| | |
| | |
Stat |
Members: 3657 Articles: 2'599'751 Articles rated: 2609
09 October 2024 |
|
| | | |
|
Article overview
| |
|
Missed Opportunities: Measuring the Untapped TLS Support in the Industrial Internet of Things | Markus Dahlmanns
; Johannes Lohmöller
; Jan Pennekamp
; Jörn Bodenhausen
; Klaus Wehrle
; Martin Henze
; | Date: |
1 Jun 2022 | Abstract: | The ongoing trend to move industrial appliances from previously isolated
networks to the Internet requires fundamental changes in security to uphold
secure and safe operation. Consequently, to ensure end-to-end secure
communication and authentication, (i) traditional industrial protocols, e.g.,
Modbus, are retrofitted with TLS support, and (ii) modern protocols, e.g.,
MQTT, are directly designed to use TLS. To understand whether these changes
indeed lead to secure Industrial Internet of Things deployments, i.e., using
TLS-based protocols, which are configured according to security best practices,
we perform an Internet-wide security assessment of ten industrial protocols
covering the complete IPv4 address space.
Our results show that both, retrofitted existing protocols and newly
developed secure alternatives, are barely noticeable in the wild. While we find
that new protocols have a higher TLS adoption rate than traditional protocols
(7.2% vs. 0.4%), the overall adoption of TLS is comparably low (6.5% of hosts).
Thus, most industrial deployments (934,736 hosts) are insecurely connected to
the Internet. Furthermore, we identify that 42% of hosts with TLS support
(26,665 hosts) show security deficits, e.g., missing access control. Finally,
we show that support in configuring systems securely, e.g., via configuration
templates, is promising to strengthen security. | Source: | arXiv, 2206.00322 | Services: | Forum | Review | PDF | Favorites |
|
|
No review found.
Did you like this article?
Note: answers to reviews or questions about the article must be posted in the forum section.
Authors are not allowed to review their own article. They can use the forum section.
|
| |
|
|
|