.
The Industrial Internet of Things—Building Safe & Manageable NetworksDoug Clifton
Schneider Electric
Tom Jackson
Schneider Electric
.
Agenda
• An Overview of the Industrial Internet of Things
(IIoT)
• How Its Market Growth will Drive for More
Comprehensive Cyber Security Solutions
• These Topics will be Discussed:- Industrial Drivers
- IT—OT Comparison
- IoT—IIoT Comparison
- Cyber Security Approaches and Solutions
- IIoT Cyber Security Solution Example
2
.
Speakers
3
Doug CliftonGlobal Director, ICS Advisory Cyber Security ServicesSchneider-Electric
Doug has more than 10 years of applied cyber security
experience in the area of industrial controls and OT. With a focus
on; Power Generation, Oil&Gas, Waste Water, Chemical, Mining,
Building Management and Smart Infrastructure
Tom JacksonPrincipal Consultant, ICS Advisory Cyber Security Services
Schneider-Electric
Tom has more than 6 years cyber security experience With focus
on cyber security solutions for; Power Generation, Oil&Gas,
Waste Water, Chemical, Mining, Building Management and Smart
Infrastructure
.
Similar, but different
Industrial + Internet + OT = IIOT
• There is a line dividing IIoT and IoT
• The differences between IIoT and IoT are not just semantics
• Devices are key IIoT and IoT differentiator
• The real opportunity for IIoT will be a migration path to intelligent devices
4
.
The Things
• Consumer applications will drive the number of connected things; enterprise accounting for the
most revenue
• Automotive sector will show the highest growth rate at 96 percent in 2015
• Industry, manufacturing, utilities, and transportation will be the top three verticals
5
Ref: Gartner 2014
0
2000
4000
6000
8000
10000
12000
14000
2013 2014 2015 2020Automotive Consumer
Connected Things by 20203 Billion in 2013
Growing to
25 Billion by 2020
.
IT and OT: Foundation of the Future
6
IT OT
Purpose Process transactions, provide information, IT security
standards
Control or monitor physical processes or equipment,
Cyber Security regulations
Architecture Enterprise wide infrastructure and applications
(business)
Event-driven, real-time, embedded hardware, and
software (industrial)
Interfaces Operating systems and applications, Unix, GUI, Web
browser, terminal, and keyboard
Electromechanical, sensors, Windows, actuators, coded
displays, hand-held devices
Ownership CIO, finance, and administration departments Engineers, technicians, operators, and managers
Connectivity Corporate network, Internet, IP-based Control networks, hard wired twisted pair, and IP-based,
wireless
Role Supports business applications and office personnel Support controls processes and plant personal
.
Similar, but different
IoT vs IIoT
7
IoT IIoTDevices IoT includes devices located in consumer or commercial settings:
offices, business, homes
IIoT includes devices located in industrial settings: factory floor,
automation control, HVAC, energy grid
Reliability Moderate requirements: ease of use, short product lifecycles. 99.99-
99.999
Stringent requirements than the consumer IoT: hi-reliability, harsh
environments, long lifecycles. 99.9999-99.99999
Security Require identity and privacy Requires robust security protecting against access
Function Synonymous with functions that benefit end users-human life style Provide basic operational roles and requirements—many are
independent of human intervention
Availability Function in environment of updates, add-ons, apps, charging, and
random rebooting
Requires high availability and uptime. Unscheduled patching and
rebooting is not tolerated
Failure Retry, replace Resilient, fail in place
Connection Connects people to people or people to the internet Peer-to-Peer and M2M (Machine to Machine)
Protocol For the most part is IP reliant Based upon numerous protocols-standards based and proprietary
Market Greenfield-new device uptake is almost immediate Brownfield-new device uptake must be phased in
.
IIOT–OT: Industrial Drivers
8
Sources: EIA, Globalenergy, EIA, IWMI, MineWeb, Cleantecnica, SmartCities, Cisco, Navigant
Utilities
Building Management
Smart Infrastructure
• Over 175,000 Power Generation plants
• Over 500,000 Waste Water facilities
• Over $2.5 Billion in Building Energy Management
System (BEMS) revenue
• 14 Million Buildings with Management systems
• Over 8 Zettabytes of Datacenter data
(1ZB=100 Trillion Gigabytes)
• Over 150 Million Smart Meters
• Over 100,000 Smart City projects
.
IIoT and Cyber Security
• All industries share the need for control automation
• All industries will evolve or gravitate to the IIoT
• All industries will find it harder to be “islands”
• All industries will require a comprehensive cyber security plan based on: Product, Solutions, and Managed Services
9
.
What IIoT will Deliver
11
An increase in
the cyber security
attack surface of
industrial control
systems connected
to the IIoT
.
So…Is IIOT a Good Thing?
Good
IIoT can improve:
• Asset Health & Uptime
• Operating Performance
• Safety and Risk Management
• Logistics
• Worker Experience
• Business Processes
Challenges
IIoT will require:
• Enhanced security: Security is neither integrated nor portable with IIoT devices
• Increased assessments to determine changes to the risk profile
• Real-time managed security services to monitor increase in endpoint devices
• Robust cyber security solutions to address changing landscape
• Additional trained cyber security professionals
12
Source: arcweb.com
.
Three approaches
Cyber Security
13
Cyber security is defined in most businesses as product-related or services-related. We understand that Products, Solutions, and
Managed Services work together to strengthen a company’s cyber defense position.
Cyber Security
Enabled Product
Cyber Security
Solutions
Managed Secure
Services
• Business Unit Offerings • Addresses the holistic security needs of the client
(Cyber Defense)
• Manage and monitor cyber security
solutions
• Product Cyber Security supports product
development to ensure that Schneider
Electric’s entire Product portfolio adheres to
a common security design core methodology
• Delivers solutions in concert with the Schneider
Electric product suite
• Timely and accurate situational cyber
security information
• Delivered by the Business Unit • Cyber Security Services is client-facing • Provides support for those that lack
the skills or resources to manage their
cyber security solution
• Product Cyber Security is expected by our
clients
• Cyber Security Services are required by our clients • Provide reporting and alarming
functionality and services
• Cyber Security Services drives significant revenue • Support 24/7 coverage
• Delivered by cyber security practitioners
.
Cyber Security Corner Stones
1. Asset Identification
2. Electronic Access Controls
3. User Access Controls
4. Patching
5. Anti-Virus
6. Disaster Recovery
7. Logging
8. Advanced Solutions
14
Schneider Electric Cyber Security Services Team utilizes their Life Cycle Methodology to develop and deliver a comprehensive
Defense in-depth solution that address your specific cyber security requirements.
.
Partnership—Schneider Electric &Intel Security
15
Schneider Electric Expands Cybersecurity Capabilities by Partnering with McAfee
This collaboration will enable Schneider Electric customers to add tested and certified application whitelisting capabilities in the management of core offerings.
“The expansion of our security offer to incorporate Intel Security whitelisting capabilities enables Schneider Electric to serve our customers more effectively using a modern and secure critical infrastructure environment.”
—Cyril Perducat, Executive Vice President Software and Digital Services Transformation, Global Solutions at Schneider Electric
Press Release on March 2014
.
Conclusion
1. IIoT will change the cyber security landscape
2. Industrial clients have requirements larger in scope than just secure products alone can provide
3. Our basic approach stays the same and includes:
1. Asset Identification
2. Electronic Access Controls
3. User Access Controls
4. Patching
5. Anti-Virus
6. Disaster Recovery
7. Logging
4. Cyber Solutions in Industrial Automation will become more complex to support IIOT
18
.
Intel and the Intel and McAfee logos are trademarks of Intel Corporation or McAfee, Inc. in the US and/or other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright © 2015 McAfee, Inc.