Home > Research > Publications & Outputs > The Forgotten I in IIoT

Electronic data

  • PiVOTScan

    Accepted author manuscript, 959 KB, PDF document

View graph of relations

The Forgotten I in IIoT: A Vulnerability Scanner for Industrial Internet of Things

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Forthcoming
Publication date9/04/2019
Host publication Living in the Internet of Things 2019
Original languageEnglish
EventLiving in the Internet of Things 2019 - IET London, London, United Kingdom
Duration: 1/05/20192/05/2019
https://events2.theiet.org/living-iot/index.cfm?utm_source=redirect&utm_medium=legacyredirects&utm_campaign=2019relaunch

Conference

ConferenceLiving in the Internet of Things 2019
Abbreviated titlePETRAS'19
CountryUnited Kingdom
CityLondon
Period1/05/192/05/19
Internet address

Conference

ConferenceLiving in the Internet of Things 2019
Abbreviated titlePETRAS'19
CountryUnited Kingdom
CityLondon
Period1/05/192/05/19
Internet address

Abstract

In moving towards highly connected integrated systems, the Industrial Internet of Thing (IIoT) promises a wealth of benefits. Enhanced usage of existing data sources, and integration of additional generation points, provide system users with greater visibility of industrial processes. This visibility can be used to identify and address inefficiencies. Within the context of discrete manufacturing, examples include reduction of waste materials and energy consumption. However, while one becomes engrossed in the use of big-data analytics, cloud technologies, and seamless adoption through hardware gateways, decade old systems are dropped into a technological melting pot of modern IoT, with little consideration of additional cyber security risks. Numerous works have provided evidence to suggest industrial systems are highly vulnerable to cyber attacks, from both a device and communication protocol perspective, yet efforts to automatically identify vulnerabilities are limited. This presents a significant gap, with vulnerability exploitation harbouring potentially life-threatening impact. Here we address this gap through the development of PIVoT Scan, an industrially-aware vulnerability scanner, capable of assessing a diverse range of devices and communication protocols predominantly situated within the legacy layers of IIoT environments — “The forgotten I”. Furthermore, we demonstrate PIVoT Scan’s ability to outperform a leading vulnerability scanner, Nessus.