Threat Analysis of Industrial Internet of Things Devices
Simon Liebl, Leah Lathrop, Ulrich Raithel, Matthias Söllner, Andreas Aßmuth
TL;DR
Industrial Internet of Things (IIoT) devices connected to cloud services expand attack surfaces for ICS, raising risks to safety, reliability, and critical infrastructure. The paper offers a structured threat-analysis framework tailored to IIoT, including a taxonomy of threat sources, a catalog of threats and vulnerabilities, and a six-step procedure for conducting thorough threat analyses. Key findings highlight government-sponsored and industrial espionage as high-risk sources, alongside malware, insider threats, and hacktivism, and emphasize vulnerabilities in insecure communications, design flaws, and misconfigurations. The work aims to equip IIoT manufacturers with practical guidance to perform risk assessments and develop countermeasures for low-power IIoT devices, improving resilience of OT/ICS in cloud-connected environments.
Abstract
As part of the Internet of Things, industrial devices are now also connected to cloud services. However, the connection to the Internet increases the risks for Industrial Control Systems. Therefore, a threat analysis is essential for these devices. In this paper, we examine Industrial Internet of Things devices, identify and rank different sources of threats and describe common threats and vulnerabilities. Finally, we recommend a procedure to carry out a threat analysis on these devices.