Source: O'Reilly Radar - Insight, analysis, and research about emerging technologies
Security must evolve along with the industrial Internet. The Stuxnet attack on Iran’s centrifuges in 2010 highlighted both the risks of web-borne attacks and the futility of avoiding them by disconnecting from the Internet (the worm spread, in part, using USB keys). Potential attackers range from small-time corporate spies to sophisticated government units that might use infrastructure disruption as a weapon.
Comparing industrial Internet security to consumer and enterprise web security is difficult; requirements, challenges, and approaches differ significantly. In industrial systems, stability is crucial, and isolating an infected system - or adding an air gap as a preventative measure - can be enormously costly. Some tools that are difficult to apply to the unstructured web are effective in industry, though: since industrial systems usually have known, simplified network structures with highly regular traffic patterns, anomaly detection and other machine-learning techniques hold great promise as ways to find and stop attacks. The addition of more computing power at the network level as companies connect their industrial systems will make these approaches more powerful.
Back in October, Eugene Kaspersky announced that his security firm is developing an industrial operating system - a “highly-tailored system,” one that “by design won’t be able to carry out any behind-the-scenes, undeclared activity.” Last...