Posts

IIoT Security: Attacks Grow More Likely, Users Unaware

A few weeks ago hackers of industrial systems reached a new milestone. For the first time in history, someone was able to break into the safety shutdown system of a critical infrastructure facility. Roaming undetected through the system for an unknown amount of time, the hackers finally got stopped when they inadvertently put some controllers into a “fail-safe” mode that shut down other processes, which alerted plant staff that something was wrong.

The danger was not just in the safety mechanisms themselves, but for the whole plant. “Compromising a safety system could let hackers shut them down in advance of attacking other parts of an industrial plant, potentially preventing operators from identifying and halting destructive attacks,” said cyber experts interviewed by Reuters.

Plan Ahead

That facility was lucky this time around. What about next time? What about the next plant? Rather than relying on luck, it is better to plan for the future. As attacks grow more likely, those systems that are secure by design, that offer zero attack surface, that are undetectable on the Internet, stand a much better chance. This has always been Skkynet’s approach, and as the threats increase, it makes more and more sense.

In fact, the industrial world is largely unprepared for these kinds of attacks. Having evolved for decades cut off from the Internet, until recently there has been little need to change. And a surprising number of users seem unwilling to acknowledge the risks. According to a recent article in ARS Technica, hundreds of companies across Europe are running a popular model of Siemens PLC (Programmable logic controller) with TCP port 102 open to the Internet. “It’s an open goal,” commented security researcher Kevin Beaumont.

Government Mandates

The situation has attracted the attention of governments, who realize the need to protect critical infrastructure for the sake of their citizens. The United Kingdom has issued a new directive authorizing regulators to inspect cyber security precautions taken by energy, transport, water and health companies, reports the BBC. The National Cyber Security Centre has published guidelines, and companies that fail to comply are liable for fines of up to 17 million pounds. “We want our essential services and infrastructure to be primed and ready to tackle cyber-attacks and be resilient against major disruption to services,” said Margot James, Minister for Digital.

IT to OT Challenges

What has brought all of this into focus over the past few years has been the increased awareness of a need for process data outside of the production facility. Companies are recognizing the value of the data in their OT (operational technology) systems, and want to integrate it into their IT systems to help cut costs and improve overall efficiency for the company as a whole. What they may not realize is that the tools of IT were not designed for the world of OT, and the security practices of OT are not adequate for the Internet.

The WannaCry virus that affected many companies worldwide last year is a case in point. Companies using VPNs to protect their IT-to-OT connections found out first-hand that a VPN merely extends the security perimeter of the plant out into an insecure world. A breach in an employee email can expose the whole plant to the threat of a shutdown. “WannaCry is the personification of why computers on the corporate networks should not be directly connected to OT networks,” according to Gartner Analyst Barika Pace in a recent report, Why IIoT Security Leaders Should Worry About Cyberattacks Like WannaCry, January 30, 2018. “It is also the reflection of the inevitable convergence of IT and OT. Based on your risk tolerance and operational process, segmentation, where possible, is still critical.”

Segment Your Systems

By segmentation, Pace means dividing networks into security zones, and maintaining security between each zone through the use of firewalls, DMZs, data diodes and other similar technologies to ensure that if one system gets hacked, it cannot affect others. Segmentation is part of a secure-by-design approach that Skkynet endorses and provides. Our software and services offer a way to connect IT and OT systems through DMZs or the cloud without opening any outbound firewall ports.

A Siemens PLC in this kind of segmented system could be accessed by authorized parties, and exchange data in both directions, without opening TCP port 102 to the Internet. Managers of critical infrastructure that implement this secure-by-design approach to segmentation are not only ready for government inspection, they have taken the best precaution against those who would intrude, hack, and attack their mission-critical systems.

As attacks on critical infrastructure become more likely, users must become aware, and prepare. The acknowledged benefits of IIoT need not entail unnecessary risk—securing an industrial system can be done, and done well. A big step is to segment your OT system though a secure-by-design approach, such as that offered by Skkynet.

Wider Adoption of IIoT Forecast for 2018

With the New Year upon us, now is the time to look back at 2017 to see how far we’ve come, and look ahead to see what’s on the horizon.  After sifting through a number of predictions, it seems that most of the pundits agree that the forecast is good.  The Industrial IoT continues to grow steadily in popularity, as it becomes one of the leading application spaces for the IoT.

“There’s no question the industrial side of IoT is growing rapidly,” said Bret Greenstein, VP of IBM’s Watson IoT Consumer Business.  “In a way, it’s kind of supercharging manufacturing operators and people who do maintenance on machines by providing real-time data and real-time insights.”

“It’s clear that the internet of things is transforming the business world in every industry,” says Andrew Morawski, President and Country Chairman of Vodafone Americas. “As the technology has evolved over time, adoption among businesses has skyrocketed.”

Finding business cases

As part of this growth, the forecast is to see companies begin to apply the knowledge they have gained from small-scale test implementations and pilots to build solid use cases for IIoT technology.  “The focus is shifting from what the IoT could do to what it does, how it fits in business goals and how it generates value,” said J-P De Clerck, technology analyst at i-SCOOP.  We have seen this among our customers here at Skkynet, and we plan to share some of their experiences and use cases later this year.

Edge computing becoming a necessity

Most analysts foresee growth of edge computing as part of an overall IIoT solution.  As we explain in a recent Tech Talk, edge computing means doing some data processing directly on an IoT sensor or device, as close as possible to the physical system, to reduce bandwidth and processing on cloud systems. Daniel Newman, a Forbes contributor says, “Edge networking will be less of a trend and more of a necessity, as companies seek to cut costs and reduce network usage.” He sees IT companies like Cisco and Dell supporting the move to edge computing in IIoT hardware, as well as the industrial providers that you would expect, such as GE and ABB.

Security remains a fundamental challenge

There is one thing that pretty much every analyst and pundit agrees on: security is still a challenge.  Various ideas are being discussed.  One commentator suggested that companies making large investments in IIoT have gained or eventually will gain the expertise and resources needed to meet the challenge.  Others suggest that an altogether new model might be necessary.  “We have reached a point in the evolution of IoT when we need to re-think the types of security we are putting in place,” said P.K. Agarwal, Dean of Northeastern University’s Silicon Valley in a recent Network World article. “Have we truly addressed the unique security challenges of IoT, or have we just patched existing security models into IoT with hope that it is sufficient?”

As we see it, patching up existing models is not the answer.  Providing secure access to industrial data in real time over the Internet is not something that traditional industrial systems were designed to do.  As more and more IIoT implementations come online, and as companies search for robust systems that can scale up to meet their production needs, we believe they will come to that realization as well.  Our forecast for 2018 is that an increasing number of those companies will begin to realize the value of an IIoT system that is secure by design.

Skkynet Embarks on Market Entry Program in East Asia

Wavefront Global Market Entry Program helps bring Skkynet’s Industrial IoT and Industrie 4.0 solutions to industry leaders in Taiwan and Japan.

Mississauga, Ontario, December 12, 2017 – Skkynet Cloud Systems, Inc. (“Skkynet” or “the Company”) (OTCQB: SKKY), a global leader in real-time cloud information systems, is pleased to report that Skkynet was part of the Wavefront Global Market Entry Program, Taiwan & Japan 2017, from November 26 through December 1.  The trip included networking receptions and one-on-one meetings with high level decision makers in key Industrial IoT and Industrie 4.0 associations and industries in Taipei, Osaka, and Tokyo, as well as attending the System Control Fair & Measurement Control Show (SCF 2017) in Tokyo.

“Wavefront opened some valuable opportunities by connecting us to the right people at the appropriate level for each company we visited,” said Paul Thomas, President of Skkynet.  “Both Japan and Taiwan are actively pursuing Industrie 4.0 and Industrial IoT initiatives, and these executives and leaders of thought expressed a keen interest in our end-to-end SaaS for real-time data that is secure by design.”

“Skkynet’s innovative technology and proven solutions for smart manufacturing, IoT, and embedded systems perfectly address the growing needs of industry in Taiwan and Japan,” said Geoff Ledingham, Manager, Global Services at Wavefront. “We were pleased to assist them in entering these markets at just the right time.”

Skkynet’s delegation demonstrated how their software-based solutions allow industrial and embedded systems to securely network live data in real time from any location. These solutions include enabling bidirectional supervisory control, integration and sharing of data with multiple users, and real-time access to selected data sets in a web browser, either on-site or remotely over insecure networks such as the Internet.

“In less than a week we met a wide range of people, and were able to share our vision of the most reliable way to implement Industrial IoT to solve real-world problems,” said Thomas.  “Pretty much everyone we talked to was open to considering new methods for high-speed data integration and secure remote access, to gain advantage in the coming era of Industrie 4.0 and Industrial IoT applications.”

Skkynet’s DataHub middleware, SkkyHub service, and ETK provide secure access to industrial data, allowing users to fully integrate OT (operations technology) with IT systems and other applications anywhere in the world. Secure by design, it requires no VPN, no open firewall ports, no special programming, and no additional hardware. Secure integration of embedded devices, on-premise systems, and remote locations through seamless, end-to-end connectivity in real time lets users derive maximum value from Industrial IoT and Industrie 4.0.

About Wavefront

Wavefront is Canada’s leader in transforming business through mobile and IoT innovation. It is a centre for commercialization for companies in the wireless and IoT technologies space. Wavefront’s vision is to build a globally relevant, nationally connected ecosystem that delivers digital capacity, competitiveness and prosperity for Canadians.

About Skkynet

Skkynet Cloud Systems, Inc. (OTCQB: SKKY) is a global leader in real-time cloud information systems. The Skkynet Connected Systems platform includes the award-winning SkkyHub™ service, DataHub®, WebView™, and Embedded Toolkit (ETK) software. The platform enables real-time data connectivity for industrial, embedded, and financial systems, with no programming required. Skkynet’s platform is uniquely positioned for the “Internet of Things” and “Industry 4.0” because unlike the traditional approach for networked systems, SkkyHub is secure-by-design. For more information, see https://skkynet.com.

Safe Harbor

This news release contains “forward-looking statements” as that term is defined in the United States Securities Act of 1933, as amended and the Securities Exchange Act of 1934, as amended. Statements in this press release that are not purely historical are forward-looking statements, including beliefs, plans, expectations or intentions regarding the future, and results of new business opportunities. Actual results could differ from those projected in any forward-looking statements due to numerous factors, such as the inherent uncertainties associated with new business opportunities and development stage companies. Skkynet assumes no obligation to update the forward-looking statements. Although Skkynet believes that any beliefs, plans, expectations and intentions contained in this press release are reasonable, there can be no assurance that they will prove to be accurate. Investors should refer to the risk factors disclosure outlined in Skkynet’s annual report on Form 10-K for the most recent fiscal year, quarterly reports on Form 10-Q and other periodic reports filed from time-to-time with the U.S. Securities and Exchange Commission.

What Drives Industry in 2017?

It’s big. It’s by far the biggest industrial automation show in Germany, in Europe, and possibly in the world. It’s SPS IPC Drives. “SPS” is German for PLC (Programmable Logic Controller), “IPC” stands for Industrial Process Control, and “Drives” are tools that control the speed of machinery. It comprises a dozen exhibition halls, each one practically a trade show in itself, filled with gigantic, colorful booths displaying robots, machines, and control system components. It’s where thousands of engineers, system integrators, machine builders and parts vendors gather for a massive show-and-tell featuring the latest and greatest—sensors, actuators, controllers, software, services and more.

The Cogent/Skkynet display was part of the OPC Foundation exhibit at the show, in the communications technologies hall. We had a demo of our completely integrated solution for Industrial IoT data communication and OPC UA (Unified Architecture), from embedded devices with ETK, to the factory floor with DataHub, to our SkkyHub service running in the cloud. We attracted plenty of interest, particularly for our ability to access data from inside a plant without opening any firewall ports, and using no VPNs.

Other exhibits featured IoT, and a few had working demos similar to ours, showing how they could put data from a sensor into the cloud. But there were significant differences. Most of them did not have bidirectional communication, and all of them had to make compromises on security and robust connectivity.

Data Communication must be Secure…

The two technologies most frequently mentioned for data communications were OPC UA and MQTT. Most users are finding out that OPC UA by itself cannot serve as an IIoT protocol, because like every industrial protocol, it functions on a client-server basis. An OPC UA client outside the plant needs an open firewall port at the plant to connect to an OPC UA server inside. This is inherently insecure, since any hacker could also enter the plant through that open firewall port. To surmount this obstacle, a number of companies have turned to the MQTT messaging protocol. Its publish/subscibe architecture allows it to make outbound connections. That does keep firewall ports closed, but MQTT is not suitable for IIoT for other reasons. Notably, it cannot guarantee data consistency.

… and Robust

Funnily enough, when you bring this up, people catch on quickly. I walked around the show and talked to people who had IIoT on their posters and brochures, who were demonstrating IIoT devices, and offering IIoT cloud services. Companies large and small, including some of the biggest names in the industry, are using or promoting MQTT or its close cousin, AMQP. And yet when I pointed out to them how MQTT is unable to guarantee consistent data, they soon understood. Everyone acknowledged that if an MQTT connection from a data source is broken, the data user will not know that his or her data may no longer be valid. “Isn’t that a problem? Couldn’t it be dangerous?” I would ask. “Yes,” they would admit, “but there isn’t any other way.”

Another Way

Finding out that there is another way opened a few eyes. People coming to our booth and those we met throughout the show were surprised and pleased to find out that there actually is a way to maintain a secure, robust connection for IIoT. There is no need to open any firewall ports or to use a VPN, and yet you can guarantee consistency of the data between the server and the client. All you need is the right technology, secure by design. Our task for the coming months is to continue sharing this message with the 1500+ exhibitors and 70,000+ visitors at SPS IPC Drives, along with anyone else who wants to connect industrial process control systems to the IoT.

Some Notable Industrial IoT Applications

After years of riding high on the Gartner Hype Cycle, Industrial IoT (IIoT) is beginning to take shape in various ways.  Early adopters tend to be large companies who have identified specific applications in which IoT connectivity provides an immediate advantage.  The Internet of Things Institute recently named Top 20 Industrial IoT Applications, giving an overview of the best of what is happening.  All of these are interesting, and we’d like share our thoughts on a few that you may not have heard of elsewhere.

Compressed Air as a Service

The Kaeser Kompressoren company in Germany has been manufacturing and selling air compressors for almost 100 years.  Lately they have adopted an IIoT perspective, and have changed their business model.  Now they provide compressed air as a service.  Instead of selling their equipment, they install it at a customer site and sell its ability to compress air.

Among other things, this requires a mental shift when calculating where their revenues come from.  Previously, when the customer owned the machinery, Kaeser could make money on repair services.  Now that Kaeser owns the equipment, repairs have become a cost center, and it is in their interest to keep those costs as low as possible.  Since they they started working under this business model, the company has been using IIoT technologies to sustain a healthy predictive maintenance (PdM) program.  The cost savings revert directly to Kaeser.

This ability to adapt, to transform business models and capitalize on the Industrial IoT applications will set the leaders apart from the followers in the next few years as the IIoT moves from hype to reality.

Keeping Track of Tools

How many screws does it take to build a commercial airliner?  How tightly must each one be turned?  What’s the right tool for the job, and how should it be calibrated?  A joint IIoT project between Bosch, Cisco, National Instruments, and Tech Mahindra coordinated through the Industrial Internet Consortium is demonstrating the value of the IIoT in answering those questions.

At a testbed location that simulates aircraft assembly, Bosch cordless screwdrivers are connected wirelessly via National Instruments technology and send identification data about themselves, as well as torque data about the screw they are tightening, to a central database.  Their exact physical location is calculated using a triangulation technology from Cisco.  An integration program from a Tech Mahindra program uses the screwdriver’s location data to look up the amount of torque specified for that screw at that location, and configures the screwdriver accordingly.  When the operator moves to a different location on the aircraft body to drive other types of screws, the screwdriver gets reconfigured automatically and precisely.

These four companies working together highlight the value of cooperation in developing Industrial IoT applications, especially at the beginning stages.  Many successful early adopters have emphasized the value of partnerships and collaboration.  Those who take a do-it-yourself approach often find the IoT more complicated to implement than expected.

Automated Mining and Haulage Systems

The largest private railroad in Australia with over 1,700 kilometres of track is owned and operated by the Rio Tinto mining company.  Using IIoT technologies, the company is now running unmanned, autonomous trains along this line, hauling iron ore from mines in the Pilbara region to ports along the north coast.  The pilot project will be expanded to full service next year, as the world’s first fully-autonomous heavy haul, long distance railway system.

This initiative is just one of several IIoT-related initiatives that Rio Tinto is developing.  They are also pioneering in the operation of autonomous trucks and drilling systems for their mines, and are even looking at self-navigating ships to cut the cost of delivering their products worldwide.

Not every company is in Rio Tinto’s position, but their broad vision, wide range of IoT applications, and obvious success can be an inspiration for all of us.  The message is clear: Industrial IoT is not only possible, it is profitable.  Learning from these examples, anyone venturing into this space needs to consider the opportunities and challenges unique to their industry and company, learn how and when to work with others, and then start taking action to gain the maximum benefit from Industrial IoT.

Skkynet Technology Soon Available in iBRESS Cloud by BellChild

Japanese systems integration company, BellChild, will use Skkynet’s SkkyHub technology in its new iBRESS Cloud service, available next month.

Mississauga, Ontario, November 8, 2017 – Skkynet Cloud Systems, Inc. (“Skkynet” or “the Company”) (OTCQB: SKKY), a global leader in real-time cloud information systems, is pleased to announce that starting December 1, 2017, BellChild Ltd. of Osaka, Japan will be offering iBRESS Cloud service that will be powered by Skkynet’s SkkyHub technology. This service will provide secure, real-time, bidirectional communications for Industrie 4.0 and Industrial IoT applications without opening any firewall ports, and without using any VPN.

“The iBRESS Cloud is an ideal fit for Japan’s well-established industrial base, and for the rest of Asia,” said Paul Thomas, President of Skkynet. “BellChild has a solid reputation for providing secure data communication services, and the iBRESS Cloud technology has been designed to provide the kind of secure, high-speed service that remote connections to industrial systems demand.”

Users of iBRESS Cloud will be able to securely connect industrial plants, machines, or individual sensors and actuators to a complete Industrie 4.0 or IIoT system.  BellChild customers will thus be able to monitor and control their industrial processes in real time, from a web page or mobile phone, as well as log data directly to any database or Big Data repository.  The service requires no programming, and allows users to seamlessly integrate existing systems using standard protocols, while incrementally adding Industrie 4.0 or IIoT capability as needed.

The basis for the iBRESS and SkkyHub services is Skkynet’s patented technology for secure, outbound-only connections, making it fully compatible with corporate IT policies, and ensuring no exposed attack surface – no open firewall ports, no VPN, and no extra hardware.  It provides Industrie 4.0 and IIoT connectivity at in-plant networking speeds of microseconds over network latency, and processes up to 50,000+ data changes per second.

About BellChild

BellChild is a system integration company focusing on secure system development, robust infrastructure development, and advanced operations capabilities.  The company develops and maintains secure servers used to support high-speed financial transactions, which is also used to provide a robust and secure platform to support industrial cloud-based systems in the form of iBRESS™ Cloud service.  For more information, see http://www.bell-c.co.jp/.

About Skkynet

Skkynet Cloud Systems, Inc. (OTCQB: SKKY) is a global leader in real-time cloud information systems. The Skkynet Connected Systems platform includes the award-winning SkkyHub™ service, DataHub®, WebView™, and Embedded Toolkit (ETK) software. The platform enables real-time data connectivity for industrial, embedded, and financial systems, with no programming required. Skkynet’s platform is uniquely positioned for the “Internet of Things” and “Industry 4.0” because unlike the traditional approach for networked systems, SkkyHub is secure-by-design. For more information, see https://skkynet.com.

Safe Harbor

This news release contains “forward-looking statements” as that term is defined in the United States Securities Act of 1933, as amended and the Securities Exchange Act of 1934, as amended. Statements in this press release that are not purely historical are forward-looking statements, including beliefs, plans, expectations or intentions regarding the future, and results of new business opportunities. Actual results could differ from those projected in any forward-looking statements due to numerous factors, such as the inherent uncertainties associated with new business opportunities and development stage companies. Skkynet assumes no obligation to update the forward-looking statements. Although Skkynet believes that any beliefs, plans, expectations and intentions contained in this press release are reasonable, there can be no assurance that they will prove to be accurate. Investors should refer to the risk factors disclosure outlined in Skkynet’s annual report on Form 10-K for the most recent fiscal year, quarterly reports on Form 10-Q and other periodic reports filed from time-to-time with the U.S. Securities and Exchange Commission.