Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Galem KAYO
on 17 November 2020

Cybersecurity defenses for IIoT


Cybersecurity attacks on industrial IoT solutions can have detrimental consequences. This is the case because IoT devices record privacy-sensitive data and control production assets. Therefore, demonstrable trustworthiness is prerequisite to IoT adoption in industrial settings.

Fortunately, IT security is a mature field. Experts have identified classes of threats devices may be subject to. Let’s discuss these threat patterns and mitigation strategies in the IIoT context.

 Threat modelling: what can go wrong?

Cybersecurity practitioners often use threat models to map attacks that might compromise a system. The STRIDE model developed by Microsoft is widely used for threat modelling. Here are examples of threats for IoT devices.

The STRIDE model for cybersecurity threats

Following are key operating system features that mitigate these threats.

Authenticating software with secure boot

IoT devices are most vulnerable at boot. Initiating the OS with malicious software components could lead to the total corruption of a device. This type of breach exposes devices to additional security threats.

Simplified illustration of the secure boot process

Secure boot verifies that software is authentic and originates from a trustworthy source. This verification prevents boot process alteration. A component therefore executes, only if its digital signature is validated by the preceding component.

The firmware validates the bootloader using a public key stored on-device (root of trust). The bootloader then validates the kernel, which in turn deciphers the root file system. The result is a software chain of trust.

Protecting data with full disk encryption

IoT devices store data from sensors installed in privacy-sensitive environments. Threat actors can extract confidential information, trade secrets or intellectual property, if they gain access to such data. information disclosure can lead to other vulnerabilities.

How then to protect data stored on the disk from unauthorised access? The answer is encryption of the whole disk or of key partitions. For this purpose, the operating system uses a single key to encrypt and unencrypt data. This key is stored on a separate disk partition.

Example of encryption scheme on the disk of an IoT device

Wouldn’t it then suffice to know the storage location of that key to unlock the disk? The answer is no, because that key is itself encrypted. It thus has to be unencrypted with a master key. The master key is usually stored on the chip, or on special-purpose external devices (like TPMs or secure elements).

Locking down devices with digital signatures

Constraining the behavior of IoT devices reduces the surface of attack. Locking down actions susceptible to lead to any STRIDE mode of attack during uptime is an effective defense strategy. Highly secure operating systems can orchestrate digital signatures to lock down such actions.

Secure device onboarding process with Ubuntu Core

Behaviors that the OS can control using digital signatures are: authentication, communication and app execution. Authenticating devices controls access privileges. Restricting addresses a device can accept traffic from creates a barrier to spoofing and DoS attacks. Locking down the software bill of materials allowed on a device prevents tampering with apps.

A resilient endpoint security mix

Strong endpoint security is essential in a defense in depth strategy for IIoT . However, most Linux distributions do not provide security capabilities like secure boot, full disk encryption or digitally signed assertions out of the box. This results in additional costs for developers to build trustworthy IIoT devices.

Security capabilities in Ubuntu Core

Ubuntu Core offers advanced security capabilities by default. The operating system orchestrates the features described above to mitigate cybersecurity threats. This empowers any innovator to create IIoT appliances suitable for use in mission-critical environments like factories, smart cities and more.

Related posts


Canonical
19 November 2024

Canonical provides the ideal platform for Microsoft Azure IoT Operations

IoT Article

London, 19 November 2024. Canonical has collaborated with Microsoft as an early adopter partner and tested Microsoft Azure IoT Operations on Ubuntu Core and Kubernetes, which is notable as Microsoft today released Azure IoT Operations, a unified data plane providing significant improvements in node data capture, edge-based telemetry proce ...


Felicia Jia
29 February 2024

Join Canonical at 2024 GTC AI Conference

AI Article

As a key technology partner with NVIDIA, Canonical is proud to showcase our joint solutions at NVIDIA GTC again. Join us in person at NVIDIA GTC on March 18-21, 2024 to explore what’s next in AI and accelerated computing. We will be at booth 1601 in the MLOps & LLMOps Pavilion, demonstrating how open source ...


Gabriel Aguiar Noury
21 November 2024

EdgeIQ and Ubuntu Core; bringing security and scalability to device management 

Internet of Things Article

Today, EdgeIQ and Canonical announced the release of the EdgeIQ Coda snap and official support of Ubuntu Core on the EdgeIQ Symphony platform. EdgeIQ Symphony helps you simplify and scale workflows for device fleet operations, data consumption and delivery, and application orchestration. Distributing EdgeIQ Coda as a snap brings the power ...