A Survey on Security Requirements, Threats and Protocols in Industrial Internet of Things

Year 2021, Volume: 10 Issue: 4, 138 - 152, 31.12.2021

Aykut Karakaya Ferhat Arat

Abstract

With the tremendous success and prevalence of the Internet of Things (IoT) consumer technologies are shifted to distinct areas. Therefore, the IoT paradigm is evoluting with people interactions by devices and applications. The Industrial Internet of Things (IIoT) is an form of this recent evolution. IIoT is emerged considering various components of industrial requirements such as automation, monitoring, management. Depending on aims such as large scalability, high cost minimization on manufacturing, safety and management, the IIoT technology provides many benefits. While huge scope and many advantages of this intelligent decision and analysis paradigm which termed as IIoT, it also hosts serious security issues such as threats and vulnerabilities. Although, many similarities with IoT security challenges such as lack of standardization and device characteristics, when considering scope of IIoT, security must tackle in different aspects. In this article, we examine the IIoT concept in terms of manufacturing domain. We investigate the relationship between IIoT and IoT and highlighted their differences at manufacturer/consumer point. We present a comprehensive security study on IIoT technology. We define the IIoT technology on security direction. We also summarize studies on literature over the period 2017-2022 on IIoT security, focusing in particular on the security challenges, attacks and issues. We presents security, threats, challenges and issues of IIoT systems considering all levels. Finally, we highlight IIoT protocols in terms of security aspect and we emphasize open problems.

Keywords

IIoT, Security, Threats, Protocols

Thanks

We thank Professor Sedat Akleylek for his valuable discussions.

References

• Bonomi, F., Milito, R., Zhu, J. & Addepalli, S. Fog Computing and Its Role in the Internet of Things. 150 INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE A. Karakaya et al., Vol.10, No.4, pp.138-152 Proceedings Of The First Edition Of The MCC. Workshop On Mobile Cloud Computing. pp. 13-16. https://doi.org/10.1145/2342509. 2342513, 2012.
• Chaudhary, D., Bhushan, K. Survey on DDoS attacks and defense mechanisms in cloud and fog computing. International Journal Of E-Services And Mobile Applications (IJESMA). 10, 61-83, 2018.
• Tange, K., De Donno, M., Fafoutis, X. & Dragoni, N. A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities. IEEE Communications Surveys Tutorials. 22, 2489-2520, 2020.
• Mukherjee, M., Matam, R., Shu, L., Maglaras, L., Ferrag, M., Choudhury, N. & Kumar, V. Security and Privacy in Fog Computing: Challenges. IEEE Access. 5 pp. 19293- 19304, 2017.
• Alrawais, A., Alhothaily, A., Hu, C. & Cheng, X. Fog computing for the internet of things: Security and privacy issues. IEEE Internet Computing. 21, 34-42, 2017.
• Bajramovic. Security Challenges and Best Practices for IIoT. INFORMATIK 2019: 50 Jahre Gesellschaft Für Informatik – Informatik Für Gesellschaft (Workshop-Beiträge). pp. 243-254, 2019.
• Tariq, U., Aseeri, A., Alkatheiri, M. & Zhuang, Y. ContextAware Autonomous Security Assertion for Industrial IoT. IEEE Access. 8 pp. 191785-191794, 2020.
• Gebremichael, T., Ledwaba, L., Eldefrawy, M., Hancke, G., Pereira, N., Gidlund, M. & Akerberg, J. Security and Privacy in the Industrial Internet of Things: Current Standards and Future Challenges. IEEE Access. 8 pp. 152351-152366, 2020.
• Sharmeen, S., Huda, S., Abawajy, J., Ismail, W. & Hassan, M. Malware Threats and Detection for Industrial MobileIoT Networks. IEEE Access. 6 pp. 15941-15957 (2018)
• Wang, T., Wang, P., Cai, S., Ma, Y., Liu, A. & Xie, M. A Unified Trustworthy Environment Establishment Based on Edge Computing in Industrial IoT. IEEE Transactions On Industrial Informatics. 16, 6083-6091, 2020.
• Wu, Y., Huang, H., Wu, Q., Liu, A. & Wang, T. A risk defense method based on microscopic state prediction with partial information observations in social networks. Journal Of Parallel And Distributed Computing. 131 pp. 189-199, 2019.
• Zhang, M., Chen, J., He, S., Yang, L., Gong, X. & Zhang, J. Privacy-Preserving Database Assisted Spectrum Access for Industrial Internet of Things: A Distributed Learning Approach. IEEE Transactions On Industrial Electronics. 67, 7094-7103, 2020.
• Makhdoom, I., Abolhasan, M., Lipman, J., Liu, R. & Ni, W. Anatomy of Threats to the Internet of Things. IEEE Communications Surveys Tutorials. 21, 1636-1675, 2019.
• Aras, E., Small, N., Ramachandran, G., Delbruel, S., Joosen, W. & Hughes, D. Selective jamming of LoRaWAN using commodity hardware. Proceedings Of The 14th EAI International Conference On Mobile And Ubiquitous Systems: Computing, Networking And Services. pp. 363-372, 2017.
• Le, A., Loo, J., Lasebae, A., Aiash, M. & Luo, Y. 6LoWPAN: a study on QoS security threats and countermeasures using intrusion detection system approach. International Journal Of Communication Systems. 25, 1189-1212, 2012.
• Khanji, S., Iqbal, F. & Hung, P. ZigBee Security Vulnerabilities: Exploration and Evaluating. 2019 10th International Conference On Information And Communication Systems (ICICS). pp. 52-57, 2019.
• Rahman, R. & Shah, B. Security analysis of IoT protocols: A focus in CoAP. 2016 3rd MEC International Conference On Big Data And Smart City (ICBDSC). pp. 1-7, 2016.
• Roselin, A., Nanda, P., Nepal, S., He, X. & Wright, J. Exploiting the Remote Server Access Support of CoAP Protocol. IEEE Internet Of Things Journal. 6, 9338-9349, 2019.
• Harsha, M., Bhavani, B. & Kundhavai, K. Analysis of vulnerabilities in MQTT security using Shodan API and implementation of its countermeasures via authentication and ACLs. 2018 International Conference On Advances In Computing, Communications And Informatics (ICACCI). pp. 2244-2250, 2018.
• Vaccari, I., Aiello, M. & Cambiaso, E. SlowITe, A Novel Denial of Service Attack Affecting MQTT. Sensors. https://www.mdpi.com/1424-8220/20/10/2932, 2020.
• Malik, M., McAteer, I., Hannay, P., Firdous, S. & Baig, Z. XMPP architecture and security challenges in an IoT ecosystem. Security Research Institute, Edith Cowan University, 2018.
• Naik, N. Choice of effective messaging protocols for IoT systems: MQTT, CoAP, AMQP and HTTP. 2017 IEEE International Systems Engineering Symposium (ISSE). pp. 1-7, 2017.
• McAteer, I., Malik, M., Baig, Z. & Hannay, P. Security vulnerabilities and cyber threat analysis of the AMQP protocol for the internet of things, 2017.
• White, T., Johnstone, M. & Peacock, M. An investigation into some security issues in the DDS messaging protocol. 2017.
• Boudouaia, M., Ali-Pacha, A., Abouaissa, A. & Lorenz, P. Security Against Rank Attack in RPL Protocol. IEEE Network. 34, 133-139, 2020.
• Kara, M. & Furat, M. Client-Server Based Authentication Against MITM Attack via Fast Communication for IIoT Devices. Balkan Journal Of Electrical And Computer Engineering. 6 pp. 88 - 93, 2018.
• Milinic, V. Investigating Security Issues in Industrial IoT: A Systematic Literature Review. Mälardalen University, School of Innovation, Design, 2021.
• Zhou, L., Guo, H. & Deng, G. A fog computing based 151 INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE A. Karakaya et al., Vol.10, No.4, pp.138-152 approach to DDoS mitigation in IIoT systems. Computers & Security. 85 pp. 51-62, 2019.
• Serror, M., Hack, S., Henze, M., Schuba, M. & Wehrle, K. Challenges and opportunities in securing the industrial internet of things. IEEE Transactions On Industrial Informatics. 17, 2985-2996, 2020.
• Zhou, L., Yeh, K., Hancke, G., Liu, Z. & Su, C. Security and privacy for the industrial internet of things: An overview of approaches to safeguarding endpoints. IEEE Signal Processing Magazine. 35, 76-87, 2018.
• An, X., Lü, X., Yang, L., Zhou, X. & Lin, F. Node state monitoring scheme in fog radio access networks for intrusion detection. IEEE Access. 7 pp. 21879-21888, 2019.
• Hussain, F., Hassan, S., Hussain, R. & Hossain, E. Machine learning for resource management in cellular and IoT networks: Potentials, current solutions, and open challenges. IEEE Communications Surveys & Tutorials. 22, 1251-1275, 2020.
• Ullah, F., Naeem, H., Jabbar, S., Khalid, S., Latif, M., Al-Turjman, F. & Mostarda, L. Cyber security threats detection in internet of things using deep learning approach. IEEE Access. 77 pp. 124379-124389, 2019.
• Xiong, J., Ma, R., Chen, L., Tian, Y., Li, Q., Liu, X. & Yao, Z. A personalized privacy protection framework for mobile crowdsensing in IIoT. IEEE Transactions On Industrial Informatics. 16, 4231-4241, 2019.
• Hassanzadeh, A., Modi, S. & Mulchandani, S. Towards effective security control assignment in the Industrial Internet of Things. 2015 IEEE 2nd World Forum On Internet Of Things (WF-IoT). pp. 795-800, 2015.
• Sisinni, E., Saifullah, A., Han, S., Jennehag, U. & Gidlund, M. Industrial internet of things: Challenges, opportunities, and directions. IEEE Transactions On Industrial Informatics. 14, 4724-4734, 2018.
• Jia, X., Feng, Q., Fan, T. & Lei, Q. RFID technology and its applications in Internet of Things (IoT). 2012 2nd International Conference On Consumer Electronics, Communications And Networks (CECNet). pp. 1282-1285, 2012.
• Atzori, L., Iera, A. & Morabito, G. The internet of things: A survey. Computer Networks. 54, 2787-2805 (2010)
• Liu, X., Zhao, M., Li, S., Zhang, F. & Trappe, W. A security framework for the internet of things in the future internet architecture. Future Internet. 9, 27, 2017.
• Lin, S. Industrial Internet Reference Architecture. Industrial Internet Consortium, 2015.
• Arat, F. & Akleylek, S. A Systematic Survey on Mobile Internet of Things Security. 14th International Information Security And Cryptology Conference, 2021.
• Taylor, K. 10 Examples of Industrial Internet of Things (IIoT) in Detail. HitechNectar, https://www.hitechnectar.com/blogs/examples-industrialinternet-of-things/, 2021.
• Sharma, V., You, I., Andersson, K., Palmieri, F., Rehmani, M. & Lim, J. Security, privacy and trust for smart mobile Internet of Things (M-IoT): A survey. IEEE Access. 8 pp. 167123-167163, 2020.
• Khalil, R., Saeed, N., Masood, M., Fard, Y., Alouini, M. & Al-Naffouri, T. Deep Learning in the Industrial Internet of Things: Potentials, Challenges, and Emerging Applications. IEEE Internet Of Things Journal, 2021.