16
Paul-Emmanuel Brun IoT Team Leader AIRBUS CyberSecurity IIoT security and application to Smart Manufacturing in Aerospace Industry IoT Tech Expo Europe 2019
Paul-Emmanuel Brun
IoT Team Leader
AIRBUS CyberSecurity
IIoT security and application to Smart
Manufacturing in Aerospace Industry
IoT Tech Expo Europe 2019
IIoT definition & disambiguation
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)2
IoT definition :
“a cyber-physical ecosystem of interconnected sensors and actuators, which
enable intelligent decision making (…) meant to provide continuous cycle of
sensing, decision-making, and actions“
ENISA
IIoT definition :
systems “that connect and integrate different types of control systems and sensors
with enterprise systems, business processes, analytics and people” >> uses
internet technology but might not be directly connected to the web.
IIC
Sensing
Analysis
Decision
making
Acting
Industrial IoT and Industry 4.0
What is Industry 4.0?
➢ Concept originally defined by an eponym
German governmental project as:
“fostering strong customization of products under
the conditions of highly flexible production,
introduction of methods of self-optimization, self-
configuration, self-diagnosis, cognition and
intelligent support of workers in their increasingly
complex work”
Game changers versus I3.0?
➢ Cloud Manufacturing (CMfg)
➢ Big data analytics
➢ Augmented / virtual reality
➢ IIoT / M2M communication
➢ Autonomous / collaborative robotic
➢ Additive manufacturing
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)3
Commercial in Confidence
Source: Industry 4.0 and cybersecurity – Deloitte University Press
IIoT application in Aerospace
✓ Inventory management: geographically track & trace equipment locations.
Benefits: keeping stocks automatically supplied when empty, anticipating needs and facilitating
the Inventory Control system (Kanban).
✓Authorizations and qualifications management: track operators behaviour
while using specific tools.
Benefits: reducing the burden of regulation compliance (controls, audits), increase production
rates and products quality.
✓Optimization of processes and workflows by leveraging SPC and analysis of
aggregated data.
Benefits: reduce operating expenditure, increase production and gain quality.
✓Maintenance: perform statistical and predictive analysis applied to
maintenance.
Benefits: less reactive maintenance and related unplanned production downtimes, less
preventive maintenance, lower cost of spare parts and supplies.
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)4
Commercial in Confidence
Examples of applications
IIoT application in Aerospace
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)5
Commercial in Confidence
+ New revenue opportunities → Optimize airlines operations
✓Reduce “aircraft-on-ground” time using predictive maintenance:
AOG is a critical cost factor for the airline industry. It can cause major
disruption and damage an airline’s reputation.
Benefits: helps ground staff to analyse the data rapidly, detect any issue and
quickly take corrective action. Overall it reduces both the time and the cost of
maintenance.
✓Gains in fuel efficiency by performing real-time data analytics:
Data analytics enable the real time prediction of fuel demand in order to
adjust thrust levels.
Benefits: 10-15% reduced fuel consumption as well as environmental
benefits through reduced emissions and engine noise.
$1,250,000 each day
Cost of a grounded A380
Airbus (1)
1) IT pro portal, 2016, How IoT technologies are disrupting the aerospace and defence status quo, Available at: http://www.itproportal.com/features/how-iot-
technologiesare- disrupting-the-aerospace-and-defence-status-quo/
Industrial IoT Security Considerations
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)6
Commercial in Confidence
STUXNET
2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020
Black Energy
German steel mill
Hollywood Presbyterian
Medical Center
BWL Georgia Institute
of Technology
(RSA 2017)
Casino Fish
Tank
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)7
Commercial in Confidence
Potential effects of cyber-incidents involving Industrial IoT:
Business impacts:
• Production downtime, resulting in overcosts and delays
• Quality deficiencies, resulting financial / reputational damages
• Reputational damages, subsequent loss of opportunities
Physical damages:
• Equipment damages, recovery costs, impact on production
• Human safety, operator / user / society endangered
Damages to intangible assets:
• Intellectual Property (IP) theft and loss of competitive advantages
• Private data leakage resulting in legal and reputational damages
1) Purdue Enterprise Reference Architecture (PERA): model for enterprise architecture, developed in the 1990s by Theodore J. Williams and members of the Industry-Purdue University Consortium for Computer Integrated Manufacturing
Industrial IoT Security Considerations
Industrial IoT Security Considerations
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)8
Commercial in Confidence
Enterprise Resource Planning
Industrial site Management
Remote Site Management IT
Production SCADA Production SCADA
Supervision HMI Supervision HMIDistributed Control
System
Distributed Control
System
PLCDigital
C2
Digital Machine
Control
Digital
C2
Other system
Level 6
Purdue model scope
Level 5
Level 4
Level 3
Level 2
Level 1
Robot
Machine Machine
Handling
Equipment
Robot
Handling
Equipment
Machine Machine
Actuator Actuator Sensor
Automat Automat
Sensor
Industrial IoT Security Considerations
Vulnerabilities specific to CMfg environments:
• At the edge: edge analytics are a point of decryption, WSNs
use vulnerable radio protocols
• In the Fog: IIoT gateways are a point of decryption, IDS and
other AI-based analytics are vulnerable to adversarial ML
• In the Cloud: cloud service providers are vulnerable to denial
of service attacks
IIoT as target, attack vector or weapon:
• Target: attack IIoT device to cause production downtime,
quality problems, safety incidents
• Attack vector: exploit the weak security level of a non-critical
IoT network to access a critical ICS / a sensitive IT network
• Weapon: form an IoT botnet to perform a DDoS attack on a
web service provider (MIRAI)
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)9
Commercial in Confidence
Cloud
Fog
Edge
IoT botnet
DDoS
Adversarial
MLMalware,
Ransomware
Watering
hole attack
Spoofing
attack
Jamming
attack
IIoT security use cases in Aerospace
CyberFactory#1 Project: Addressing Opportunities and
threats of the Future Factory
Use-case 1: ADS Factories of Tablada, San Pablo & Cádiz
Use-case: Connected Manufacturing Tools such as cyber-
physical jigs, Computer Aided Test Systems (CATS), matrix
cabinets, gap guns, cobots, and hand tools control system.
Misuse-case: Rogue device intrusion, communication sniffing,
jamming and spoofing > Industrial Intelligence / Sabotage
Key capabilities: Stateless authentication & lightweight
encryption
:
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)10
Commercial in Confidence
IIoT security use cases in Aerospace
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)11
Commercial in Confidence
CyberFactory#1 Project: Addressing Opportunities and
threats of the Future Factory
Use-case 2: Airbus Final Assembly Line
Use-case: Asset Tracking and Supervision:
• Indoor / outdoor
• Multi-protocol
• Precision / cost optimization
Misuse-case: Blended threat / insider threat – physical intrusion
on restricted area to insert infected device
Key capabilities: Behavior-based Human / Machine trust
management, physical / logical identity & access control
:
IIoT security use cases in Aerospace
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)12
Commercial in Confidence
CyberFactory#1 Project: Addressing Opportunities and
threats of the Future Factory
Use-case 3: Airbus Avionics Factory of Saint-Martin
Use-case: Implement Statistical Process Control (SPC) to:
-reduce number of production defaults by 20%
-reduce the production cycle from 20 to 15 days
-multiply production rate by 2 in 4 years
Misuse-case: Adversarial machine learning / data tampering to
cause analytic errors, process disruption / quality problems >
potential impact on air safety
Key capabilities: Machine-learning-based anomaly detection,
robust machine learning,
:
Thank you
Paul-Emmanuel Brun
IoT Team Leader
AIRBUS CyberSecurityhttps://fr.linkedin.com/in/paulemmanuelbrun
Industrial IoT Security Considerations
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)14
Commercial in Confidence
Specific vulnerabilities of IIoT:
• Physical components: small sized objects with low physical
protection, widely distributed over indoor/outdoor areas…
• Smart components: miniaturized hardware from untrusted
manufacturers, self-enrolment ability, weak/no authentication, local
data storage , no/weak data protection…
• Connectivity components: wired / wireless communication, point to
point / radial / meshed, with / without gateway, weak / no encryption,
several points of decryption, by default configurations, passwords,
identifiers, keys…
Physical
access
Man in the
Middle attack
Hardware
Trojan
Side
channel
attack
Rogue
deviceCommunication
Jamming
Sniffing
Spoofing
Data theft
Industrial IoT Security Considerations
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)15
Commercial in Confidence
CloudCloud
Edge
IoT
Gateway
/ Star
Gateway
/ mesh
Server /
Field bus
Edge computing is a direct response to the monumental increase of bandwidth required by the end devices that underpin the IoT.
These devices produce a lake of date that has to be validated, analysed and processed in real time.
• As edge and fog computing pushes the data validation closer to the requester, it can process data as a faster pace if it were held in a
central location,
• It also allows for offline or disconnected validation of data ➔ reduce the total amount of end-to-end bandwidth needed ➔ lowering
costs
Process
Analytics
Time
Sensitive
E.g. Bluetooth Mesh Network E.g. LAN Network
Business
Analytics
Business
sensitive
Secure authentication Lightweight encryption
Unidirectional
data flowNetwork self-healing
Edge-anomaly
detection
Cloud-anomaly
detection
Endpoint
detection
End to e
nd data
pro
tection
Fine-grained
access control
Data aggregation &
anonymization
On-premise
Data center
ERP /
SCADA
security
Industrial IoT Security Considerations
19th june, 2019 Presentation title runs here (go to Header and Footer to edit this text)16
Commercial in Confidence
Security of Industrial Systems, old and new problems:
• Brownfield* vs. greenfield: legacy OT equipment was not designed to operate safely in hyperconnected mode > deployment of
IIoT on top of legacy requires proper requalification of risk and adapted countermeasures
• Update paradox: OT systems pass through stringent validation and qualification steps meant to assure safe operation in a frozen
configuration and environment. IT security is enforced by regular update of software. What about IIoT?
• Safety-security paradox: operation safety requires time-critical communication and fail-open mechanisms while system / data security
requires encryption and fail-secure mechanisms
• Predictability: OT systems were known to be relatively predictable and stable, thus enabling simple behavior-based and protocol-
based anomaly detection techniques. IIoT is likely to reduce this advantage by raising the level of unpredictability and the diversity
of protocols in use in industrial systems.
• Attack fractal: manufacturing ICS traditionally had centralized architectures, locating all critical assets in a physically & logically
protected perimeter. IIoT and CMfg together open the way to much more distributed production systems, transforming the attack
surface into an attack fractal.
