EEJournal

feature article
Subscribe Now
September 19, 2016

Interim Industrial Security

Icon Labs Firewalls Grandpa Equipment
by Bryon Moyer

The Internet of Things used to be a topic involving more questions than answers. How should we organize the network? What type of sensors? What type of communication? How to store data? Where to store data? Cloud or fog or both?

While I’m not going to suggest that all of those questions have been answered to everyone’s satisfaction (actually, they have been, many different ways, but there’s obviously not universal agreement on those answers), most questions have been muted as compared to the one big remaining question still being shouted from the rooftops: “How do we secure the IoT?” (OK, there are probably some still asking, “Why do I need to secure my IoT?” but we’re not going to tackle that today.)

We’ve spent oodles of pages on the topic in the past, but that was more about background and basics. Specific solutions are still rolling out, and, often, they deal not with grand solutions to everything, but rather with specific use cases that have their own needs. Such will be today’s discussion.

Because the IoT as a notion is so new, much focus is placed on designing new equipment. Might be edge nodes, brokers, local servers, cloud servers… anything that’s going to participate in the grand IoT party. A security discussion for such devices then takes on a number of guises.

  • For edge devices, there are obvious questions about how many computing resources are available. Can a simple, less-than-$100 unit (retail) handle the complexities of public key exchange, certificates, and all the other bureaucracy that good security claims to require?
  • Middle-of-the-IoT devices (hubs, brokers, set-top boxes, local servers) end up getting some of the burden of deciding who else gets to play on the network. They have roles as gatekeepers, interrogating and challenging would-be entrants to the network. Is that latest sensor node groupie to arrive at the stage door on the VIP list, or is it crashing the party?
  • If we’re talking about a cloud server, then it’s assumed to have good security built-in. But does it? Seems to be a lot of those getting hacked lately. And is response time quick enough for the cloud server to act as the network gatekeeper?

Ultimately, the answers to these questions, determined network-by-network, result in security stacks in all those boxes, with each box having a stack that’s suitable for the resources available. Some of the stack might even be provided by hardware, since there are chips that can handle some of the gnarlier algorithmic stuff and protect keys far better and faster than software can. And so new systems come out that are secure. (Until someone proves them not.)

Of course, specifics are going to vary by application. Consumer-oriented devices have to last as long as, oh, until the new pretty powder-blue version comes out. Or perhaps until someone comes up with the brilliant idea to eliminate, say, a major audio I/O port because who needs to pay a few tens of dollars or less for audio earpieces when you can pay hundreds instead? Everyone will flock to that! So the solution to the prior model won’t need to last.

The industrial IoT (IIoT), on the other hand, is a rather different beast. If you want to annoy the manager of a manufacturing facility (your own or a foundry), just tell them that, for the next thing they need to build, they’re going to have to buy new equipment. That’s not how manufacturers like to do things. They like to buy equipment that’s going to allow plenty of time to depreciate, and then hopefully a lot longer after that, when the equipment is bought and paid for.

In addition to the costs involved in new capital equipment, it’s tough to argue for changes to the line – even if it involves no new machinery. Manufacturing lines have one job: manufacturing. Downtime for maintenance and upgrades are par for the course, but minimizing it is a high priority. A down line is a line not paying for itself. Making too many changes at once also raises the risk of some unanticipated side effect keeping the line down for longer than budgeted. And nobody wants that.

Working the IoT into such a factory may not come as a requirement of some specific new product that’s going to be built, but it is a change with real implications to capital equipment. No one is going to throw everything out and replace it with new; existing equipment, and its automation, will continue as always, even if designed back in the ‘80s. “If it ain’t broke, then we ain’t going broke buying new equipment when the old is just fine.”

So you leave those venerable old PLCs in place. Perhaps you add sensors elsewhere to monitor temperature, vibration, and other indicators of equipment health. Then, when you need to replace something for some other reason, you can consider a sexier model with lots of IoTness built in.

That’s all well and good, but how do you secure this stuff? When deciding where to add sensors and other sources of intelligence, you can make decisions case by case, beefing up the network where necessary, and leaving it alone where it’s too hard or too expensive to replace. But security? That’s sort of an all-or-nothing affair.

Any new sensor nodes you add can be secure (although today, it’s not guaranteed that they will be… but let’s assume so). You can beef up your servers and hubs and routers so that they meet modern security standards. Maybe through upgrade, maybe through replacement. They’re not super expensive (although they add up).

But what are you going to do about those older parts of the network – machines, sensors, etc. – that were installed before security was a thing? That’s where the real money is. But with security, you really can’t simply say, “Oh, we’ll get to that when we replace them in 5 years” the way you can with other equipment decisions. During those 5 years, the unprotected nodes will be an invitation to enter not by the back door, where that beefy bouncer stands guard with that all-important VIP list, but via the side door that everyone forgot about.

These old machines are like a stubborn old grandpa, still in his childhood home while the neighborhood gets turned into a mall*. And he’s still got plenty of useful years left. So he’s staying put, nothing’s going to make him move except six bodies and a box. So how do you integrate grandpa into the new neighborhood rather than forcing him out?

In other words, how do you lock those parts of the network down without replacing the grandpa equipment? There is at least one solution to this very specific application from Icon Labs. They call it Floodgate Defender, and it’s a hardware appliance that does all of those things that a security stack in new equipment would do. It’s basically a small, standalone firewall.

Floodgate_defender.jpg 

(Image courtesy Icon Labs)

Obviously, separate firewalls aren’t new; there are presumably racks of them floating up in the Cloud. But those cost lots of money and are way overkill for simply protecting a little piece of equipment. So this is a small unit, with Ethernet in and Ethernet out, that you add as a bump in the wire. Unplug the Ethernet from your equipment, and insert the firewall in between. Of course, this does mean that grandpa can’t be so old that he doesn’t even have a network connection. This works perhaps better for septuagenarians rather than centenarians – grandpas with network connections, but without security.

Configured in the default mode, your equipment is now protected from the network; if someone is prowling about, the firewall will stop them before they can monkey with your machinery. While useful, that’s frankly a scenario opposite to the one I tend to think in terms of, where the edge node becomes a possible point of entry to the network. So, is the firewall protecting the edge node from the network, or is it protecting the network from the edge node?

In this case, the answer turns out to be both. The device can be configured to protect in both directions, although you have to make sure to set that configuration up.

Presumably, in the future, when you replace the equipment that you’ve isolated with the mini-firewall, then you will do so with a device with built-in firewall capabilities, and you can decommission the external firewall. Or not; maybe it’s just as easy to keep the manufacturing line humming along with as few changes as possible (since those changes all too often come with unanticipated consequences). Just as long as everyone stays off the lawn.

 

*Sorry, I’m having trouble picking one metaphor and sticking to it… Actually, this particular one was a simile… for anyone that was planning a grammar-correction post…

 

More info:

Icon Labs Floodgate Defender

 

One thought on “Interim Industrial Security”

Leave a Reply

featured blogs
BoardSurfers: Training Insights: Design Effortlessly Using Structures in Allegro X
Apr 25, 2024
Structures in Allegro X layout editors let you create reusable building blocks for your PCBs, saving you time and ensuring consistency. What are Structures? Structures are pre-defined groups of design objects, such as vias, connecting lines (clines), and shapes. You can combi...
More from Cadence...
Want to Mix and Match Dies in a Single Package? UCIe Can Get You There
Apr 25, 2024
See how the UCIe protocol creates multi-die chips by connecting chiplets from different vendors and nodes, and learn about the role of IP and specifications.The post Want to Mix and Match Dies in a Single Package? UCIe Can Get You There appeared first on Chip Design....
More from Synopsys...
One Robotic Step Closer to Humanoid Robots in the Home
Apr 18, 2024
Are you ready for a revolution in robotic technology (as opposed to a robotic revolution, of course)?...
More from Max's Cool Beans...

featured video

How MediaTek Optimizes SI Design with Cadence Optimality Explorer and Clarity 3D Solver

Sponsored by Cadence Design Systems

In the era of 5G/6G communication, signal integrity (SI) design considerations are important in high-speed interface design. MediaTek’s design process usually relies on human intuition, but with Cadence’s Optimality Intelligent System Explorer and Clarity 3D Solver, they’ve increased design productivity by 75X. The Optimality Explorer’s AI technology not only improves productivity, but also provides helpful insights and answers.

Learn how MediaTek uses Cadence tools in SI design

featured paper

Designing Robust 5G Power Amplifiers for the Real World

Sponsored by Keysight

Simulating 5G power amplifier (PA) designs at the component and system levels with authentic modulation and high-fidelity behavioral models increases predictability, lowers risk, and shrinks schedules. Simulation software enables multi-technology layout and multi-domain analysis, evaluating the impacts of 5G PA design choices while delivering accurate results in a single virtual workspace. This application note delves into how authentic modulation enhances predictability and performance in 5G millimeter-wave systems.

Download now to revolutionize your design process.

featured chalk talk

PIC® and AVR® Microcontrollers Enable Low-Power Applications
Sponsored by Mouser Electronics and Microchip
In this episode of Chalk Talk, Amelia Dalton and Marc McComb from Microchip explore how Microchip’s PIC® and AVR® MCUs are a game changer when it comes to low power embedded designs. They investigate the benefits that the flexible signal routing, core independent peripherals, and Analog Peripheral Manager (APM) bring to modern embedded designs and how these microcontroller families can help you avoid a variety of pitfalls in your next design.
Click here for more information about Microchip Technology 8-Bit Low-Power PIC® & AVR® Microcontroller Tools
Jan 15, 2024
14,280 views