Physical Cybersecurity: Use The Cloud, Don’t Let It Use You

C. Dunn
Fend, Inc.,
United States

Keywords: cybersecurity, data diode, OBDII, fleet monitoring, More Situational Awareness for Industrial Control Systems (MOSAICS)

Summary:

The Industrial Internet of Things (IoT) enables real-time monitoring of vehicular systems to enhance performance and reduce costs and downtime. Ongoing research is allowing vehicle telematics (the combined science of telecommunications and informatics) to be brought into the cloud where emerging AI-powered analytics can detect anomalies and trends to help prioritize maintenance, monitor vehicle and driver dynamics, and optimized resource allocation and investments. Telematics shows great promise in controlling fleet costs, optimizing road maintenance, and even saving lives. However, this connectivity has exposed a vast attack surface for hackers to exploit cybersecurity weaknesses. Nation state adversaries and criminals have exploited poorly protected equipment in acts of terrorism, corporate espionage and ransomware. Traditional defenses, like firewalls and software-based security, always let some malicious code through before patches and updates are issued. Fortunately, one class of hardware provides completely secure equipment monitoring: data diodes. Data diodes use light to transmit data in only one direction. Information about location, vehicle systems, sensors, and driver behavior can be “beamed” out to the cloud without any physical way for a remote hacker to get in. Once reserved for critical applications like nuclear power plants, data diodes are now available for the masses. A new generation of low-cost, easily configurable data diodes has entered the market and promises to open the door to the cloud in a secure way, bringing powerful, distributed defenses against a growing cyber threat.