Avoiding the internet of insecure industrial things
Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regul...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Published: |
Elsevier
2018
|
| Subjects: | |
| Online Access: | https://eprints.nottingham.ac.uk/48592/ |
| _version_ | 1848797801671032832 |
|---|---|
| author | Urquhart, Lachlan McAuley, Derek |
| author_facet | Urquhart, Lachlan McAuley, Derek |
| author_sort | Urquhart, Lachlan |
| building | Nottingham Research Data Repository |
| collection | Online Access |
| description | Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regulatory perspectives. Legal changes are being ushered by the European Union (EU) Network and Information Security (NIS) Directive 2016 and the General Data Protection Regulation 2016 (GDPR) (both to be enforced from May 2018). We use the case study of the emergent smart energy supply chain to frame, scope out and consolidate the breadth of security concerns at play, and the regulatory responses. We argue the industrial IoT brings four security concerns to the fore, namely: appreciating the shift from offline to online infrastructure; managing temporal dimensions of security; addressing the implementation gap for best practice; and engaging with infrastructural complexity. Our goal is to surface risks and foster dialogue to avoid the emergence of an Internet of Insecure Industrial Things. |
| first_indexed | 2025-11-14T20:09:39Z |
| format | Article |
| id | nottingham-48592 |
| institution | University of Nottingham Malaysia Campus |
| institution_category | Local University |
| last_indexed | 2025-11-14T20:09:39Z |
| publishDate | 2018 |
| publisher | Elsevier |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | nottingham-485922020-05-04T19:44:18Z https://eprints.nottingham.ac.uk/48592/ Avoiding the internet of insecure industrial things Urquhart, Lachlan McAuley, Derek Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regulatory perspectives. Legal changes are being ushered by the European Union (EU) Network and Information Security (NIS) Directive 2016 and the General Data Protection Regulation 2016 (GDPR) (both to be enforced from May 2018). We use the case study of the emergent smart energy supply chain to frame, scope out and consolidate the breadth of security concerns at play, and the regulatory responses. We argue the industrial IoT brings four security concerns to the fore, namely: appreciating the shift from offline to online infrastructure; managing temporal dimensions of security; addressing the implementation gap for best practice; and engaging with infrastructural complexity. Our goal is to surface risks and foster dialogue to avoid the emergence of an Internet of Insecure Industrial Things. Elsevier 2018-06-30 Article PeerReviewed Urquhart, Lachlan and McAuley, Derek (2018) Avoiding the internet of insecure industrial things. Computer Law and Security Review, 34 (3). pp. 450-466. ISSN 0267-3649 Industrial internet of things; cybersecurity; network and information security; data protection; smart grids; industrial control systems; autonomous vehicles https://www.sciencedirect.com/science/article/pii/S0267364917303217 doi:10.1016/j.clsr.2017.12.004 doi:10.1016/j.clsr.2017.12.004 |
| spellingShingle | Industrial internet of things; cybersecurity; network and information security; data protection; smart grids; industrial control systems; autonomous vehicles Urquhart, Lachlan McAuley, Derek Avoiding the internet of insecure industrial things |
| title | Avoiding the internet of insecure industrial things |
| title_full | Avoiding the internet of insecure industrial things |
| title_fullStr | Avoiding the internet of insecure industrial things |
| title_full_unstemmed | Avoiding the internet of insecure industrial things |
| title_short | Avoiding the internet of insecure industrial things |
| title_sort | avoiding the internet of insecure industrial things |
| topic | Industrial internet of things; cybersecurity; network and information security; data protection; smart grids; industrial control systems; autonomous vehicles |
| url | https://eprints.nottingham.ac.uk/48592/ https://eprints.nottingham.ac.uk/48592/ https://eprints.nottingham.ac.uk/48592/ |