Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Analyzing the Attack Surface and Threats of Industrial Internet of Things Devices

Simon Liebl, Leah Lathrop, Ulrich Raithel, Andreas Aßmuth, Ian Ferguson, Matthias Söllner

TL;DR

The paper tackles the rising risk of IIoT-enabled industrial systems by proposing a holistic threat-analysis framework that spans hardware, software, data, and assets across the device life cycle. It introduces detailed taxonomies for threats and attack vectors, including nearly 50 threat categories and a multi-layer attack categorization (hardware, firmware, application, cryptography, network, and human factors). The authors propose a six-step procedure—system analysis, interaction overview, asset identification, threat-source identification, threat/vulnerability identification, and vulnerability/risk assessment—designed to complement existing TARA methodologies such as IEC 62443-3-2. This approach enables manufacturers and operators to systematically identify, quantify, and mitigate risks to IIoT devices, with implications for safety, reliability, and compliance in critical infrastructures.

Abstract

The growing connectivity of industrial devices as a result of the Internet of Things is increasing the risks to Industrial Control Systems. Since attacks on such devices can also cause damage to people and machines, they must be properly secured. Therefore, a threat analysis is required in order to identify weaknesses and thus mitigate the risk. In this paper, we present a systematic and holistic procedure for analyzing the attack surface and threats of Industrial Internet of Things devices. Our approach is to consider all components including hardware, software and data, assets, threats and attacks throughout the entire product life cycle.

Analyzing the Attack Surface and Threats of Industrial Internet of Things Devices

TL;DR

The paper tackles the rising risk of IIoT-enabled industrial systems by proposing a holistic threat-analysis framework that spans hardware, software, data, and assets across the device life cycle. It introduces detailed taxonomies for threats and attack vectors, including nearly 50 threat categories and a multi-layer attack categorization (hardware, firmware, application, cryptography, network, and human factors). The authors propose a six-step procedure—system analysis, interaction overview, asset identification, threat-source identification, threat/vulnerability identification, and vulnerability/risk assessment—designed to complement existing TARA methodologies such as IEC 62443-3-2. This approach enables manufacturers and operators to systematically identify, quantify, and mitigate risks to IIoT devices, with implications for safety, reliability, and compliance in critical infrastructures.

Abstract

The growing connectivity of industrial devices as a result of the Internet of Things is increasing the risks to Industrial Control Systems. Since attacks on such devices can also cause damage to people and machines, they must be properly secured. Therefore, a threat analysis is required in order to identify weaknesses and thus mitigate the risk. In this paper, we present a systematic and holistic procedure for analyzing the attack surface and threats of Industrial Internet of Things devices. Our approach is to consider all components including hardware, software and data, assets, threats and attacks throughout the entire product life cycle.
Paper Structure (40 sections, 6 figures, 1 table)

This paper contains 40 sections, 6 figures, 1 table.

Table of Contents

  1. Introduction
  2. The Industrial Internet of Things
  3. Related Work
  4. Components of an IIoT Device
  5. Hardware
  6. Software
  7. Data
  8. Assets of an IIoT Device
  9. Threat Categorization
  10. Nefarious Activity / Abuse / Misuse
  11. Attack Preparation / Persistence
  12. Damage / Destruction / Harm / Loss
  13. Espionage / Eavesdropping / Interception / Tampering
  14. Intellectual Property Theft
  15. Legal
  16. ...and 25 more sections

Figures (6)

  • Figure 1: Relationship of the various terms, adopted from IIoTChallOpDir.
  • Figure 2: Hardware and software components and types of data that IIoT devices may contain.
  • Figure 3: Assets from the perspective of manufacturers, owners, and users as well as their common objectives.
  • Figure 4: An overview of the grouped threat categories.
  • Figure 5: IoT devices can be attacked during the entire product life cycle. The various types of attacks on an IoT device, illustrated in the circle, are shown in the blue boxes.
  • ...and 1 more figures