62443-4-2 | Security for industrial automation | Cybersecurity threats and risks | Building extensions for enterprise security |
[123] | NIST-IIoT | Security for the IIoT | Vulnerability risks and threats | Limited to integrity and authenticity |
5 IIoT Security Achievements
Given that the realization of Industry 4.0 is dependent on innovative technological developments, this section assesses the state of IIoT-enabling technologies based on the approaches outlined in the Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege (STRIDE) model [124]. STRIDE offers a unique approach to assessing threats and vulnerabilities (known and unknown) within IIoT ecosystems, resulting in a threat roadmap. This section concentrates on describing the key security achievements that have been realized in the IIoT as a result of the STRIDE model.
5.1 Key Management in IIoT
A lightweight key exchange (LKE) for Industry 4.0 solves the problem of illegitimate nodes in the IIoT. The key provides an assurance of mutual authentication across nodes through a secret key exchange, which is safe for the IIoT [125]. Other key exchange protocols include lightweight authentication for M2M communication in the IIoT based on hash and XOR tasks to target MITM and replay attacks [38], and a lightweight protocol for IIoT that is implemented via the MQTT protocol [126]. With this approach, MQTT is a suitable protocol for the industrial domain.
The key strategies that can be used to evaluate which security techniques offer protection for MQTT are as follows: payload encryption with the authenticated encryption scheme (AES), payload authentication with AES, payload-authenticated encryption with AES-offset codebook mode (AES-OCB), and link-layer encryption with AES, where it is possible to measure the latency between the publishing and processing times. A lightweight certificateless signature scheme for IIoT environments provides data authenticity [127], while an SDN-enabled multi-attribute method for secure communication over the smart grid of the IIoT monitors network traffic and dynamic routing [128]. A faster authentication key with perfect forward secrecy for the IIoT based on hash and XOR operations has been developed [129], and an interactive multifactor authenticated key exchange for IIoT invokes password hardening and exposes the attacker [130].
The key management approach shown in Figure 4 focuses on information retrieval and provides a robust means of supporting digital and textual searches in IIoT environments. The key management scenario shown in Figure 4 depicts a typical key management approach in an IIoT ecosystem. In this scenario, an IIoT operator requests a service provision from an IIoT service provider (Step 1). The key distribution center (KDC) manages the encryption keys (Step 2). The KDC communicates with a cloud key management center (Step 3) to exchange and manage encryption keys. To ensure that the KDC can be integrated with the IIoT application processes, the KDC integration must be done (Step 4). Once the KDC integration is complete, the IIoT user can request processes from the cloud key management center (Step 5). The cloud key management center generates a response (Step 6) and provides the necessary encryption keys to the KDC as presented in Figure 4.
Using a hybrid keyword field search key management (HKFS-KM) scheme, this approach supports trapdoor unlinkability and drastically reduces the costs associated with key storage while supporting key revocation to guarantee secure IIoT records [131]. A study by Yasmine et al. [132] identified security weaknesses in authentication and key management during data transmission in the IIoT. The major security flaws were identified as replay attacks, DoS attacks, mutual authentication, and session key agreement. A mutual authentication scheme was proposed, but this does not support heterogeneous WSN environments. Zhou et al. [133] found that compromising devices to extract secret keys is still a challenge in IIoT communication, especially in side-channel attacks. Key weaknesses include IIoT key management, devices not embedded with cryptographic keys, IoT devices being easily attackable, and the resource constraints of IoT devices. A summary of key management approaches is presented in Table 8.
Reference | Focus | Significance to IIoT ecosystems |
---|---|---|
[38] | Lightweight authentication for M2M communication in the IIoT | Targets man-in-the-middle attacks on the IIoT |
[125, 126] | Lightweight authentication support for the IIoT | Discusses MQTT, SDN, and other M2M support protocols in the IIoT |
[127] | Lightweight certificateless signature scheme in the IIoT | Provides data authenticity |
[128] | SDN-enabled multi-attributes for secure IIoT | Monitors traffic and offers dynamic routing |
[129] | Authentication-based perfect forward secrecy in the IIoT | Uses XOR and hash to guarantee secrecy |
[130] | Interactive multi-factor authentication in IIoT | Has password hardening and attacker exposure |
[131] | Key management for textual search in the IIoT | Guarantees trapdoor unlinkability and privacy |
[132] | Weaknesses in authentication and key management | Mutual authentication and session key agreement suggested |
[133] | Device compromising with compromised keys | Identifies devices that are not embedded with cryptographic keys |
5.2 Blockchain Technology in IIoT
While streamed sensor data can be extracted in real-time from IIoT environments, it is important to have a guarantee that these data are secure. The blockchain offers a precise distributed immutable ledger that allows for stronger security through the creation of a computationally infeasible cryptographic block of hashes. A scenario for implementing the blockchain in IIoT is shown in Figure 5. In the scenario depicting blockchain in IIoT shown in Figure 5, the IIoT ecosystem comprises the perception layer, network layer, control layer, blockchain service layer, and application layer, each of which is associated with various IIoT domains such as manufacturing, robotics, and mining. The blockchain service layer comprises three key components, namely, blockchain service support, smart contract, and transaction management, which together provide the necessary functionality to enable secure and decentralized data sharing, auditing, and trust among IIoT stakeholders. Moreover, the blockchain service layer is connected to a blockchain network comprising both on-chain and off-chain blockchain networks. The on-chain network is secured by verifier nodes [134, 135], which are responsible for validating transactions and maintaining the integrity of the blockchain.
A blockchain scheme for collecting and sharing data in a multi-agent environment that combines Ethereum and deep learning techniques with a focus on achieving reliability has been proposed [136], but the mining nodes in this scheme are not intelligent. A truly fair non-repudiation blockchain scheme for IIoT has been developed as a service proxy for recording interactive evidence for providers in the IIoT. This technique has been verified using a homomorphic approach, but it has not yet been deployed in a real network-enabled IIoT platform for practical evaluation [137]. Current blockchain techniques are compared in Table 9. Studies using the blockchain have focused on IIoT access to equipment and power consumption, where the blockchain is deployed in high-performance systems to improve smart factory processes. For instance, a sharding–hashgraph technique that divides blockchain nodes has been employed for the purposes of optimization [138].
Reference | Focus | Significance for IIoT ecosystems |
---|---|---|
[136] | Scheme for collecting and sharing data | Discusses how data can be shared in a multi-agent environment using machine learning |
[139] | Use of credit consensus in the IIoT | Discusses how the consensus protects data confidentiality and access control |
[140] | How scalability is achieved | Discusses how lack of energy efficiency and lack of standards hinders the IIoT |
[141] | How blockchain can give security assurance | Discusses resource efficiency, secrecy, and maintenance of tasks using blockchain |
[137] | Non-repudiation scheme for the IIoT | Service proxy that records interactive evidence for providers |
[142] | Blockchain framework for the IIoT | Identifies zero-knowledge transactions for security purposes |
A secure blockchain approach that uses the credit consensus technique in IIoT has been established to protect data confidentiality. This method uses a directed acyclic structured blockchain with data access control, which decreases power consumption for genuine nodes while increasing power consumption for malicious nodes. However, the detection of malicious nodes requires further investigation [139]. Blockchain applications targeting Industry 4.0 face issues concerning scalability (given that blockchain computations require significant resources), inherent blockchain vulnerabilities, energy, and cost efficiency, and the absence of industrial standards and regulations [140]. Other relevant research has examined the integration of blockchain and edge frameworks for IIoT, addressing latency, resource efficiency, security, and monitoring of tasks, but neglecting system performance [141]. A blockchain-enabled framework for IIoT would face challenges involving zero-knowledge transactions, standardization, security, and privacy [142]. Generally, the blockchain offers a suitable mechanism for securing IoT transactions based on its characteristics of decentralization, effectiveness, transparency, and immutability [143].
5.3 Edge and Fog Security in IIoT
While edge computing is popular at present, its focus is on reducing the volume of transmitted data. Its current integration with the IIoT has intensified security threats related to data [144]. A substantial number of vulnerabilities occur in the fog layer as a result of data and IIoT application migration. One example is a malicious attack from the edge to the communication network, where machine learning strategies are preferred for purposes of defense. Major vulnerable points include attacks on fog nodes/adversarial manipulations during the provisioning of real-time services, authentication of identities, leakages of sensitive data at IIoT edge nodes due to limited storage, difficulties in processing data, complexity of edge computing IIoT networks, and the problem of sharing and searching encrypted data [100].
Figure 6 shows a scenario depicting edge and fog in IIoT. It consists of a perception layer where data is gathered and authenticated. This layer is followed by the edge gateway, which serves as the entry point for data into the fog layer. The fog layer controls encryption, key management, data storage, and data processing. The cloud layer provides additional storage and processing capabilities to the system. The cloud gateway transmits data between the cloud and the fog layer. Finally, the application layer provides the interface for users to interact with the IIoT system. In the IIoT domains, such as robotics, manufacturing, and mining, the system provides data extraction capabilities, allowing users to extract relevant data for analysis and decision-making.
A technique that addresses device unreliability and vulnerabilities has been developed in Reference [145] to allow secure data storage processes in the IIoT while integrating fog and cloud computing. This allows the collected data to be stored and processed at the edge server. However, this approach requires the encryption of fog-based data and effective privacy-preserving data mining approaches. As a result of encrypting fog-based data, fog nodes are forced to aggregate data to seal any form of information leakage during data dissemination [146, 147]. Consequently, edge computing faces challenges such as a lack of computational power, storage issues, and poor battery resources. Other threats include physical tampering with edge devices, identity forging, eavesdropping over shared wired channels, jamming links in IoT devices, and data privacy, as well as the various risks associated with network function virtualization, with the offloading of tasks to rich platforms, and with SDN [148].
Given that massive amounts of data are generated in IIoT environments, moving these data to the cloud for real-time analysis is a challenge. Other relevant challenges include managing access to applications, maintaining confidentiality, mitigating vulnerabilities, applying cryptographic protocols to the data generated from IIoT environments, and monitoring IIoT-related security events in real-time. Additionally, the cloud faces its own challenges in terms of confidentiality, integrity, authenticity, and availability [149].
As far as confidentiality is concerned, threat agents can propagate through the cloud and leak sensitive data related to the IIoT. The ultimate objective of an adversary is to defeat the cloud security goals by gaining control of the IT assets. Integrity issues arise from common attacks where adversaries are able to alter or modify part or all of the data at rest or in motion across different cloud models. The authenticity of entities within the cloud poses a challenge because of the existence of numerous illegitimate users. These vulnerabilities are fundamental, given the open nature of the cloud.
Another critical aspect concerning susceptibility is the issue of permission and privileges, where insufficient authorization of sessions and permissions makes cloud data vulnerable and susceptible to attacks. Recent studies of critical cloud attacks have identified DoS and distributed DoS (DDoS) to be the most common attacks, mainly propagated by botnets, virtualization/hypervisor attacks, user-to-root attacks, port scanning, MITM attacks, spoofing, and physical attacks. Most of these attacks attempt to defeat provisioned cloud services during IIoT integration [150, 151]. A summary of the key achievements in edge and fog security is presented in Table 10.
Reference | Focus | Significance for IIoT ecosystems |
---|---|---|
[100] | Vulnerable adversarial manipulations in IIoT edge nodes | Need to address complexity in IIoT networks |
[144] | Integration of the volume of data in the IIoT | Vulnerabilities are experienced at the fog layer owing to application migration |
[145] | Device unreliability and vulnerabilities in the IIoT edge | Need for encryption of data when fog and cloud integrate |
[146, 147] | Encrypting fog-based data in the IIoT | Sealing data leakage points as a way of enhancing security |
[148] | Computation and storage issues in the IIoT | Identifies the channels of compromise in the IoT |
[149] | State of massive data generated in the IIoT environment | Data management solutions are key to managing huge volumes of data in the IIoT |
[150, 151] | Permission and privileges in the cloud | Sufficient authorization and sessions and privileges in the cloud reduce potential intrusions |
6 State-of-the-art Research in IoT and IIoT Forensics
The digitization of manufacturing processes further extends the attack and threat landscape and enhances the level of susceptibility, which could increase the potential for digitally propagated crimes. As a result, there is a constant need to analyze potential digital evidence to provide proof or prove facts if a potential security incident is detected. To date, there has been relatively little research on IIoT forensics, although some studies have explored how digital forensic investigations can be conducted in the IIoT, as well as the significant current challenges. We explore IIoT forensic investigations from the standpoint of integrating IoT-based forensic applications with industrial processes and assess how the prevailing IoT-based forensic models could be positioned to conduct digital forensic activities. A summary of the key research focusing on IIoT is presented in Table 11.
Year | Forensic model | Focus | Limitations | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2020 |
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2019 |
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2018 |
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2017 |
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2016 |
|
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2015 |
|
|
|
Currently, there exist vulnerabilities in the physical infrastructure that underpins IIoT applications, e.g., the CPS, ICS, and SCADA systems. Thus, there is a dire need for post-incident response strategies. For example, research by Cruz et al. [152] suggests placing a shadow security unit in parallel with field devices as an approach for continuous monitoring of PLCs, which could be leveraged for forensic purposes. Research on SCADA forensics has identified that current SCADA employs cloud-based technologies and suggests the following essentials: identifying the incident origin, assessing the system risks and alterations, identifying the SCADA impact and status, and live forensics, before employing rapid response, compatibility, and remote data acquisition techniques. This approach is useful for conducting digital investigations in IIoT but is limited by the available forensic artifact extraction tools [153]. An IIoT forensic investigation framework [154] suggests the collection of digital evidence to mitigate IIoT-based vulnerabilities. This study outlines the relationship between the OSI layer model and cross-layer forensic information and suggests a higher layer for digital forensic information in the IIoT [154].
Considering the existing digital forensic challenges in the IoT, MacDermott et al. [155] highlighted several shortcomings that have resulted from the changing landscape of digital crimes. The sources of evidence from IIoT environments were identified as smart devices and sensors, hardware and software, intrusion detection systems (IDS), firewalls, ISPs, mobile providers, and other online identities. IoT forensic techniques have been mapped to privacy as a feasible way of conducting digital investigations through the sharing of data by devices through a privacy-aware IoT forensic model [156]. For example, an IoT forensic model that underpins infrastructures has been constructed for Amazon Echo as a use-case and is able to support identification, acquisition, analysis, and presentation using a generic IoT architecture [157].
A forensic acquisition technique for the IoT based on the state of events has been developed and proved for controller-to-IoT, controller-to-cloud, and controller-to-controller cases. Through the use of an IP camera, it has been shown that relevant data based on states can be extracted from IoT devices [158]. Notably, a taxonomy for the challenges faced in IoT forensics has identified forensic tools, models, and sources of evidence as crucial aspects to consider in the IoT environment [159]. A technique for defending logged data against attack using anti-forensic techniques has been developed through data aggregation and encryption in an IoT setup with the modified information dispersal algorithm. This approach is based on the fragments transmitted from IoT devices [160].
A forensic-aware ecosystem for the IoT has been established to collect and analyze evidence systematically by supporting different IoT subdomains [161]. Subsequent studies have shown that IoT forensic challenges mainly target encryption and storage of data in the cloud. The IoT forensic tools and techniques for preserving volatile data have been identified as key aspects of IoT forensic research, but there are few IoT forensics tools with data acquisition capabilities [162].
A fog-based framework for IoT forensics has identified several challenges based on use-cases and implementation. As an example, a refrigerator was connected to a fog node as part of a home automation system. Although the effectiveness of this framework was not evaluated, it was able to reproduce some techniques for achieving digital forensics [163]. Research focused on IoT opportunities and challenges suggests that search, seizure, evidence correlation and analysis, and IoT attribution are core challenges [164]. Additionally, complexity and diversification, chain of custody, and limited storage for IoT devices require further research [165].
Other challenges include the type and quantity of data, blurred lines between networks, and the type and source of evidence [177]. A framework for IoT acquisition and forensics has identified data location, data format, data extraction, and data type as key forensic characteristics [178]. An efficient approach that combines cloud forensics with client-side forensics has been suggested for the Amazon Alexa ecosystem, with a proof-of-concept focused on identification and acquisition analysis from local devices [179]. Other relevant work includes the analysis of bulk digital forensic data as a semi-automated approach for scanning disparate digital forensics data subsets and data from IoT portable devices. There are also cross-device and cross-analysis approaches that are appropriate for diverse digital forensic cases [180]. Additionally, live forensic analysis in emerging configurations in IoT environments could utilize K-nearest neighbors, support vector machines (SVMs), naive Bayes classifiers, and random forest algorithms. These approaches illustrate how datasets could be utilized for the live detection of potential incidents [169].
Other IoT-based frameworks include a top-down IoT model for planning and authorization of forensic processes [176], integrated IoT forensic frameworks [170] that stipulate which IoT-based standards can be leveraged, and an application-specific model [173] for the IoT that extracts evidence from smart home and smart city devices. Acquisition based on a state forensics model has been explored [158] with both controller-to-IoT device and IoT-to-controller processes included in the forensics. A model for smart cities and smart vehicles [174] targets ECM data from the vehicle data hub to create forensic images. A digital evidence acquisition model [175] for the IoT environment uses graphs to model flows, whereas the FIF-IoT approach [171] uses a public ledger to verify evidence integrity. Research has also covered a cyber-forensics framework for IoT big data [167], forensic edge management for autonomous systems integrated with IoT networks [172], a forensic model for IoT trackers [181], and a forensic logging model for IoT ecosystems that supports cloud computing [168].
The existing overlap between the IoT and IIoT means that, in the context of this article, IIoT forensics are represented as a large-scale post-event/reactive technique that targets critical IIoT forensic information domains [154]. Examples include network protocols targeting ICS/SCADA, forensics from the lowest layers (physical layer), evidence from higher layers (bit-level forensics) from SCADA, PLCs, sensors, communication gateways, and network-level forensics [154]. As far as IoT forensics is concerned, information may be extracted from the respective layers, mostly from networked mobile digital devices; it should be noted here that mobile forensics lies at the center of the IoT. While the IIoT, IoT, and mobile forensics share a need for forensic evidence (digital data), there are major differences between them with regard to the complexity involved in extracting these data and the diverse range of architectures. This complexity, among other challenges, should ultimately underlie the forensic soundness and sanctity of potential digital evidence from the IIoT, IoT, and mobile forensic architectures for the purpose of litigation in the event of a security incident.
7 OPEN CHALLENGES
The preceding sections have highlighted the security requirements in IIoT ecosystems, the state of IIoT ecosystems in terms of architectures and protocols, IIoT ecosystem security achievements, and the state of digital forensics in the IIoT. Based on this analysis, we now identify the open challenges relating to these technologies from a security and digital forensic perspective. The categories of these challenges are depicted in Figure 7, and a summary of the challenges and high-level solutions is given in Table 12.
Category | Challenge | Possible high-level solutions | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Perception layer challenges |
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Network layer challenges |
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Application layer challenges |
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Security management challenges |
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Digital forensics challenges |
|
|
7.1 Challenges in the Application Layer
– | The shift from conventional industrial processes to smart connectivity will mean that advanced industrial processes become wholly dependent on wireless connectivity, standards, and protocols. However, this opens the threat and attack landscape further. Thus, if IIoT networks are attacked, then the industrial production output will be compromised and human lives may be put at risk. | ||||
– | Realizing smart manufacturing implies that the majority of systems will be able to act in a self-adaptive manner with some self-dynamic reconfiguration ability. This implies that dynamic production processes will become centered on single dynamic production as opposed to centralized management, which is susceptible to failures and requires huge processing power. | ||||
– | Normally, attackers will use diverse and alternative techniques to reach the CPS. Hence, insider or physical attacks may be used to undermine the security of the IIoT. | ||||
– | Currently, there are no universally accepted security standard compliance techniques, security monitoring, or standardized devices that can be employed in IIoT environments. | ||||
– | At present, most blockchain processes in the IIoT are distributed transactions. However, some mining nodes in these transactions are not intelligent, which may make them susceptible to attack. |
7.2 Challenges in the Network Layer
– | The current spectrum of IIoT connectivity protocols does not guarantee a higher degree of security during data communication. For example, Bluetooth has insecure modes that expose the device to malware. BLE security mode 1, level 1 has weaker authentication or encryption, which makes it insecure [182]. Additionally, pairing techniques do not offer protection, which makes Bluetooth vulnerable to MITM and eavesdropping attacks and could eventually lead to data manipulation. | ||||
– | IEEE 802.15.4 uses a single shared key session that offers little defense against replay attacks. Additionally, this standard cannot guarantee the confidentiality and integrity of acknowledged packets [183]. | ||||
– | NB-IoT (WAN) uses unlicensed bands, from which malicious nodes can offload traffic [184]. | ||||
– | LoRaWAN has a number of security vulnerabilities, with flaws in AES during encryption and an inability for partners to fix shared keys to some values. The AES cryptography algorithm uses 128-bit keystreams that allow the key to be XORed with the message to generate the ciphertext [185]. Given that LoRaWAN utilizes a 128-bit AES algorithm to encrypt its message, certain weaknesses may produce a non-optimal ciphertext that can be decrypted. Additionally, LoRaWAN allows an adversary to modify a message over the connection. | ||||
– | The IPSEC currently being used in 6LoWPAN is a heavyweight protocol, which means it is unsuitable for IIoT environments. | ||||
– | MQTT faces challenges relating to DDoS, information disclosure, and spoofing [186]. In addition, clients may easily subscribe to any topics, creating a likely vulnerability that could allow the subscribed topics to be exposed to attackers. | ||||
– | Currently, secure key management and exchange is an open challenge owing to the resource constraints on the physical devices and user data. Most key exchange approaches suffer from heavyweight cryptographic protocols that are overly complex as far as computation is concerned. There also exist challenges in terms of applying encryption to diverse firmware, some of which will have been altered. |
7.3 Challenges in the Perception Layer
– | Currently, the majority of devices employed in IIoT environments are not manufactured with security capabilities (i.e., there is a lack of security by design), causing them to fail during or after deployment. Most CPS involve the integration of embedded systems and physical processes, and so a lack of security may lead to significant vulnerabilities. With the ever-changing nature of system architectures, most devices and systems are built without security functionalities, and those that do have security functionalities may rapidly become outdated. Additionally, most systems operate in real time, combining sensor data, devices, and actuators. Ultimately, the absence of security by design leads to susceptibility and unreliability and creates more vulnerabilities. | ||||
– | The core challenge is to verify the integrity of the CPS/IIoT devices used in IIoT environments. Currently, there exist numerous devices with diverse firmware and no efficient scheme for the attestation of these systems. The nature of CPS is to complete real-time tasks and ensure that they satisfy security goals, key among which is the integrity of data and devices. Continued digitization in IIoT environments has resulted in diversification of physical devices and a wide-ranging variety of CPS devices, which suffer from attestation problems. This can be attributed to variation in or lack of acceptable compliance standards during device on-boarding processes. Lack of proper attestation of these devices creates an environment that allows physical damage, which may threaten human lives and create integrity issues regarding the data collected from sensing environments. | ||||
– | Currently, where the IoT meets the IIoT, there is a higher degree of cloning of physical devices as a form of IIoT attack. Cloning is usually a social engineering approach that allows attackers to maliciously deceive unsuspecting victims in cases where a device or malicious link is dispatched as a legitimate one. Security in the IIoT requires the utilization of physically unclonable functions (PUFs), which guarantee a secure approach for storing digital information in integrated circuits [187]. However, where OT and IT converge, there may arise vulnerable situations that allow attackers to gain knowledge on how the PUFs operate. In the long run, attackers may be able to model an identical PUF to emulate the original. Using this approach, it would be easy to circumvent the memory contents of integrated circuits. The ultimate effect of this is data leakage and side-channel attacks. |
7.4 Challenges for Security Management
An assessment of security challenges is now presented, with an emphasis on the point where OT and IT systems converge. This is because of the need to ensure that key information security goals are maintained while enforcing security for the CPS. Based on this study, the following are identified as key security-related challenges:
– | The convergence of OT and IT brings together two differing environments, which have different architectures, operations, and challenges. | ||||||||||||||||||||||
– | Managing security aspects of OT/IT integration is a key challenge for the following reasons:
| ||||||||||||||||||||||
– | Owing to the resource-constrained nature of IIoT devices, current cybersecurity frameworks are unable to support heterogeneous IoT systems and CPS in real time. |
7.5 Challenges for Digital Forensics in IIoT Ecosystems
Based on the current state of digital forensics in IIoT, this subsection discusses the prevailing open challenges. To date, there has been a lack of adequate studies of digital forensics in the IIoT. The following are presented as current open challenges:
– | The majority of IIoT systems previously operated as SCADA/CPS, where most networks were isolated. Given that digital forensics stipulates that the correct tools and methodologies should be used during an investigation, there is currently a lack of forensically certified tools for IIoT forensic investigations. | ||||
– | At present, there are few guidelines or accredited standards and legal frameworks that stipulate how digital forensic incidents should be handled in the pre- and post-incident response phases in IIoT environments [188]. This is due to the disparities that exist between connected IIoT environments and normal IT environments. | ||||
– | Existing forensic investigation process models are tailored to address generic IT systems, where digital evidence is carefully extracted based on prescribed processes. However, in the context of the IIoT, there is not yet any definition of how a digital forensic investigation process model would be used. | ||||
– | Given that the IIoT involves the collection and analysis of data and personal information, there is a lack of approaches to data privacy and protection, which is a major concern [13]. | ||||
– | The IIoT extends over multiple and diverse jurisdictions, which makes it difficult to determine the appropriate laws and regulations to be used when coordinating digital forensic investigations [13]. |
8 FUTURE DIRECTIONS
The challenges and limitations addressed in this article cover a wide scope with a multitude of facets. While a number of the challenges identified in the IoT have some similarities with IIoT challenges, the former are more closely associated with device diversity and the corresponding security mechanisms, while the latter are associated with the security aspects of smart industrial processes and the corresponding security and digital forensic investigation techniques.
With the continuous increase in the number of devices and the volume of data across IIoT systems, it is vital that diverse data processing techniques be incorporated. In most instances, the processing techniques applied are not standardized or widely accepted, which raises key security, privacy, and data confidentiality concerns.
A number of studies have formulated proposals for authentication techniques, specifically during the key management stage. Although some of these methods appear to be pertinent, it is important to note that the majority of existing key agreement techniques are not widely deployed across heterogeneous environments. This leads to concerns regarding the security and secrecy of keys and data during communication.
According to the key objectives of Industry 4.0, the IIoT is integral to industrial control processes. As such, integrating key security achievements such as blockchains, smart contracts, and key management techniques with 5G technologies could harden the security of the IIoT by preventing energy theft. The addition of security layers could result in stronger authentication and authorization mechanisms, where only the authorized user’s details and secret keys are maintained.
Consequently, with the key achievements in edge and fog computing in the IIoT come privacy concerns during data processing at the edge. In achieving threat intelligence, federated data models are locally trained at the edge nodes and then shared to the global nodes. Thus, it is important to investigate how the shared intelligence of data is aggregated and shared across heterogeneous environments for the purposes of privacy and adversarial concerns in IIoT ecosystems.
Based on the connectivity that has arisen as a result of the 5G standard, it is projected that key achievements will be realized in mobile edge applications, making IIoT processes more effective through the expected lower latency of machine communication. While this is a key opportunity for faster communication across IIoT networks, it may also open further vulnerabilities, with IIoT ecosystems becoming susceptible owing to the heterogeneity of the services supported by 5G in the IIoT.
Finally, there remains a need for security standards for blockchains, given their paramount importance to the safeguarding of the IIoT from compromise, especially during the integration of smart contracts. Furthermore, the detection of malicious nodes in a blockchain requires key edge intelligence aspects of resource utilization.
9 CONCLUSION
The IIoT is still in a process of development, with current advances being geared toward enabling the industrial and manufacturing processes that will realize Industry 4.0. This paradigm shift is allowing systems to accumulate and analyze data to make certain decisions.
In this article, the state-of-the-art of IIoT ecosystems has been comprehensively studied from security and digital forensics perspectives to help identify the existing open challenges. The state-of-the-art has been explored in terms of IIoT ecosystem security parameters, connectivity protocols, security-enabling technologies, and digital forensics. Key security achievements and open challenges have also been identified, along with key high-level solutions.
The IIoT is still being integrated into our daily lives with the aim of improving quality through continuous industrial automation or processes leveraging IoT-based applications. Our state-of-the-art survey has provided a comprehensive analysis of existing research, from which it is evident that the current IIoT suffers from relatively weak security protocols and a lack of unified accepted standards. Together, these weaknesses make IIoT integration vulnerable to a variety of security attacks.
- [1] . 2019. The history, present and future with IoT. In Internet of Things and Big Data Analytics for Smart Generation. Springer, 27–51.Google ScholarCross Ref
- [2] . 2018. Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18, 3 (2018).
DOI: Google ScholarCross Ref - [3] . 2016. Design principles for Industrie 4.0 scenarios. IEEE Computer Society1730 Massachusetts Ave., NW Washington, DCUnited States.Google Scholar
- [4] . 2017. Cyber physical system (CPS)-based Industry 4.0: A survey. J. Industr. Integ. Manag. 2, 03 (2017), 1750014.Google ScholarCross Ref
- [5] . 2014. Internet of things in industries: A survey. IEEE Trans. Industr. Inform. 10, 4 (2014), 2233–2243.Google ScholarCross Ref
- [6] . 2016. A generic digital forensic investigation framework for internet of things (IoT). In IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud’16). IEEE, 356–362.Google ScholarCross Ref
- [7] . 2018. Industrial internet of things: Challenges, opportunities, and directions. IEEE Trans. Industr. Inform. 14, 11 (2018), 4724–4734.Google ScholarCross Ref
- [8] . 2018. Industrial IoT security threats and concerns by considering Cisco and Microsoft IoT reference models. In IEEE Wireless Communications and Networking Conference Workshops (WCNCW’18). IEEE, 173–178.Google ScholarCross Ref
- [9] . 2020. A secure fog-based architecture for Industrial Internet of Things and Industry 4.0. IEEE Trans. Industr. Inform. 17, 4 (2020), 2316–2324.Google ScholarCross Ref
- [10] . 2020. Modelling industrial IoT system complexity. In International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT’20). IEEE, 1–5.Google ScholarCross Ref
- [11] . 2023. Assessment of potential security risks in advanced metering infrastructure using the OCTAVE Allegro approach. Comput. Electric. Eng. 108 (2023), 108667.Google ScholarDigital Library
- [12] . 2022. Industrial internet of things (IIoT) forensics: The forgotten concept in the race towards Industry 4.0. Forens. Sci. Int.: Rep. 5 (2022), 100257.
DOI: Google ScholarCross Ref - [13] Victor Rigworo Kebande.Industrial Internet of Things (IIoT) Forensics: challenges, opportunities, and future directions. Google ScholarCross Ref
- [14] . 1996. Getting the measure of complexity. Manuf. Eng. 75, 6 (1996), 268–70.Google ScholarCross Ref
- [15] . 2021. Cyber-physical systems architectures for Industrial Internet of Things applications in Industry 4.0: A literature review. J. Manuf. Syst. 58 (2021), 176–192.Google ScholarCross Ref
- [16] . 2020. Challenges and recommended technologies for the Industrial Internet of Things: A comprehensive review. Measurement 151 (2020), 107198.Google ScholarCross Ref
- [17] . 2020. A systematic survey of Industrial Internet of Things security: Requirements and fog computing opportunities. IEEE Commun. Surv. Tutor. 22, 4 (2020), 2489–2520.Google ScholarCross Ref
- [18] . 2019. Industrial internet of things: A review. In International Conference on Opto-electronics and Applied Optics (Optronix’19). IEEE, 1–6.Google ScholarCross Ref
- [19] . 2018. A survey on Industrial Internet of Things: A cyber-physical systems perspective. IEEE Access 6 (2018), 78238–78259.Google ScholarCross Ref
- [20] . 2021. A taxonomy of security issues in Industrial Internet-of-Things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9 (2021), 25344–25359.Google ScholarCross Ref
- [21] . 2019. Industrial internet of things (IIoT) applications of edge and fog computing: A review and future directions. arXiv preprint arXiv:1912.00595 (2019).Google Scholar
- [22] . 2018. Industrial internet of things: A systematic literature review and insights. IEEE Internet Things J. 5, 6 (2018), 4515–4525.Google ScholarCross Ref
- [23] . 2015. Security and privacy challenges in Industrial Internet of Things. In 52nd Annual Design Automation Conference. 1–6.Google ScholarDigital Library
- [24] . 2021. A comprehensive survey of attacks without physical access targeting hardware vulnerabilities in IoT/IIoT devices, and their detection mechanisms. ACM Trans. Des. Autom. Electron. Syst. 27, 1 (2021), 1–35.Google ScholarDigital Library
- [25] . 2020. Literature review of Industry 4.0 and related technologies. J. Intell. Manuf. 31, 1 (2020), 127–182.Google ScholarDigital Library
- [26] . 2020. Attack and system modeling applied to IoT, cloud, and mobile ecosystems: Embedding security by design. ACM Comput. Surv. 53, 2 (2020), 1–32.Google ScholarDigital Library
- [27] . 2019. Scanning the Industry 4.0: A literature review on technologies for manufacturing systems. Eng. Sci. Technol. Int. J. 22, 3 (2019), 899–919.Google ScholarCross Ref
- [28] . 2018. The Industrial Internet of Things (IIoT): An analysis framework. Comput. Industr. 101 (2018), 1–12.Google ScholarCross Ref
- [29] . 2021. Challenges and opportunities in securing the Industrial Internet of Things. IEEE Trans. Industr. Inform. 17, 5 (2021), 2985–2996.
DOI: Google ScholarCross Ref - [30] . 2021. Security challenges in Industry 4.0 SCADA systems—A digital forensic prospective. In International Conference on Artificial Intelligence and Computer Science Technology (ICAICST’21). 229–233.
DOI: Google ScholarCross Ref - [31] . 2020. Blockchain for the IoT and industrial IoT: A review. Internet Things 10 (2020), 100081.Google ScholarCross Ref
- [32] . 2017. Industry 4.0 concept: Background and overview. Int. J. Interact. Mob. Technol. 11, 5 (2017).Google ScholarCross Ref
- [33] . 2017. Nine challenges of Industry 4.0. IIoT World. Retrieved from https://iiot-world.com/-connected-industry/nine-challenges-of-industry-4-0/Google Scholar
- [34] . 2021. Active machine learning adversarial attack detection in the user feedback process. IEEE Access 9 (2021), 36908–36923.Google ScholarCross Ref
- [35] . 2020. The AI-based cyber threat landscape: A survey. ACM Comput. Surv. 53, 1 (2020), 1–34.Google ScholarDigital Library
- [36] . 2018. A survey on game-theoretic approaches for intrusion detection and response optimization. ACM Comput. Surv. 51, 5 (2018), 1–31.Google ScholarDigital Library
- [37] . 2018. IoT elements, layered architectures and security issues: A comprehensive survey. Sensors 18, 9 (2018), 2796.Google ScholarCross Ref
- [38] . 2017. A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J. 6, 1 (2017), 288–296.Google ScholarCross Ref
- [39] . 2016. An architecture for interoperable IoT ecosystems. In International Workshop on Interoperability and Open-source Solutions. Springer, 39–55.Google Scholar
- [40] . 2017. Enabling IoT ecosystems through platform interoperability. IEEE Softw. 34, 1 (2017), 54–61.Google ScholarDigital Library
- [41] . 2012. Defining an internet-of-things ecosystem. In Internet of Things, Smart Spaces, and Next Generation Networking. Springer, 1–14.Google Scholar
- [42] . 2012. Towards IoT ecosystems and business models. In Internet of Things, Smart Spaces, and Next Generation Networking. Springer, 15–26.Google Scholar
- [43] . 2014. Designing business models for the internet of things. Technol. Innov. Manag. Rev. (2014), 5–14.Google ScholarCross Ref
- [44] . 2013. Towards an IoT ecosystem. In 1st International Workshop on Software Engineering for Systems-of-systems. 25–28.Google Scholar
- [45] . 2018. Data integration in IoT ecosystem: Information linkage as a privacy threat. Comput. Law Secur. Rev. 34, 1 (2018), 125–133.Google ScholarCross Ref
- [46] . 2019. QoS-guarantee resource allocation for multibeam satellite Industrial Internet of Things with NOMA. IEEE Trans. Industr. Inform. 17, 3 (2019), 2052–2061.Google ScholarCross Ref
- [47] . 2022. MCEAACO-QSRP: A novel QoS-secure routing protocol for Industrial Internet of Things. IEEE Internet Things J. 9, 19 (2022), 18760–18777.Google ScholarCross Ref
- [48] . 2018. Trustworthy industrial IoT gateways for interoperability platforms and ecosystems. IEEE Internet Things J. 5, 6 (2018), 4506–4514.Google ScholarCross Ref
- [49] . 2019. A secure communicating things network framework for industrial IoT using blockchain technology. Ad Hoc Netw. 94 (2019), 101933.Google ScholarDigital Library
- [50] V. Skwarek. 2017. Blockchains as security-enabler for industrial IoT-applications. Asia Pacific Journal of Innovation and Entrepreneurship 11, 3 (2017), 301–311.Google Scholar
- [51] . 2008. SmartFactory—From vision to reality in factory technologies. IFAC Proc. Vol. 41, 2 (2008), 14101–14108.Google ScholarCross Ref
- [52] . 2010. SmartFactory—Towards a factory-of-things. Ann. Rev. Contr. 34, 1 (2010), 129–138.Google ScholarCross Ref
- [53] . 2017. Open IoT ecosystem for sporting event management. IEEE Access 5 (2017), 7064–7079.Google ScholarCross Ref
- [54] . 1993. Predators and prey: A new ecology of competition. Harv. Busin. Rev. 71, 3 (1993), 75–86.Google Scholar
- [55] . 2017. Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS’17). IEEE, 1–6.Google ScholarDigital Library
- [56] . 2018. Blockchain enabled enhanced IoT ecosystem security. In International Conference for Emerging Technologies in Computing. Springer, 38–46.Google ScholarCross Ref
- [57] . 2016. IoT ecosystem over programmable SDN infrastructure for smart city applications. In 5th European Workshop on Software-Defined Networks (EWSDN’16). IEEE, 49–51.Google Scholar
- [58] . 2018. Digital construction: From point solutions to IoT ecosystem. Autom. Construct. 93 (2018), 35–46.Google ScholarCross Ref
- [59] . 2016. Evaluation of a web crowd-sensing IoT ecosystem providing big data analysis. In Resource Management for Big Data Platforms. Springer, 461–488.Google ScholarCross Ref
- [60] . 2021. Industrial internet of things and its applications in Industry 4.0: State of the art. Comput. Commun. 166 (2021), 125–139.Google ScholarCross Ref
- [61] . 2020. A novel secure data transmission scheme in Industrial Internet of Things. China Commun. 17, 1 (2020), 73–88.Google ScholarCross Ref
- [62] . 2020. The future of healthcare internet of things: A survey of emerging technologies. IEEE Commun. Surv. Tutor. 22, 2 (2020), 1121–1167.
DOI: Google ScholarCross Ref - [63] . 2020. Internet of Multimedia Things (IoMT): Opportunities, Challenges and Solutions.
DOI: Google ScholarCross Ref - [64] . 2019. A survey on IIoT security. In IEEE VTS Asia Pacific Wireless Communications Symposium (APWCS’19). IEEE, 1–5.Google Scholar
- [65] . 2019. Communication protocols of an Industrial Internet of Things environment: A comparative study. Fut. Internet 11, 3 (2019), 66.Google ScholarCross Ref
- [66] . 2021. A systematic review on cognitive radio in low power wide area network for industrial IoT applications. Sustainability 13, 1 (2021), 338.Google ScholarCross Ref
- [67] . 2018. The IIoT/IoT device control model based on narrow-band IoT (NB-IoT). In IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus’18). IEEE, 950–953.Google ScholarCross Ref
- [68] . 2022. ASSERT: A blockchain-based architectural approach for engineering secure self-adaptive IoT systems. Sensors 22, 18 (2022), 6842.Google ScholarCross Ref
- [69] . 2020. Low reliable and low latency communications for mission critical distributed Industrial Internet of Things. IEEE Commun. Lett. 25, 1 (2020), 313–317.Google ScholarCross Ref
- [70] . 2022. An intelligent deterministic scheduling method for ultralow latency communication in edge enabled Industrial Internet of Things. IEEE Trans. Industr. Inform. 19, 2 (2022), 1756–1767.Google ScholarCross Ref
- [71] . 2019. Throughput optimization with delay guarantee for massive random access of M2M communications in industrial IoT. IEEE Internet Things J. 6, 6 (2019), 10077–10092.Google ScholarCross Ref
- [72] . 2022. Delay aware fault-tolerant concurrent data collection trees in shared IIoT applications. In IEEE Global Communications Conference. IEEE, 323–328.Google ScholarCross Ref
- [73] . 2022. A fault-tolerant transmission scheme in SDN-based industrial IoT (IIoT) over fiber-wireless networks. Entropy 24, 2 (2022), 157.Google ScholarCross Ref
- [74] . 2021. Security in Cyber-physical Systems: Foundations and Applications (1st ed.). Springer.Google ScholarCross Ref
- [75] . 2021. Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications (1st ed.). John Wiley & Sons: New Jersey, NJ.Google ScholarCross Ref
- [76] . 2019. Towards a secure Industrial Internet of Things. In Security and Privacy Trends in the Industrial Internet of Things. Springer, 29–45.Google ScholarCross Ref
- [77] . 2021. A novel image steganography method for Industrial Internet of Things security. IEEE Trans. Industr. Inform. 17, 11 (2021), 7743–7751.
DOI: Google ScholarCross Ref - [78] . 2011. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Secur. Privac. 9, 3 (2011), 49–51.Google ScholarDigital Library
- [79] . 2017. The Industrial Internet of Things and cyber security: An ecological and systemic perspective on security in digital industrial ecosystems. In 21st International Conference on System Theory, Control and Computing (ICSTCC’17). IEEE, 641–647.Google Scholar
- [80] . 2016. Security analysis on consumer and industrial IoT devices. In 21st Asia and South Pacific Design Automation Conference (ASP-DAC’16). IEEE, 519–524.Google ScholarDigital Library
- [81] . 2021. A comprehensive survey on interoperability for IIoT: Taxonomy, standards, and future directions. ACM Comput. Surv. 55, 1 (2021), 1–35.Google ScholarDigital Library
- [82] . 2019. Measuring security in IoT communications. Theoret. Comput. Sci. 764 (2019), 100–124.Google ScholarDigital Library
- [83] . 2016. Toward end-to-end biometrics-based security for IoT infrastructure. IEEE Wirel. Commun. 23, 5 (2016), 44–51.Google ScholarDigital Library
- [84] . 2022. Intelligent authentication of 5G healthcare devices: A survey. Internet Things 20 (2022), 100610.
DOI: Google ScholarCross Ref - [85] . 2018. Continuous security in IoT using blockchain. In IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP’18). IEEE, 6423–6427.Google ScholarDigital Library
- [86] . 2018. Internet of things: A survey on the security of IoT frameworks. J. Inf. Secur. Applic. 38 (2018), 8–27.Google ScholarCross Ref
- [87] . 2015. Modern Authentication with Azure Active Directory for Web Applications. Microsoft Press.Google Scholar
- [88] . 2017. A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 4, 5 (2017), 1125–1142.Google ScholarCross Ref
- [89] . 2015. A critical analysis on the security concerns of internet of things (IoT). Int. J. Comput. Applic. 111, 7 (2015).Google ScholarCross Ref
- [90] . 2013. Research on the basic characteristics, the key technologies, the network architecture and security problems of the internet of things. In 3rd International Conference on Computer Science and Network Technology. IEEE, 825–828.Google ScholarCross Ref
- [91] . 2005. The holes problem in wireless sensor networks: A survey. ACM SIGMOBILE Mob. Comput. Commun. Rev. 9, 2 (2005), 4–18.Google ScholarDigital Library
- [92] . 2019. Current research on internet of things (IoT) security: A survey. Comput. Netw. 148 (2019), 283–294.Google ScholarCross Ref
- [93] . 2017. IoT security: A layered approach for attacks & defenses. In International Conference on Communication Technologies (ComTech). IEEE, 104–110.Google ScholarCross Ref
- [94] . 2015. Securing the internet of things: Mapping attack surface areas using the OWASP IoT top 10. In RSA Conference.Google Scholar
- [95] . 2017. Assessing and augmenting SCADA cyber security: A survey of techniques. Comput. Secur. 70 (2017), 436–454.Google ScholarCross Ref
- [96] A. Bicaku. 2020. Security Standard Compliance in System of Systems (Doctoral dissertation, Luleå University of Technology). https://www.diva-portal.org/smash/record.jsf?pid=diva2%3A1459036&dswid=2436Google Scholar
- [97] . 2019. Security safety and OrganizationalStandard compliance in cyber physicalsystems. Infocommun. J. 11, 1 (2019), 2–9.Google ScholarCross Ref
- [98] . 2020. Security standard compliance and continuous verification for Industrial Internet of Things. Int. J. Distrib. Sensor Netw. 16, 6 (2020), 1550147720922731.Google ScholarCross Ref
- [99] . 2016. Position paper: Physical unclonable functions for IoT security. In 2nd ACM International Workshop on IoT Privacy, Trust, and Security. 10–13.Google Scholar
- [100] Hongmei He, Carsten Maple, Tim Watson, Ashutosh Tiwari, Jörn Mehnen, Yaochu Jin, and Bogdan Gabrys. 2016. The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing & other computational intelligence. In 2016 IEEE Congress on Evolutionary Computation (CEC’16). IEEE, 1015–1021.Google Scholar
- [101] . 2018. Analysis of vulnerabilities in MQTT security using Shodan API and implementation of its countermeasures via authentication and ACLs. In International Conference on Advances in Computing, Communications and Informatics (ICACCI’18). IEEE, 2244–2250.Google ScholarCross Ref
- [102] . 2008. The transport layer security (TLS) protocol version 1.2. (2008).Google Scholar
- [103] . 2020. A review on the study on MQTT security challenge. In IEEE International Conference on Smart Cloud (SmartCloud’20). IEEE, 128–133.Google ScholarCross Ref
- [104] . 2008. MQTT-S-A publish/subscribe protocol for wireless sensor networks. In 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE’08). IEEE, 791–798.Google ScholarCross Ref
- [105] . 2013. What is the difference between IEEE 802.15.4 and ZigBee wireless. Electron. Des. 22 (2013).Google Scholar
- [106] . 2018. Industrial IoT monitoring: Technologies and architecture proposal. Sensors 18, 10 (2018), 3568.Google ScholarCross Ref
- [107] . 2014. New security approach for ZigBee weaknesses. Procedia Comput. Sci. 37 (2014), 376–381.Google ScholarCross Ref
- [108] . 2017. IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things. Cisco Press.Google Scholar
- [109] . 2018. Security vulnerabilities in Bluetooth technology as used in IoT. J. Sensor Actuat. Netw. 7, 3 (2018), 28.Google ScholarCross Ref
- [110] . 2016. Bluetooth low energy in dense IoT environments. IEEE Commun. Mag. 54, 12 (2016), 30–36.Google ScholarDigital Library
- [111] . 2012. Analysis of Bluetooth threats and v4.0 security features. In International Conference on Computing, Communication and Applications. IEEE, 1–4.Google ScholarCross Ref
- [112] . 2016. Assessing vulnerabilities in Bluetooth Low Energy (BLE) wireless network based IoT systems. In IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity’16), IEEE International Conference on High Performance and Smart Computing (HPSC’16), and IEEE International Conference on Intelligent Data and Security (IDS’16). IEEE, 42–48.Google ScholarCross Ref
- [113] . 2004. Security considerations for IEEE 802.15.4 networks. In 3rd ACM Workshop on Wireless Security. 32–42.Google Scholar
- [114] . 2009. Security considerations for the WirelessHART protocol. In IEEE Conference on Emerging Technologies & Factory Automation. IEEE, 1–8.Google ScholarCross Ref
- [115] . 2018. IIC endpoint security best practices. Guide d’usage, Industrial Internet Consortium (2018). https://www.iiconsortium.org/pdf/Endpoint_Security_Best_Practices_Final_Mar_2018.pdfGoogle Scholar
- [116] . 2017. OpenFog reference architecture for fog computing. OPFRA001 20817 (2017), 162.Google Scholar
- [117] . 2016. 29115: 2013 information technology–Security techniques–Entity authentication assurance framework, 2013. ISO.org 1, 1 (2016), 1–30.Google Scholar
- [118] . 2020. 62443: 2020 standard specifies security capabilities for control system components. ISA.org 1, 1 (2020), 1–30.Google Scholar
- [119] . 2011. 24760: 2011 information technology–Security techniques–A framework for identity management assurance framework, 2011. ISO.org 1, 1 (2011), 1–30.Google Scholar
- [120] . 2019. NISTSP800-82: 2015 Guide to Industrial Control Systems (ICS) security. NIST.gov 1, 1 (2019), 1–247.Google Scholar
- [121] . 2014. NIST: 2014 National Institute of Standards and Technology (NIST): Framework for improving critical infrastructure cybersecurity, version 1.0, National Institute of Standards and Technology. ISO.org 1, 1 (2014), 1–30.Google Scholar
- [122] . 2014. NISTIR-7628: 2014 guidelines for smart grid cybersecurity—Smart grid cybersecurity strategy, architecture, and high-level requirements. NIST.gov 1, 1 (2014), 2–668.Google Scholar
- [123] . 2019. NIST: 2019 Securing the Industrial Internet of Things. NIST.gov 1, 1 (2019), 1–30.Google Scholar
- [124] . 2020. An ISO-compliant test procedure for technical risk analyses of IoT systems based on STRIDE. In IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC’20). IEEE, 499–504.Google ScholarCross Ref
- [125] . 2020. Robust and lightweight key exchange (LKE) protocol for Industry 4.0. IEEE Access 8 (2020), 132808–132824.Google ScholarCross Ref
- [126] . 2017. Lightweight & secure industrial IoT communications via the MQ telemetry transport protocol. In IEEE Symposium on Computers and Communications (ISCC’17). IEEE, 1193–1200.Google Scholar
- [127] . 2018. Provably secure and lightweight certificateless signature scheme for IIoT environments. IEEE Trans. Industr. Inform. 14, 8 (2018), 3701–3711.Google ScholarCross Ref
- [128] . 2018. SDN-enabled multi-attribute-based secure communication for smart grid in IIoT environment. IEEE Trans. Industr. Inform. 14, 6 (2018), 2629–2640.Google ScholarCross Ref
- [129] . 2019. Faster authenticated key agreement with perfect forward secrecy for Industrial Internet-of-Things. IEEE Trans. Industr. Inform. 16, 10 (2019), 6584–6596.Google ScholarCross Ref
- [130] Zengpeng Li, Zheng Yang, Pawel Szalachowski, and Jianying Zhou. 2020. Building low-interactivity multifactor authenticated key exchange for industrial internet of things. IEEE Internet of Things Journal 8, 2 (2020), 844–859.Google Scholar
- [131] . 2018. Hybrid keyword-field search with efficient key management for Industrial Internet of Things. IEEE Trans. Industr. Inform. 15, 6 (2018), 3206–3217.Google ScholarCross Ref
- [132] . 2019. Enhanced authentication and key management scheme for securing data transmission in the internet of things. Ad Hoc Netw. 94 (2019), 101948.Google ScholarDigital Library
- [133] . 2018. Security and privacy for the Industrial Internet of Things: An overview of approaches to safeguarding endpoints. IEEE Sig. Process. Mag. 35, 5 (2018), 76–87.Google ScholarCross Ref
- [134] . 2023. On the performance of consensus mechanisms in privacy-enabled decentralized peer-to-peer renewable energy marketplace. In 26th Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN’23). IEEE, 179–186.Google ScholarCross Ref
- [135] Roman-Valentyn Tkachuk, Dragos Ilie, Remi Robert, Victor Kebande, and Kurt Tutschku. 2023. Towards efficient privacy and trust in decentralized blockchain-based peer-to-peer renewable energy marketplace. Sustainable Energy, Grids and Networks 35 (2023), 101146.Google Scholar
- [136] . 2018. Blockchain-enabled data collection and sharing for industrial IoT with deep reinforcement learning. IEEE Trans. Industr. Inform. 15, 6 (2018), 3516–3526.Google ScholarCross Ref
- [137] . 2019. A blockchain-based nonrepudiation network computing service scheme for industrial IoT. IEEE Trans. Industr. Inform. 15, 6 (2019), 3632–3641.Google ScholarCross Ref
- [138] Ningjie Gao, Ru Huo, Shuo Wang, Tao Huang, and Yunjie Liu. 2021. Sharding-hashgraph: A high-performance blockchain-based framework for industrial internet of things with hashgraph mechanism. IEEE Internet of Things Journal 9, 18 (2021), 17070–17079.Google Scholar
- [139] . 2019. Towards secure industrial IoT: Blockchain system with credit-based consensus mechanism. IEEE Trans. Industr. Inform. 15, 6 (2019), 3680–3689.Google ScholarCross Ref
- [140] . 2019. Blockchain applications for Industry 4.0 and industrial IoT: A review. IEEE Access 7 (2019), 176935–176951.Google ScholarCross Ref
- [141] . 2020. BlockEdge: Blockchain-edge framework for industrial IoT networks. IEEE Access 8 (2020), 154166–154185.Google ScholarCross Ref
- [142] S. Zhao, S. Li, and Y. Yao. 2019. Blockchain enabled industrial internet of things technology. IEEE Transactions on Computational Social Systems 6, 6 (2019), 1442–1453.Google Scholar
- [143] . 2019. Technical aspects of blockchain and IoT. In Advances in Computers. Vol. 115. Elsevier, 1–39.Google Scholar
- [144] . 2020. Edge computing in Industrial Internet of Things: Architecture, advances and challenges. IEEE Commun. Surv. Tutor. 22, 4 (2020), 2462–2488.Google ScholarCross Ref
- [145] . 2018. Secure data storage and searching for industrial IoT by integrating fog computing and cloud computing. IEEE Trans. Industr. Inform. 14, 10 (2018), 4519–4528.Google ScholarCross Ref
- [146] . 2012. Managing intrusion detection as a service in cloud networks. Int. J. Comput. Applic. 41, 1 (2012).Google ScholarCross Ref
- [147] . 2013. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib. Syst. 25, 2 (2013), 468–477.Google Scholar
- [148] . 2018. Cybersecurity challenges and opportunities in the new “edge computing+ IoT” world. In ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. 29–32.Google Scholar
- [149] . 2015. Security in cloud computing: Opportunities and challenges. Inf. Sci. 305 (2015), 357–383.Google ScholarDigital Library
- [150] . 2017. Cloud security issues and challenges: A survey. J. Netw. Comput. Applic. 79 (2017), 88–115.Google ScholarDigital Library
- [151] . 2015. Low-energy security: Limits and opportunities in the internet of things. IEEE Secur. Privac. 13, 1 (2015), 14–21.Google ScholarDigital Library
- [152] . 2015. Improving network security monitoring for industrial control systems. In IFIP/IEEE International Symposium on Integrated Network Management (IM’15). IEEE, 878–881.Google Scholar
- [153] . 2017. SCADA system forensic analysis within IIoT. In Cybersecurity for Industry 4.0. Springer, 73–101.Google ScholarCross Ref
- [154] . 2019. Industrial IoT cross-layer forensic investigation. Wiley Interdiscip. Rev.: Forens. Sci. 1, 1 (2019), e1322.Google ScholarCross Ref
- [155] . 2018. IoT forensics: Challenges for the IoA era. In 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS’18). IEEE, 1–5.Google ScholarCross Ref
- [156] . 2018. IoT-forensics meets privacy: Towards cooperative digital investigations. Sensors 18, 2 (2018), 492.Google ScholarCross Ref
- [157] . 2019. IoT forensics: Amazon Echo as a use case. IEEE Internet Things J. 6, 4 (2019), 6487–6497.Google ScholarCross Ref
- [158] . 2017. Forensic state acquisition from internet of things (FSAIoT) a general framework and practical approach for IoT forensics through IoT device state acquisition. In 12th International Conference on Availability, Reliability and Security. 1–11.Google ScholarDigital Library
- [159] . 2019. Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges. Fut. Gen. Comput. Syst. 92 (2019), 265–275.Google ScholarDigital Library
- [160] . 2020. DistLog: A distributed logging scheme for IoT forensics. Ad Hoc Netw. 98 (2020), 102061.Google ScholarDigital Library
- [161] . 2015. FAIoT: Towards building a forensics aware eco system for the internet of things. In IEEE International Conference on Services Computing. IEEE, 279–284.Google ScholarDigital Library
- [162] . 2019. IoT ignorance is digital forensics research bliss: A survey to understand IoT forensics definitions, challenges and future research directions. In 14th International Conference on Availability, Reliability and Security. 1–15.Google ScholarDigital Library
- [163] . 2018. A fog-based digital forensics investigation framework for IoT systems. In IEEE International Conference on Smart Cloud (SmartCloud’18). IEEE, 196–201.Google ScholarCross Ref
- [164] . 2018. Internet of Things security and forensics: Challenges and opportunities. (2018).Google Scholar
- [165] A. Alenezi, H. Atlam, R. Alsagri, M. Alassafi and G. Wills. 2019. IoT forensics: A state-of-the-art review, callenges and future directions. In Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk. 92277.Google Scholar
- [166] . 2020. Evidence identification and acquisition based on network link in an internet of things environment. In Conference on Complex, Intelligent, and Software Intensive Systems. Springer, 163–173.Google Scholar
- [167] . 2020. Cyber forensics framework for big data analytics in IoT environment using machine learning. Multim. Tools Applic. 79, 23 (2020), 15881–15900.Google ScholarCross Ref
- [168] . 2020. A logging model for enabling digital forensics in IoT, in an inter-connected IoT, cloud eco-systems. In 4th World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4’20). IEEE, 478–483.Google ScholarCross Ref
- [169] . 2020. Quantifying the need for supervised machine learning in conducting live forensic analysis of emergent configurations (ECO) in IoT environments. Forens. Sci. Int.: Rep. 2 (2020), 100122.Google ScholarCross Ref
- [170] . 2018. Towards an integrated digital forensic investigation framework for an IoT-based ecosystem. In IEEE International Conference on Smart Internet of Things (SmartIoT’18). IEEE, 93–98.Google ScholarCross Ref
- [171] . 2018. FIF-IoT: A forensic investigation framework for IoT using a public digital ledger. In IEEE International Congress on Internet of Things (ICIOT’18). IEEE, 33–40.Google Scholar
- [172] . 2013. The forensics edge management system: A concept and design. In IEEE 10th International Conference on Ubiquitous Intelligence and Computing and IEEE 10th International Conference on Autonomic and Trusted Computing. IEEE, 544–550.Google ScholarDigital Library
- [173] . 2017. Application-specific digital forensics investigative model in internet of things (IoT). In 12th International Conference on Availability, Reliability and Security. 1–7.Google ScholarDigital Library
- [174] . 2017. A new digital forensics model of smart city automated vehicles. In IEEE International Conference on Internet of Things (iThings’17) and IEEE Green Computing and Communications (GreenCom’17) and IEEE Cyber, Physical and Social Computing (CPSCom’17) and IEEE Smart Data (SmartData’17). IEEE, 274–279.Google ScholarCross Ref
- [175] . 2017. An improved digital evidence acquisition model for the internet of things forensic I: A theoretical framework. In 5th International Symposium on Digital Forensic and Security (ISDFS’17). IEEE, 1–6.Google Scholar
- [176] . 2015. Internet of things (IoT) digital forensic investigation model: Top-down forensic approach methodology. In 5th International Conference on Digital Information Processing and Communications (ICDIPC’15). IEEE, 19–23.Google ScholarCross Ref
- [177] . 2013. Internet of things forensics: Challenges and approaches. In 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing. IEEE, 608–615.Google ScholarCross Ref
- [178] . 2018. A framework for IoT data acquisition and forensics analysis. In IEEE International Conference on Big Data (Big Data’18). IEEE, 5142–5146.Google ScholarCross Ref
- [179] . 2017. Digital forensic approaches for Amazon Alexa ecosystem. Digit. Investig. 22 (2017), S15–S25.Google ScholarDigital Library
- [180] . 2018. IoT device forensics and data reduction. IEEE Access 6 (2018), 47566–47574.Google ScholarCross Ref
- [181] . 2020. Forensic analysis for IoT fitness trackers and its application. Peer-to-Peer Netw. Applic. 13, 2 (2020), 564–573.Google ScholarCross Ref
- [182] . 2019. A comprehensive review of RFID and Bluetooth security: Practical analysis. Technologies 7, 1 (2019), 15.Google ScholarCross Ref
- [183] . 2004. Security considerations for IEEE 802.15.4 networks. In 3rd ACM Workshop on Wireless Security. 32–42.Google Scholar
- [184] . 2017. Small-cell assisted secure traffic offloading for narrowband internet of thing (NB-IoT) systems. IEEE Internet Things J. 5, 3 (2017), 1516–1526.Google ScholarCross Ref
- [185] Phillip Rogaway. 2011. Evaluation of some blockcipher modes of operation. Cryptography Research and Evaluation Committees (CRYPTREC) for the Government of Japan 630 (2011).Google Scholar
- [186] . 2017. Attack scenarios and security analysis of MQTT communication protocol in IoT system. In 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI’17). IEEE, 1–6.Google ScholarCross Ref
- [187] . 2013. Cloning physically unclonable functions. In IEEE International Symposium on Hardware-Oriented Security and Trust (HOST’13). IEEE, 1–6.Google Scholar
- [188] Victor Rigworo Kebande. 2023. On the need for standardizing industrial Internet of Things (IIoT) Forensics Processes. Google ScholarCross Ref
Index Terms
- Industrial Internet of Things Ecosystems Security and Digital Forensics: Achievements, Open Challenges, and Future Directions
Recommendations
Internet of Things security
The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the ...
Application-Specific Digital Forensics Investigative Model in Internet of Things (IoT)
ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and SecurityBesides its enormous benefits to the industry and community the Internet of Things (IoT) has introduced unique security challenges to its enablers and adopters. As the trend in cybersecurity threats continue to grow, it is likely to influence IoT ...
Toward an Improved Security Performance of Industrial Internet of Things Systems
AbstractThe Internet of Things (IoT) has evolved to the point that modern enterprises may now deploy large-scale IoT ecosystems, such as the Industrial Internet of Things (IIoT) (IIoT). The IIoT is susceptible to many cyber-attacks that hacker may use to ...
Comments