Editor’s Note: Andrew Foster, product marketing manager at PrismTech, created the graphic on page 20 and spoke with EECatalog about the challenges of securing data for the diverse markets PrismTech serves: healthcare systems to smart utilities and smart grid to large-scale transportation management and smart cities use the company’s connectivity solutions for business-critical and Industrial IoT applications. The following are excerpts from Foster’s remarks. A.F.
“At the higher levels of an Industrial IoT system above the devices, it is becoming increasingly common to deploy an intermediate layer of processing between the devices and the cloud data centers—this is referred to as Edge Computing or more recently Fog Computing.
For example, in a smart grid where the energy resources, wind farms, solar farms, battery storage facilities etc., are geographically located some distance from the power management control centers, the grid operators are building smart edge processing layers much closer to the actual machines for local data storage, analytics and to provide much more responsive grid control. The data can be analyzed in real-time, and grid control cycle times can be reduced from 10s of seconds or minutes down to milliseconds.
These are data-rich environments, where the data has to flow from the machinery, up to and between the real-time distributed edge processing nodes and also to the cloud for big data analytics — each interface between processing nodes within the system is potentially vulnerable to attack.”
“I see technology convergence between the Operational Technology (OT) world and the Information Technology (IT) world as one of the key issues that needs to be addressed to enable the next generation of Industrial IoT systems. A holistic security approach supported by a secure, standards-based end-to-end data connectivity solution is key to achieving this.
The data produced by the devices which flows up to the gateways, across the Edge Computing nodes and up to the cloud applications, should be part of an overall security architecture and needs to be secured end-to-end.”
“The data flowing between the processing nodes at the edge needs to be secure—originating from the devices, to the gateways and on to the edge nodes and then finally up to the cloud—and this means having different levels of security, including encryption and authentication between endpoints as well as having the ability to define credentials and access control rules that control the privileges the applications at each tier in an Industrial IoT system have to read, write or modify the data.”
“In comparison to other communication technologies the Data Distribution Service (DDS) standard provides a comprehensive security framework as part of the standard. It provides a flexible and extensible solution with pluggable data encryption, endpoint authentication and the ability to define access control rules for applications publishing and subscribing to the data, even down to fine-level granularity at the entity and object level and not simply at the boundaries of systems.”
“The need for secure communications, which is a fundamental requirement for military and aerospace applications is also emerging as a key issue in a wide range of commercial Industrial IoT markets. So the experience we have brought from the mil/aero market as an enabler of secure systems based on the DDS standard—is also key to addressing the security challenges in these new verticals.”