SANS Industrial Control Systems Security Blog

The Rise of The Things!

As thDerek_Webe saying goes - we do live in interesting times. We have smart "things" being connected to other "things" all around us, providing unparalleled access to new information and functions. Everywhere we go devices are communicating to us and about us. Cyber Security has always been a difficult beast to tackle. What does this age of intelligent, networked things mean for us? More conveniences as we learn to automate more routine tasks. To do that, though, we need to keep up with advancing technology. Part of doing that is learning new language, or at least a few new terms.

We have all absorbed "apps" into our lexicons in the seven years since Apple launched the App Store in the summer of 2008. Even early smartphone adopters got an eye-opener in the rush of new capabilities our mobile devices offered as the number of available apps continued to rise ever faster. Smart cars and home automation systems, developed wholly outside of the mobile app device stream, and wearables, largely designed to collaborate with mobile apps, have become part of the exponentially-growing list of things that can talk to each other as well as to our phones. Even building control systems, another technology with independent roots and development, are increasingly mobile device accessible.

Humans are pretty good at organizing our world into categories of things by their similarities. We provide each group with a conceptual label, a name referring to some common characteristic(s) so that we can understand what each other are referring to when we communicate. To understand and discuss all of these things, in other words, we put them into existing categories or make up new ones. Every technological advance comes with a host of these, and digital technologies have been advancing pretty quickly over the past decade. We are finding a number of new terms being used in greater frequency and though they are interrelated they don't all have the same meanings. Working towards a common understanding, I'm taking a look at how the following are being used.

Internet of Things (IoT): The growing mesh of networked objects. Computers (desktops, laptops, tablets, servers) are part of this, but they are really just the foundation. The IoT goes far beyond that to include smart phones and smart fridges, home automation systems and connected automobile systems. Any device outfitted with all of these components

  • sensors to capture data
  • electronics to process that data
  • software to determine what the electronics do with that data
  • connectivity to communicate with other devices

is potentially part of the Internet of Things.

Internet of Everything (IoE): Cisco's term for the IoT.

Industrial Internet: This term, coined by GE, addresses the networking of industrial devices with sensors and software. Machines which once stood and functioned in isolation and required human operators to perform their functions are increasingly capable of act as part of larger systems through machine learning and machine-to-machine (M2M) communications or be monitored for optimization and health.

There is an industrial internet consortium (http://www.industrialinternetconsortium.org/ ) formed by AT&T, Cisco, GE, IBM and Intel to increase development and adoption of industrial internet technologies.

Industrial Internet of Things (IIoT): Different industries use it somewhat differently, but this is a subset of the IoT specific to industrial systems. The core idea, of machines talking to machines (M2M) when sensor data and software programming calls for it, generally without any human activity involved (possibly without any human awareness), remains the same. Found in many industry applications, including manufacturing, chemical processing, electric grid operations, telecommunications and transportation.

Industry 4.0: Refers to the fourth industrial revolution. While sometimes used synonymously with Industrial Internet of Things (IIoT), this is a German government initiative focused on the manufacturing sector and maintaining Germany's leading role in industrial technology research and development. It is intended to integrate all parts of the value chain. Luigi De Bernardini writes a nice short piece on the differentiation here. http://bit.ly/1TPYeL5

Machine to Machine (Communications) (M2M): Often used as a concept term than a technical one, this refers to both the communications that take place between machines and the technologies that enable that communication. Generally assumes communications are wireless. The machines referenced here may be industrial devices and cyber physical systems, or general purpose computers such as desktops, laptops, etc, depending on the user. The European Telecommunications Standards Institute (ETSI) has a good paper on consumer M2M here.

Cyber Physical Systems (CPS): Collaborating networks of physical and electronic components enabling digital (software) interaction with the physical world. MIT's Robot Garden, in which a garden plot is tended by robots, is a great example of a CPS; machines, driven by programmatic responses to real-world conditions, carry out the real-world activities of watering, pollinating and harvesting cherry tomatoes. The National Institute for Standards and Technology has a number of programs focused on CPS: http://www.nist.gov/cps/

Internet of Services (IoS): Broadly speaking, this refers to the use of internet-based services such as cloud computing, dynamically allocated storage, etc. In the various models discussed here, much of the M2M communications takes place through the cloud. The IoT and IIoT depend on IoS to exist.

Intelligent machines: Devices with software and electronics to modify their activities based on changing conditions and data. That is, devices with programmed responses to various events. For example, an HVAC system which increases or decreases the chiller output to maintain a steady temperature inside a building as the external temperature changes.

Bio: Derek Harp

Derek Harp is currently the Director for ICS Global Programs at SANS and the GICSP Steering Committee Chair. He is responsible for organizing events, resources and initiatives that educate and enable increased collaboration within the entire ICS security community. Mr. Harp has served as a founder, CEO, or advisor of early-stage companies for the last 16 years with a focus on cybersecurity. Derek is also a co-founder and a board member of NexDefense, Inc., a company focused on the security technology needs of ICS asset owners. Previously, he was the CEO and co-founder of LogiKeep, Inc., where he was the co-inventor of Intellishield, a pioneer IT security product which was subsequently acquired. Mr. Harp is a former U.S. Navy Officer with experience in combat information management, communications security, and intelligence.