EdgeX Foundry and Industrial Security for the IoT Edge

As a result, over the last year, there has been a valuable, global collaboration within the EdgeX Foundry project between security leaders to define layer upon layer of security modules. RSA and VMWare have played a big part in this effort along with fellow EdgeX member companies including Analog Devices, Beechwoods Software, ForgeRock, Mainflux, Mocana, Samsung and Thales.

Dell EMC May 22nd 2018

A clear path to greater IoT edge interoperability
Twelve months in, the project has a clear roadmap in place and we’re meeting our delivery commitments with the recent “California Preview” release, which has dramatically reduced our footprint through the new Go Lang-based microservices. Net-net, we’re well on the way to living up to our goal of facilitating vendor-neutral interoperability between commercial value-add solutions at the IoT edge, regardless of underlying hardware, operating system or connectivity standards.

Growing community and commercial adoption
It’s wonderful to see growing community adoption with hundreds of developers actively working with the EdgeX code and companies starting to incorporate it into their commercial offerings. For example, IOTech has launched the first commercially-supported version of the baseline code compete with developer support. Beyond the 70 plus backing organizations and growing developer engagement, we’ve also seen the community expand in the form of university-sponsored EdgeX research efforts plus EdgeX-focused hackathons.

A focus on security
So, where to next? The big priority has to be industrial-grade security. To set some context, from a Dell EMC perspective, we purposely didn’t include much about security in our initial code contribution that seeded the EdgeX project because we felt it was important that these features were collectively defined by the community to gain universal trust.

Global collaboration
As a result, over the last year, there has been a valuable, global collaboration within the EdgeX Foundry project between security leaders to define layer upon layer of security modules. RSA and VMWare have played a big part in this effort along with fellow EdgeX member companies including Analog Devices, Beechwoods Software, ForgeRock, Mainflux, Mocana, Samsung and Thales.  That work is now largely complete and the resulting APIs and reference code in EdgeX will pave the way for new commercial security innovations.

Opportunity and risk
Let’s put the importance of security in context. As we all know, the IoT promises unprecedented connectivity that equates to tremendous opportunity and considerable risk. According to Gartner, the total number of IoT endpoints will reach 21 billion units by 2020. It follows that a large enterprise could have millions of IoT sensors and actuators for functions such as building automation, smart manufacturing, logistics, transportation and so on.

Unique IoT security concerns
However, while many traditional IT endpoint security techniques still play a role for certain IoT use cases, there are several concerns unique to IoT that require innovative new approaches, such as massive scale, constrained devices, hostile locations with no physical security guarantees (for example, an unmanned wind turbine or traffic sensors in a smart city) plus of course, legacy and brownfield deployments. Due to all these concerns, securing only the “thing” will not scale in the long-term.

IoT monitoring and threat detection
RSA – a market leader in risk-based authentication and fraud detection – has recently launched RSA Labs to focus on these unique security challenges. In one of its first efforts, dubbed “Project Iris”, data scientists from RSA Labs – have been using a gateway with the EdgeX Foundry platform to research the benefits of analytics and machine learning for threat detection. At Hannover Messe, RSA will join Dell EMC to demonstrate the results of its research with the theme of the showcase being “Industrial Security for the IoT Edge”.

Security monitoring
So, how does it work? Briefly, Iris agent, a container running on the gateway, monitors the environment and collects the relevant security events. These events are sent to Iris Cloud. The services in Iris Cloud will then profile and classify the data to define the expected baseline for normal operations. As a result, Iris can then monitor devices for anomalous behaviour and detect threats, such as infection, command and control, lateral movement, data exfiltration and denial of service attacks.

Data protection
Of course, in the Industrial IoT landscape, data is the primary value driver. It follows that the integrity and protection of data is critical. Addressing this concern, RSA will also present a demo, called  Project Notus, featuring secure OPC-UA communication between IoT devices and a Dell EMC Edge Gateway running EdgeX Foundry. However, for this demo, we have replaced the default security package for OPC-UA with an industrial-grade crypto library from RSA. For additional protection, the OPC-UA device service has also been integrated with a secure vault for protection of keys and credentials.