Posters
Come meet the poster presenters to ask them questions and discuss their work
We would like to invite you to come and see the posters at our upcoming conference. The posters will showcase a diverse range of research topics, and will give delegates an opportunity to engage with the authors and learn more about their work. Whether you are a seasoned researcher or simply curious about the latest developments in your field, we believe that the posters will offer something of interest to everyone. So please join us at the conference and take advantage of this opportunity to learn and engage with your peers in industry and the academic community.
PO303: Cyber Security and Data Accessibility as drivers for Advanced Monitoring Solutions
Arijit Kumar Bose, Product Security Officer (PSO), Hitachi Energy
Abstract
Asset monitoring is an important component to increase the reliability and adaptability of high-voltage switchgear and ensure sustainable operations. Data about asset condition are collected, e.g., travel curves and parameters are calculated to assess the equipment's health, e.g., contact wear. In many systems today, this is implemented in a closed environment with limited data access, e.g., using proprietary data formats or a lack of interfaces to access data. This limits the potential of such systems, e.g., for machine learning and AI. To overcome this, here, the evolution of OT systems into an IoT environment is proposed by means of adopting open IT standards such as MQTTS for messaging and exposing operational data through well-documented , structured interfaces, e.g., SQLite databases. This transformation enables remote monitoring, advanced analytics, and predictive maintenance. However, it potentially expands the attack surface of a system. The IEC62443 standard provides a robust framework for securing industrial OT devices in this changed environment. Applying its requirements to IoT-enabled OT devices highlights several priorities (among others): - Authentication: Mutual trust establishment between IoT enabled OT devices and remote monitoring entity. - Secure Communication: Encrypted, authenticated data flows over MQTT and other open protocols to prevent interception which otherwise could result into eavesdropping or manipulation. - Access Control: Implementing role-based access and least-privilege principles to safeguard databases and device interfaces. - Data Integrity and Confidentiality: Protecting stored sensor and operational data against tampering through encryption and verification mechanisms. - System Hardening: Reducing exposure by disabling unnecessary services, enforcing secure defaults, and maintaining regular patching. - Auditability: Establishing traceable logs of all data and control interactions, integrated with centralized monitoring systems. - Supply Chain Integrity: Securing open-source components, maintaining SBOMs, and ensuring signed updates - Data sovereignty: Hosting monitored data such as of the sensor nodes by user driven localization choice. Example based on a user's preferred geographical location.
No recording available for this poster.
