Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Industrial IoT security: Is risk increasing?

Recently, as more applications get serious about implementing IIoT designs, I get an increasing number of questions from insurance company executives. The most common question: what is the risk in the industrial internet of things? Their theme seems to be: Connecting things is just too risky. We don’t understand the security or safety risks, so it can’t be good.

I disagree.

I do agree that IIoT is a brave new world in general, and for risk management in particular. There are all sorts of new opportunities for attack. The hack that allowed remote control of a Jeep over the internet is a classic example. More concerning industrial cases include the Stuxnet worm that destroyed Iran’s nuclear program, the European grid backdoor installed by malware and the Excel spreadsheet exploit that caused a blackout in Ukraine.

That said, intelligent machines also have more opportunity to protect themselves. The sad truth today is that most systems are poorly protected (like that Jeep). Security gets orders of magnitude more attention today than only a short time ago. Most industrial systems didn’t even consider anything beyond “eggshell” firewalls or “air gap” offline designs until recently. That has changed 100% today; everyone is thinking security, security, security. The progress is exhilarating. Put another way, the real question isn’t if there are more attackers and threat out there; that’s obvious. The real question is if installing an IIoT design makes your system safer or riskier. In my opinion, despite the rise in bad agents, the “likely real risk” goes down if you connect to IIoT. This is simply because the process of implementing an IIoT system motivates a badly needed security audit.

But my optimism stems from a greater opportunity to implement real change. In my experience (and this may shock security wonks), security is not a change driver. Fear is simply not enough. Industrial systems are usually not willing to implement a new architecture (just) to improve security. The power industry is my favorite example. The industry has been screaming for 20 years that security is a problem. And, it will go right on screaming … unless something else drives the change.

The good news? IIoT is that change driver. While it may not drive the change, security is absolutely a change gate. When implementing a new architecture for any reason, every application insists on security. Since IIoT is motivating many, many industrial applications to redo their architectures, security is getting better. Of course, implementing a new architecture for a major industrial application, or for that matter an entire industry, is daunting. But this is the magic of the sweeping changes offered by IIoT. IIoT is compelling. Change is coming, and it’s coming fast.

Because of this new driver and awareness, we are probably decreasing our collective risk profile over time. The greater attention means we are installing cyber “burglar alarms” faster than the rise in “burglars.” So, our collective “likely real risk” of a major industrial infrastructure event is probably decreasing.

The insurance executives consider this an overly optimistic view of the future. I counter that they hold a too-optimistic view of the present. You see, the situation today is unacceptably, intolerably, unbelievably high risk. Entire industries run without a whit of security. It seems scarier in the future only because the risk you don’t know seems worse than the risk you do know. That’s human nature. But anyone who looks will see that the current risks are very high, and the new designs are much better.

How much better? There are sweeping improvements in both understanding and technology that enable better security.

The Industrial Internet Consortium (IIC) recently published the most complete treatment of security in the industry, the “Industrial Internet Security Framework.” This 162-page tome outlines the security challenge from the broadest concept of trustworthiness to the key considerations in implementation. Perhaps its greatest contribution is simply the cataloging of all the deep and wide considerations of the problem. Even a casual perusal will increase a designer’s awareness of the challenges.

Standards and technologies are also making great strides. For instance, many potential IIoT systems primarily face scalability and system integration challenges. With a little thought, the architects figure out that IIoT systems are all about the data, and then that they really have a high-performance data flow and data transparency challenge. The best way to provide transparent flow is a peer-to-peer or “publish-subscribe design. The IIC’s seminal works on architecture and connectivity call this the “layered data bus” pattern. It scales well, performs well and connects low-level control to high-level intelligence.

Unfortunately, this realization leads to a tail-wagging-the-dog dilemma. The architecture is the dog; systems need the simplicity and performance of a communications pattern that directly sends the data where it’s needed, right now. That data transparency makes large-scale future IIoT systems manageable.

The dog side of the dialog goes something like this:

Hey! Let’s just send the data right where we need it. Pervasive data availability makes systems fast, reliable and scalable. And look how much simpler the code is!

Of course, although data transparency is an integration dream, it’s a security nightmare. So, here comes the security tail:

We can’t maintain thousands of independent secure sessions! How do we keep such a system secure?

Only last year, that was a damn good question. It blocked adoption of IIoT technologies where they are really needed. But then, the DDS standard developed a security architecture that exactly matches its data-centric data flow design. The result? The data-centric dog wags its perfectly matched data-centric security tail. Security works seamlessly without clouding data transparency. Advances like this — that span industries — will make future IIoT systems much more secure than today’s ad-hoc industry-specific quagmire of afterthought security hacks. Security that matches the architecture is elegant and functional. Even better, because it’s a standard, products are coming to market that enable secure interoperability between vendors. The technology is real now.

This argument leaves my insurance contacts searching for Tao in their actuarial tables. So, I can’t resist adding that it’s not really what they should worry about.

Safety engineering will be a much bigger impact on insurance. For instance, I expect the $200 billion auto insurance industry to disappear in the next 10-20 years as advanced driver assistance systems and autonomous cars eliminate 90% or more of accidents. Most hospital errors can also be prevented, and hospital error is currently the third leading cause of death in the U.S. In factories, plants, oil rigs, mining systems and many more applications, automated systems (somewhat obviously) won’t have humans around, thus removing a significant current risk today. Accidents, in general, are mostly the result of human folly. Machines will soon check or eliminate this opportunity for folly. I see this as an extremely positive increase in the quality and preservation of life. Insurance executives see it as an existential threat.

I tell them not to feel bad; most industries will be greatly disrupted by smart machines. Navigating that transition will make or break companies. Insurers certainly understand that losses are easier to grasp than the gains; that principal underwrites their industry. But that perception is not reality. IIoT’s impact on the economy as a whole will be hugely positive; the analysts measure it in multiple trillions of dollars in only a few years. So there will be many, many places to seek and achieve growth. The challenge to find those paths is no less or greater for insurance than for any other industry. But fundamentally, IIoT will drive a greener, safer, better future. It is good.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.