Cybersecurity for Industrial Internet of Things: Architecture, Models and Lessons Learned

The paper outlines the design and implementation of a secure Industrial IoT (IIoT) system, providing insights for researchers working on similar projects, focusing on using trusted execution environments (TEEs) for IoT sensors and alternative performance metrics (like F1-score) to handle data imbalance in anomaly detection models. Challenges in on-device anomaly detection due to limited computational power led to offline training of models and integrating inference engines into edge devices. The study also found that different anomaly detection models (e.g., GRU or LSTM networks) are better at detecting continuous anomalies, while simpler models handle single anomalies well. The Apache Kafka message queue was effective for communication between modules, though it posed challenges for other technologies. The SDN Controller, using the OpenFlow protocol, had flexibility issues and security concerns with controlling SDN switches. While some attack types, like ransomware, weren’t fully explored, the paper suggests solutions like auto-quarantine to reduce data loss risks. The authors present their vision for a secure connected platform in smart factories and logistics, which can be adapted to other IIoT systems with minor modifications. They also highlight the portability of system components and direct readers to the project website for more details.