Why this article is important:
- It distinguishes wireless sensor networks from IoT/IIoT devices, correcting common misconceptions that could lead to underestimating risks or applying inappropriate cybersecurity strategies.
- Process engineers need to understand that WSNs, despite being simpler and localized, still present cybersecurity risks.
- The article helps engineers make smarter choices about device selection, network design and security policies, especially in environments with remote monitoring and wireless data collection.
Wireless sensor networks (WSNs) are not the same as internet of things (IoT) and industrial internet of things (IIoT) devices and, consequently, have different cybersecurity considerations.
One reason why they are different is because IoT devices not only are more ubiquitous and easily accessible (not inside a plant gate), but also typically rely on internet connectivity to enable data exchange and remote access and as a result use a wider variety of communication protocols, including Wi-Fi, cellular, and other predominantly ISM bands. These devices may have more processing power and capabilities involving Involves a wider range of data processing, including analysis, storage and visualization.
All these reasons make IoT devices a “sweeter” target than WSNs which use specific, low-power wireless protocols focused on data collection from a specific environment or process (normally inside a plant gate) and are designed for dedicated applications. Individual WSN nodes (transmitters) often have limited processing power and memory, so data is normally sent to a gateway where it is aggregated.
Just like device with a microprocessor, wireless sensors have the potential to be compromised. Since they also use ISM bands, cybersecurity needs to be considered.
Fortunately, when WSNs were being developed, cybersecurity was also on the radar, so they do include some basic capabilities:
- Core industrial WSNs include end-to-end encryption and while encryption is important, it's not a silver bullet. Key management, secure communication protocols and intrusion detection are also necessary.
- Provisioning establishes device identities, allowing for tracking and monitoring of individual nodes and includes setting security parameters, such as encryption keys, access controls and firewall rules
- Frequency hopping enhances the resilience of the network against jamming and eavesdropping, making it more difficult for an attacker to intercept and decode transmitted data. An attacker would need sophisticated equipment to follow the frequency hopping pattern in real time increasing the difficulty for an attacker to jam the network, as they would have to jam multiple frequencies simultaneously.
Get your subscription to Control's tri-weekly newsletter.
There are however many myths associated with WSNs with a few of the more common ones below:
|
Myth
|
Reality
|
|
WSNs are inherently secure because they are low-power devices and use proprietary protocols.
|
Low-power and proprietary protocols can provide some obscurity, but they don't guarantee security. Attackers can reverse-engineer protocols and exploit vulnerabilities.
|
|
WSNs have limited processing power and are “too simple” so they can't be effectively attacked.
|
While individual nodes may have limited resources, they can be used as a vector to gain access to other more important networks. Because of reduced processing power, compromised nodes can disrupt the entire WSN, causing data loss, inaccurate readings or system failures.
|
|
WSNs are used in a closed, isolated environment that are safe.
|
"Air gaps" can be breached through insider threats, infected devices brought into the environment, or even sophisticated attacks that use unconventional communication channels.
Even isolated WSNs can be vulnerable to physical attacks that compromise individual nodes.
|
Fortunately, consortia supporting WSNs are aware of evolving cybersecurity requirements and include more security in their installation guidelines as well as future releases of products.
In industrial or critical infrastructure settings, even seemingly simple sensor data can have significant consequences. Examples include the data used for regulatory reporting of environmental conditions like water quality and air pollution, which are often remote from the main facility is often gathered wirelessly. Likewise, strain and vibration sensors used to monitor structural or mechanical integrity of key pieces of equipment used for predictive maintenance are also collected via WSNs.
It is no surprise that security must be considered throughout the entire WSN lifecycle, from design to deployment and maintenance. As we all know, even though the most common route to compromising an operational technology (OT) system is from the “IT side” as the envelope to be protected continues to expand through WSNs and IIoT devices, we are only as strong as our weakest link. Once the backdoor is open, it becomes a race against time of whether you find the infiltrators before they find their rewards within your integrated OT and IT systems.
