Sunday, May 13, 2018
Time-Sensitive Networking is the next big thing in automation and control networks, especially in the context of IEC 61850: Deterministic Networking technologies based on the standards from IEEE 802.1TSN provide various means to support substation automation networks based on IEC 61850. Higher efficiency in terms of resource usage is only one benefit. In many deployments, substation network bandwidth is overprovisioned in order to achieve the delay and packet loss requirements. Combined with the benefits of guaranteed bounded latency, low bounded jitter, and low packet loss, a substation automation solution built on top of an IEC 61850-TSN -Profile is a good fit to meet the tight requirements in an efficient way. As one result, the adoption and implementation of the Process Bus as a key architectural component of IEC 61850 would benefit.
Tuesday, February 13, 2018
Is it really AI? (Update)
We do read a lot about Artificial Intelligence (AI) these days. AI seems to get in nearly everything. Just pick the right chip and you can put the AI sticker on your product. But is it really that easy? Where is the difference between AI and Machine Learning? And, is the term Intelligence the correct notion anyhow to describe a computer based system? Is it a qualitative or quantitative property?
Depending on the answer, is it something we can measure?
Related to intelligence (IQ) as a characteristic (hopefully) of human beings: Would it be feasible to create a questionnaire for machines to found out about AI? A sort of IQ test for artificial intelligence?
In essence, I don't see a generally accepted definition AI. One of the reasons for all the misconception.
Depending on the answer, is it something we can measure?
Related to intelligence (IQ) as a characteristic (hopefully) of human beings: Would it be feasible to create a questionnaire for machines to found out about AI? A sort of IQ test for artificial intelligence?
In essence, I don't see a generally accepted definition AI. One of the reasons for all the misconception.
Thursday, February 08, 2018
Sunday, January 28, 2018
IoT Security: Essential Requirements
One core requirement in IoT security is trust. Or, the other way around: We cannot trust an IoT device connected to the network unless we know exactly how it works. This is imperative! And it especially relevant with all the encrypted channels we see on the Internet. We might have MitM protection but we do not know what is on the wire and within the encrypted packages.
Friday, January 26, 2018
Real technology needs
There are lot of trends and buzzwords, AI is only one of them. But there are also other needs. One of them is usability in cyber security. Security is important and a critical success criteria for IoT. Security controls and technologies exist. But for an average user it is hard to comprehend and difficult to handle. This has direct impact on the posture of devices attached to the Internet. We definitely need much better usability in security for IoT. This encompasses the entire life cycle: installation, on-boarding, operation, and maintenance.
Monday, January 15, 2018
IoT Security - accept and handle failure
IoT as well as Industrial IoT (IIoT) present a couple of specific key requirements in order to build secure and reliable networks and systems operated in smart grid, smart city or manufacturing. Because of agility, size and the vast number of endpoints, automation and orchestration are important success criterions. But there is much more to consider: We need to accept and handle failure and security breaches. Survivability, resilience, isolation, and self-healing are essential characteristics and quality requirements for the underlying system architecture. Of course, network security is the sound basis for a scalable security architecture with strict network access control and secure onboarding as inherent features. This is the precondition for visibility and context awareness to address security intelligence in order to respond to threat automation and malware sophistication at all levels of the stack.
Tuesday, January 02, 2018
IoT Security - a primer
Security is a crucial requirement, a core building block, a
success criterion, and an enabler for IoT at the same time. With scalability
and extensibility, security represents an important quality attribute within
the overall IoT architecture. Linking a vast number of devices and
inter-connecting networks leads to complex systems that needs to be protected
comprehensively and holistically.
Security impacts all layer of the IoT architecture. It starts
with the security of the endpoints and impacts the data and processes in the
cloud. Of course, the security of the network connecting all nodes is
imperative to the success. In this regard, IoT security comprises the security
of the network as well as the security of the connected devices, intermediate
subsystems, such as gateways, and systems consuming the data finally. Beside
connectivity and communication, security is important for all deployment and
management processes.
First of all, there is no silver bullet, no unique approach to
implement IoT security comprehensively. Beside all the technical requirements,
there are always constraints and side effects such as cost pressure, time
schedules, available resources, expertise and so on. Nevertheless, there is a
set of essential requirements which must be considered from the beginning.
Objectives
and Key Requirements
The overall goal is to protect the entire system which
represents an IoT installation. The more granular security requirements, often
called security attributes, are confidentiality, availability, integrity, and
privacy. The relevance of these core attributes depends on the system, the
environment, the actuators and their functions. In an installation where
customer data is used, confidentiality and privacy are especially important. A
smart meter installation would be a perfect example. Data management,
processing, and distribution are becoming increasingly important for customers
who want to control and ensure their privacy. In several countries, this is
already regulated by law. Technologies and procedures to protect end user’s
privacy are evolving. Anonymization of user data is only one approach. More
advanced technologies follow an approach to conceal user identities and their
network activity from surveillance and traffic analysis by separating
identification and routing.
In the industrial environment, availability and integrity are
high priority. Furthermore, safety cannot longer be separated from security. In
some scenarios, IoT systems might be part of the critical infrastructure which
even raises the bar for security. In these domains, security appliances and
functions must not hinder the performance of the critical applications.
The following table contains the four key attributes:
Requirement
/ Attribute
|
Objective
|
Availability
|
Ensures that
data is timely and reliable available to authorized entities when it is
needed
|
Integrity
|
Protect data
from modification without authorization to ensure accuracy and completeness
|
Confidentiality
|
Protect
disclosure and data access from unauthorized entities
|
Information
and Data Privacy
|
Management
of data according to legal regulations and public expectations
From an
individual perspective, privacy is the right to control what information may
be collected, processed and stored and by what entity, and to whom that
information may be disclosed.
|
The recommended approach to identify the essential requirements
is a risk-assessment of all assets that are part of the given IoT system.
Depending on the outcome which is impacted by financial, safety and other
consequences, requirement documentation can be compiled. In addition,
requirements derived from regulations, policies and standards will complete the
specification.
Subscribe to:
Posts (Atom)