Protecting Internet of Things from malicious attacks

Protecting Internet of Things from malicious attacks

This post is also available in: heעברית (Hebrew)

PDF2TrutedSystemsIn this day and age, when IoT (Internet of Things) is fast becoming a key feature of everyday life, any malicious strike and intentional attack on the internet’s global connectivity could seriously disrupt civilian routine and even undermine critical and vital military or government infrastructure.

Currently, and even more so in the future, online components, systems and devices interface among themselves, exchange data, coordinate activities and issue updates and alerts. Let’s take for example an irrigation system: it receives an updated weather forecast complete with precise precipitation data, according to which it executes controlled watering and reports the local water board about its water saving targets. The water board, in turn, receives the water consumption feedback and sends the customer his or her bill, which in turn, is paid automatically via credit, thereby balancing the account.

IoT connectivity is also involved in critical sectors (e.g., medical – patient monitors, tracking changes which may require automatic injection) and infrastructures (e.g., nuclear reactors’ or power stations’ computerized control systems).

Cyber attacks on private or national infrastructures, small and comprehensive alike, are being launched on a daily basis, sometimes en masse, with the direct intention to cause damage, disrupt activity or steal data. The capabilities, means and methods at the disposal of cyber criminals are highly diverse, regardless whether they are working for themselves or at the behest of criminal syndicates, terrorist organizations or countries.

Trusted Systems Seminar November 13 2014

PDF1TrutedSystems

Trusted Systems Technology is no longer a luxury at an age when computer networks run civilian, private and national lives, constituting the most critical foundations for energy supply, security systems, medical care, financial services, and so on.

At least part of the solution to the problem of open cyber which is prone to attacks by a highly diverse spectrum of elements who wield myriad means, must focus on trusted components which can be totally relied upon, in the certainty that their entire code is malware and/or virus free, with no backdoors or other cyber threats.

Trusted systems usually handle highly sensitive data at the level of national critical infrastructure, of the kind that really must be completely “clean”, uncontaminated. Therefore, the rules that apply to the data they transmit, to verify compliance, are different. They must also be simple to use and operate, so minimize their vulnerability. To some extent, both features pose a paradox, as system simplicity or streamline may not necessarily be in line with highly complex system logic.

Ra’anana-based Wind River from Israel features original solutions for handling this multifaceted sector, using a variety of specifically dedicated systems and tools designed for civil and military aviation (both manned and autonomous), for the security sector (civilian, HLS and military), communication industry and so on.

One of the building blocks of handling Big Data in the framework of trusted systems is Deep Data Inspection (DPI), by searching for content which may be associated with a potential attack on Data. Similarly, another tool is pattern use tracing which could attest to malware, viruses and so on within the network or the Data. Yet another solution by Wind River: a generic “Switch Box” designed primarily for Safe City applications, enabling remote management of critical system features.