While it’s less well-known than its not so distant relative the Internet of Things (IoT), the Industrial Internet of Things (IIoT) is rapidly becoming integrated with critical Industrial Control Systems (ICSs) and manufacturing organizations throughout the world. Although IIoT technologies are relatively new—with the term itself coined as recently as 2012—the IIoT is not to be underestimated. In fact, GE predicts it will become a $225 billion market within the next three years.
So what exactly is the IIoT? Despite the fact that the IoT and IIoT sound similar on the surface, one major difference sets them apart: the IoT connects apps to things, while the IIoT connects infrastructure to data.
Even though the IoT does collect and share data, this data is typically used for the purpose of simplifying the daily lives of end users. On the other hand, through the integration of state-of-the-art monitoring systems, smart sensors, and information sharing platforms with legacy infrastructure, the IIoT improves reliability, safety, and analytical capabilities within industrial systems—preventing the need for a costly system overhaul.
Some real-world examples of the IIoT include the integration of smart grids with existing electrical substations and the addition of sensors to monitor the volume of gas flowing through refinery flare stacks. Enhancements such as these have already saved millions of dollars through improved industry compliance, productivity and performance.
Of course, introducing interconnectivity to previously air-gapped infrastructures expands the attack surface. And while some of these issues may be expected and analogous to IT security, many are also completely unique. In fact, these industries have already experienced cyber attacks developed specifically with the purpose of disrupting critical industrial controls, such as Blackenergy and Stuxnet.
On a high note, due to the sensitive nature of the data flowing throughout the IIoT, devices are developed with much more security in mind than those on the IoT. Data flow is strictly controlled, traveling almost entirely upstream to the cloud, with limited interaction and ability to push back down. However, in many ways these industries are playing catch up due to a history of air-gapped systems and a great deal of legacy infrastructure.
The IIoT is modernizing and changing the face of industry as we know it. While many benefits can be gained from the increase in efficiency, industrial security professionals must be mindful of both standard IT security and a new breed of industry-focused digital weapons. The true cost of efficiency is much higher within the IIoT, and integrations must be considered with utmost care.