SPONSORED FEATURE
Feature sponsored by
Securing the edge is crucial in the M2M world
E
dge device security is an increasingly important yet an often overlooked consideration in today’s connected world. As
more physical assets are monitored and controlled by or interacting with a growing number of stakeholders, the potential for malicious attacks becomes greater. Although there is widespread understanding of the threat of cyber crime in the personal and corporate worlds for those using cloud computing, the Internet and social media, there is less awareness that an equivalent threat exists in the machine-to-machine (M2M) environment. This is despite a corresponding rise in the potential applications of edge intelligence in the Industrial Internet of Things (IIoT) era.
All the technology needed to
protect against attacks on data and communications networks already exists and is well established in the IT and enterprise environment. However, it is still the case that too many users in too many industries take minimal precautions to protect their edge devices and the assets connected to them. Part of the problem is that security is not ‘one size fi ts all’, which means the most suitable solutions can only be achieved through strong partnerships between end users and edge platform vendors.
Less proprietary, more connected Historically, applications at the edge were primarily concerned with protocol conversion, data fi ltering or data aggregation but today we are seeing the emergence of more advanced applications involving, for example, machine learning and edge inference. At the same time, industrial systems are becoming less proprietary and more connected and make greater use of mainstream Internet technologies such as Big Data and Artifi cial Intelligence (AI). In this changing world, the edge has become much more than a passive collector and translator of data. It is now the principal point of local control and decision making in such applications like intelligent factories, smart machines,
20 June 2023 | Automation
infrastructure and transportation. This means securing edge devices and the applications running on them must be the top priority in any M2M project. Here are some essential security questions that every operator must ask when working in a large-scale edge environment:
• Can the physical attack vectors be reduced?
• Can unauthorised physical access be detected? • Where and what is the Root of Trust? • Are keys generated and stored securely? • Can remote attestation be used? • Has everything been encrypted? • How to lock down BIOS or equivalent? • Can the operating system be secured? • Is secure boot implemented? • What about the communications link? • Have all available security mechanisms been confi gured and optimised?
What an edge platform partner must offer
Most of the above may seem obvious but many device manufacturers lack the experience, skills or partner connections to optimise confi gurations for many applications. Even fewer use these skills to co-operate with customers to develop optimal solutions for their specifi c systems and security policies and fewer still have the ability to replicate and produce devices at scale with the agreed custom hardware and software confi gurations. That’s why for the best outcomes it is
crucial to get it right when evaluating an edge platform partner and to choose one that delivers large proportions of solutions from within its own portfolio, without many diff erent parties in the
supply chain. The lower the number of suppliers involved, the lower the risk of interface problems, especially in terms of communications system components, sensors/sensor interfaces, or application- level frameworks and solutions. In today’s increasingly standards- based, interconnected world, fl exible and intelligent edge platforms provide application environments that could be shared between various departments, stakeholders and even diff erent companies. Because these are subject to regular application and confi guration updates, it is not enough for users to have remote access to application-level functionality. Instead, it is vital that they can also access and interact with the underlying operating system, fi rmware and even ‘bare iron’ hardware, to service ongoing fl exibility and security requirements. More importantly, it is essential that these can be accessed remotely over a communications network, in order to minimise the number of site visits required and provide a mechanism by which security updates can be rolled out to a large number of remote sites, in the shortest possible time. That’s why an edge platform partner needs to off er the facility to remotely monitor, manage and maintain an installed base of tens, hundreds or even thousands of remote devices. A good remote monitoring solution will help to predict potential problems and raise alarms about emerging issues before they escalate and aff ect device operation. To prevent problems with bugs or hacks to software on devices, some form of out-of-band access is essential so that interaction is possible, even if the operating system has crashed or a drive has failed. Finally, while securing the edge is essential in the M2M world, it’s worth noting that, depending on hardware, not all options will be possible for all devices.
CONTACT:
Advantech
www.advantech.com
automationmagazine.co.uk
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42
