Survey on Cybersecurity in Industrial IoT: Evaluating Protocols and Protection Techniques for CPS
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V5I3P119Keywords:
Industrial Internet of Things (IIoT), Cybersecurity, Security Protocols, Cyber Physical System, Data Confidentiality, Access ControlAbstract
The adoption of technologies related to Industrial Internet of Things (IIoT) in critical infrastructure has greatly enhanced the connectivity of the system, thus exposing more areas of the cyber-attack to the industrial cyber-physical systems (CPS). Secure, reliable and safe functioning has thus become an urgent research requirement. This paper provides an overview of cybersecurity in IIoT settings, specifically focusing on communication protocols, architecture layers, and vulnerabilities, as well as protection strategies of CPS. The paper critically analyzes IIoT security architecture, the fundamental requirements, including confidentiality, integrity and availability, and real-time safety limits of industrial systems. Cyber dangers such device, data, privacy, and network attacks are considered with the usual design characteristics of industrial communication standards. Besides, the current protection means, including access control, intrusion detection, anomaly monitoring, and data protection strategies are discussed. The analysis points to the existing problems associated with scaling, heterogeneity, and complexity of the deployment, and synthesizes the latest literature findings to facilitate a secure and resilient IIoT-based CPS deployments.
References
[1] B.D.Jadhav, “Industrial Process Control System Using Iot,” IJCRT, vol. 6, no. 2, pp. 323–326, 2018.
[2] E. Sisinni, A. Saifullah, S. Han, U. Jennehag, and M. Gidlund, “Industrial internet of things: Challenges, opportunities, and directions,” IEEE Trans. Ind. Informatics, vol. 14, no. 11, pp. 4724–4734, 2018, doi: 10.1109/TII.2018.2852491.
[3] A.-R. Sadeghi, C. Wachsmann, and M. Waidner, “Security and privacy challenges in industrial internet of things,” in Proceedings of the 52nd Annual Design Automation Conference, Jun. 2015, pp. 1–6. doi: 10.1145/2744769.2747942.
[4] P. Pathak, A. Shrivastava, and S. Gupta, “A survey on various security issues in delay tolerant networks,” J Adv Shell Progr., vol. 2, no. 2, pp. 12–18, 2015.
[5] M. A. Khan and K. Salah, “IoT security: Review, blockchain solutions, and open challenges,” Futur. Gener. Comput. Syst., vol. 82, pp. 395–411, May 2018, doi: 10.1016/j.future.2017.11.022.
[6] I. Friedberg, K. McLaughlin, P. Smith, D. Laverty, and S. Sezer, “STPA-SafeSec: Safety and security analysis for cyber-physical systems,” J. Inf. Secur. Appl., vol. 34, pp. 183–196, Jun. 2017, doi: 10.1016/j.jisa.2016.05.008.
[7] H. Xu, W. Yu, D. Griffith, and N. Golmie, “NIST Author Manuscript A Survey on Industrial Internet of Things : A Cyber-Physical,” onal Inst. Stand. Technol., 2018, doi: 10.1109/access.2018.2884906.A.
[8] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Futur. Gener. Comput. Syst., vol. 29, no. 7, pp. 1645–1660, Sep. 2013, doi: 10.1016/j.future.2013.01.010.
[9] L. Atzori, A. Iera, and G. Morabito, “The Internet of Things: A survey,” Comput. Networks, vol. 54, no. 15, pp. 2787–2805, Oct. 2010, doi: 10.1016/j.comnet.2010.05.010.
[10] T. Nagasaka, K. Yubai, and J. Hirai, “Design of track-following controller satisfying robust performance condition on Nyquist diagram,” in IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society, 2011, pp. 3358–3363. doi: 10.1109/IECON.2011.6119851.
[11] V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal, and B. Sikdar, “A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures,” IEEE Access, vol. 7, pp. 82721–82743, 2019, doi: 10.1109/ACCESS.2019.2924045.
[12] L. Yu, J. Qiu, K. Liu, and Z. Tu, “Model analysis and simulation of a novel self-triggering linear transformer driver,” IEEE Trans. Dielectr. Electr. Insul., vol. 22, no. 4, pp. 1924–1929, 2015, doi: 10.1109/TDEI.2015.004967.
[13] E. A. Lee, “Cyber Physical Systems: Design Challenges,” in 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), 2008, pp. 363–369. doi: 10.1109/ISORC.2008.25.
[14] H. Chen, M. Hu, H. Yan, and P. Yu, “Research on industrial internet of things security architecture and protection strategy,” in Proceedings - 2019 International Conference on Virtual Reality and Intelligent Systems, ICVRIS 2019, 2019. doi: 10.1109/ICVRIS.2019.00095.
[15] S. Malallah, Y. Zalah, and R. Karne, “An Analysis of the Advanced Encryption Standard and Threats Associated,” 2018, doi: 10.13140/RG.2.2.34873.88168.
[16] A. D. Jurcut, C. Tom, R. Dojen, and R. Gyorodi, “Security Protocol Design: A Case Study Using Key Distribution Protocols,” J. Comput. Sci. Control Syst., vol. 2, 2009.
[17] V. M. L. G. Nerella, “Automated cross-platform database migration and high availability implementation,” Turkish J. Comput. Math. Educ., vol. 9, no. 2, pp. 823–835, 2018.
[18] X. Li, X. Liang, R. Lu, X. Shen, X. Lin, and H. Zhu, “Securing smart grid: cyber attacks, countermeasures, and challenges,” IEEE Commun. Mag., vol. 50, no. 8, pp. 38–45, 2012, doi: 10.1109/MCOM.2012.6257525.
[19] K. Kimani, V. Oduol, and K. Langat, “Cyber security challenges for IoT-based smart grid networks,” Int. J. Crit. Infrastruct. Prot., vol. 25, pp. 36–49, Jun. 2019, doi: 10.1016/j.ijcip.2019.01.001.
[20] K. Boeckl et al., “Considerations for managing Internet of Things (IoT) cybersecurity and privacy risks,” Gaithersburg, MD, Jun. 2019. doi: 10.6028/NIST.IR.8228.
[21] S. Garg, “Anomaly Detection And Event Correlation In Saas Operations,” Int. J. Core Eng. Manag., vol. 6, no. 4, 2019, doi: 10.5281/zenodo.17109813.
[22] Y. Lu and L. Da Xu, “Internet of things (IoT) cybersecurity research: A review of current research topics,” IEEE Internet Things J., 2019, doi: 10.1109/JIOT.2018.2869847.
[23] A. Roukounaki, S. Efremidis, J. Soldatos, J. Neises, T. Walloschke, and N. Kefalakis, “Scalable and Configurable End-to-End Collection and Analysis of IoT Security Data : Towards End-to-End Security in IoT Systems,” in 2019 Global IoT Summit (GIoTS), 2019, pp. 1–6. doi: 10.1109/GIOTS.2019.8766407.
[24] J. Webb and D. Hume, “Campus IoT collaboration and governance using the NIST cybersecurity framework,” in Living in the Internet of Things: Cybersecurity of the IoT - 2018, 2018, pp. 1–7. doi: 10.1049/cp.2018.0025.
[25] K. P. Singh, V. Rishiwal, and P. Kumar, “Classification of Data to Enhance Data Security in Cloud Computing,” in 2018 3rd International Conference On Internet of Things: Smart Innovation and Usages (IoT-SIU), 2018, pp. 1–5. doi: 10.1109/IoT-SIU.2018.8519934.
[26] K. Sha, R. Errabelly, W. Wei, T. A. Yang, and Z. Wang, “EdgeSec: Design of an Edge Layer Security Service to Enhance IoT Security,” in 2017 IEEE 1st International Conference on Fog and Edge Computing (ICFEC), 2017, pp. 81–88. doi: 10.1109/ICFEC.2017.7.
[27] J. Furtak, Z. Zieliński, and J. Chudzikiewicz, “Security techniques for the WSN link layer within military IoT,” in 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), 2016, pp. 233–238. doi: 10.1109/WF-IoT.2016.7845508.
[28] M. Irshad, “A Systematic Review of Information Security Frameworks in the Internet of Things (IoT),” in 2016 IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC/SmartCity/DSS), 2016, pp. 1270–1275. doi: 10.1109/HPCC-SmartCity-DSS.2016.0180.
[29] Mamidala, J. V., Enokkaren, S. J., Attipalli, A., Bitkuri, V., Kendyala, R., & Kurma, J. (2023). Machine Learning Models Powered by Big Data for Health Insurance Expense Forecasting. International Research Journal of Economics and Management Studies IRJEMS, 2(1).
[30] Nadella, V. M. (2023). Zero Trust Architecture for Telecom Operations. International Journal of Emerging Research in Engineering and Technology, 4(3), 115-129.
[31] Bitkuri, V., Kendyala, R., Kurma, J., Enokkaren, S. J., & Mamidala, J. V. (2023). Forecasting Stock Price Movements With Deep Learning Models for time Series Data Analysis. Journal of Artificial Intelligence & Cloud Computing. SRC/JAICC-531. DOI: doi. org/10.47363/JAICC/2023 (2), 489, 2-9.
[32] Nadella, V. M. (2023). Anomaly Detection and Fault Prediction using ML in Telecom Operations. International Journal of Emerging Trends in Computer Science and Information Technology, 4(3), 134-143.
[33] Kosaraju, P., & Nadella, V. M. (2022). Security and Privacy in IoT Ecosystems. Universal Library of Engineering Technology, (Issue).
[34] Singh, A. A. S. S., Mania, V., Kothamaram, R. R., Rajendran, D., Namburi, V. D. N., & Tamilmani, V. (2023). Exploration of Java-Based Big Data Frameworks: Architecture, Challenges, and Opportunities. Journal of Artificial Intelligence & Cloud Computing, 2(4), 1-8.
[35] Routhu, K. K. (2023). AI-driven succession planning in Oracle HCM Cloud: Building resilient leadership pipelines through predictive analytics. International Journal of Science, Engineering and Technology, 11(5).
[36] Tamilmani, V., Namburi, V. D., Singh Singh, A. A., Maniar, V., Kothamaram, R. R., & Rajendran, D. (2023). Real-Time Identification of Phishing Websites Using Advanced Machine Learning Methods. Available at SSRN 5837142.
[37] Routhu, K. K. (2023). AI-driven succession planning in Oracle HCM Cloud: Building resilient leadership pipelines through predictive analytics. International Journal of Science, Engineering and Technology, 11(5). https://doi.org/10.5281/zenodo.17292018
[38] From Fragmentation to Focus: The Benefits of Centralizing Procurement. (2023). International Journal of Research and Applied Innovations, 6(6), 9820-9833. https://doi.org/10.15662/
[39] Routhu, K. K. (2023). Embedding fairness into the digital enterprise, data driven DEI strategies with Oracle HCM Analytics. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 9(8), 266-274.
[40] Routhu, K. K. (2023). AI-driven skills forecasting in Oracle HCM Cloud: From static competencies to predictive workforce design. International Journal of Science, Engineering and Technology, 11(1).
[41] Padur, S. K. R. (2023). AI-Augmented Enterprise ERP Modernization: Zero-Downtime Strategies for Oracle E-Business Suite R12. 2 and Beyond. Available at SSRN 5605510.
[42] Routhu, K. K. (2022). From Case Management to Conversational HR: Redefining Help Desks with Oracle’s AI and NLP Framework. International Journal of Science, Engineering and Technology, 10(6).
[43] Vattikonda, N., Gupta, A. K., Polu, A. R., Narra, B., Buddula, D. V. K. R., & Patchipulusu, H. H. S. (2022). Blockchain Technology in Supply Chain and Logistics: A Comprehensive Review of Applications, Challenges, and Innovations. International Journal of Emerging Trends in Computer Science and Information Technology, 3(3), 72-80.
[44] Attipalli, A., BITKURI, V., Mamidala, J. V., Kendyala, R., & KURMA, J. (2022). Empowering Cloud Security with Artificial Intelligence: Detecting Threats Using Advanced Machine learning Technologies. Available at SSRN 5741263.
[45] Padur, S. K. R. (2022). Intelligent resource management: AI methods for predictive workload forecasting in cloud data centers. J. Artif. Intell. Mach. Learn. & Data Sci, 1(1), 2936-2941.
[46] Nadella, V. M. (2022). Digital Twins for Predictive Network Management and System Simulation. International Journal of AI, BigData, Computational and Management Studies, 3(3), 100-111.
[47] Routhu, K. K. (2022). From RFID to Geofencing: IoT-Enabled Smart Time Tracking in Oracle HCM Cloud. International Journal of Science, Engineering and Technology, 10(4).
[48] Nadella, V. (2019). Extracting road traffic data through video analysis using automatic camera calibration and deep neural networks.
[49] Polam, R. M., Kamarthapu, B., Kakani, A. B., Nandiraju, S. K. K., Chundru, S. K., & Vangala, S. R. (2022). Data Security in Cloud Computing: Encryption, Zero Trust, and Homomorphic Encryption. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 31-41.
[50] Padur, S. K. R. (2022). AI augmented platform engineering, transforming developer experience through intelligent automation and self optimizing internal platforms. International Journal of Science, Engineering and Technology, 10(5), 10-5281.
[51] Kosaraju, P. , & Nadella, V. M. (2021). Quality of Experience (QoE) and Network Performance Modelling for Multimedia Traffic. Journal of Artificial Intelligence and Big Data, 1(1), 1-13. https://doi.org/10.31586/jaibd.2021.1358.
