Lecture2- IoT Layered Models and Threat Analysis

Questions and Answers

PDF Questions PDF Answers

What is the primary purpose of the Securely Provision category within the NICE Cybersecurity Workforce Framework?

To design and implement secure IT systems (correct)

To identify and recruit cybersecurity talent

To mitigate cybersecurity threats to IoT systems

To assess the effectiveness of cybersecurity policies

Which layer in the IoT security model deals exclusively with communications?

Network layer

Application layer

Communication layer (correct)

Device layer

Which role in the Securely Provision category evaluates the overall effectiveness of security controls?

Security Control Assessor (correct)

Cybersecurity Analyst

Risk Management Officer

Network Security Engineer

What is typically NOT included in the Protect and Defend category within the NICE Cybersecurity Workforce Framework?

Recruiting cybersecurity talent

Which IoT security layer involves controlling devices through a mobile or desktop application?

Cloud layer

What is the primary function of the Connectivity Layer in an IoT Reference Model?

Communicating between Layer 1 devices and ensuring reliable data delivery

Which of the following layers in the IoT Reference Model is tasked with evaluating and reformatting data for processing?

Edge Computing Layer

Which benefit of layered models in networking helps prevent changes in one layer from affecting other layers?

Layer isolation effects

The IoT World Forum Standardized Architecture features how many layers in its reference model?

7 layers

What is a key function of the Data Accumulation Layer in the IoT Reference Model?

Storing data for application usage

What is the main purpose of the Data Abstraction Layer in IoT architecture?

It reconciles multiple data formats and ensures consistent semantics from various sources.

How does the Collaboration and Processes Layer impact businesses?

It consumes and shares application information, potentially changing business processes.

What are the key security measures emphasized in the IoT Reference Model?

Securing each device, processes, and communications between each level.

What domains are included in the ETSI M2M Standardized Architecture?

The Application Domain, Network Domain, and M2M Device Domain.

What kinds of management functions can occur in the Application Domain of ETSI M2M?

Data analytics, connectivity management, smart energy management, and fleet management.

Study Notes

Layered Models

• Layered models provide structure and a common language for protocols and operations.
• Layered models allow products from different vendors to work together and promote competition.
• Changing one layer in a layered model does not affect other layers.

IoT Reference Model

• The IoT Reference Model consists of seven layers: Physical Devices, Connectivity, Edge Computing, Data Accumulation, Application Services, User Interface, and Security.
• The layers are interconnected and each layer builds upon the previous.
• The security layer permeates all layers of the IoT Reference Model.

IoT Models

• The IoT World Forum (IoTWF) standardized architecture is a 7-layer reference model led by Cisco, IBM, Rockwell Automation, and other organizations.

IoT Threat Model Analysis

• Threat model analysis is a methodical process for identifying and mitigating security threats in IoT systems.

• The following steps are involved in threat modeling:

  • Identifying security objectives
  • Documenting the IoT system architecture
  • Decomposing the IoT system
  • Identifying and rating threats
  • Recommending mitigation techniques and technologies

• STRIDE is a threat identification tool, which stands for Spoofing Identity, Tampering with Data, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

• DREAD is used to rate threats, which stands for Damage, Reproducibility, Exploitability, Affected Users, and Discoverability.

• When rating threats, DREAD Risk Rating = (Damage + Reproducibility + Exploitability + Affected Users + Discoverability)/5.

NICE Cybersecurity Workforce Framework

• The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework helps identify, recruit, develop, and retain cybersecurity talent.
• Securely Provision focuses on designing and implementing secure Information Technology systems.
• Protect and Defend focuses on identifying, analyzing, and mitigating threats.

Threat Model Analysis: Step 4 - Identify and Rate Threats

• The STRIDE tool uses 6 categories to identify threats based on how they affect an organization's system.
• DREAD is used to quantify the risk of each threat and prioritize threats based on their risk.

Threat Model Analysis: Step 5 - Recommend Mitigation Techniques and Technologies

• Mitigation techniques determine the best way to reduce or eliminate threats.
• The process involves selecting the most suitable technology for the specified threat.
• Mitigations should be practical and adhere to an organization's existing policies.

IoT Reference Model

• The IoT Reference Model helps to understand protocols and operations, ensuring security across all levels
• Security includes securing each device, processes, and communication between levels
• Data Abstraction Layer reconciles data formats, ensures consistent semantics, and consolidates data
• Application Layer interprets data, monitors, controls, and provides reports based on analyzed data
• Collaboration and Processes Layer consumes and shares data, driving business process changes

ETSI M2M Standardized Architecture

• ETSI is the European Telecommunications Standards Institute
• M2M stands for Machine to Machine
• Purpose of the model is to provide a common framework for understanding standards and protocols
• Includes three domains:
  • Application Domain: Manages functions like data analytics, connectivity management, and smart energy management
  • Network Domain: Transmits data from the local network to the Application Domain using wired and wireless protocols
  • M2M Device Domain: Connects end devices like sensors and actuators to the network through gateways

Other IoT Models

• Purdue Model for Control Hierarchy: Organizes devices and equipment into hierarchical functions based on manufacturing industry segments
• Industrial Internet Reference Architecture (IIRA): A standards-based framework for designing industrial systems by the Industrial Internet Consortium (IIC)
• Internet of Things - Architecture (IoT-A): Also known as the Architectural Reference Model (ARM) for the Internet of Things, maintained by the IoT Forum

IoT Security Layers

• Domains: Application, Communication, and Device layers
  • Device Layer: Includes sprinkler heads, moisture sensors, temperature sensors, and actuators
  • Communication Layer: Connects devices to a local control panel that monitors the system
  • Application Layer: Connects the control panel to a remote data center, aggregating all control panels
• Data management considers when and where data is processed:
  • Mist Layer: Close to the ground where devices are connected to the network
  • Fog Layer: On a local device with more power, like the irrigation system's control panel
  • Cloud Layer: Supervisor can remotely control the system using a mobile or desktop application

IoT Security Model

• Uses a combination of the functional layers of the simplified IoT model overlaid with the TCP/IP model
• Application Layer protocols include: ZigBee, HTTP/HTTPS, MQTT, CoAP
• Communication Layer protocols include: Thread, TCP, UDP, RPL, IPv6
• Device Layer protocols include: 6LoWPAN, IEEE 802.15.4, Bluetooth Low Energy (BLE), Wi-Fi, NFC, Cellular

NICE Cybersecurity Workforce Framework

• National Initiative for Cybersecurity Education (NICE)
• Focuses on identifying, recruiting, developing, and retaining cybersecurity talent
• Cybersecurity work roles are categorized into seven categories
• Key categories for the course include Securely Provision and Protect and Defend

Securely Provision

• Responsible for designing, procuring, and implementing secure IT systems
• Ensures new and existing systems meet cybersecurity and risk requirements
• Includes Security Control Assessor for assessing the effectiveness of security controls

Protect and Defend

• Focuses on identifying, analyzing, and mitigating threats to IT systems
• Includes Vulnerability Assessment Analyst to identify system vulnerabilities

Threat Model Analysis

• Process for risk management and vulnerability assessments
• Adapted from Microsoft's Threat Model Analysis
• Five steps in the process:

Step 1: Identify Security Objectives

• Define security objectives for the IoT system using categories:
  • Identity: Protecting system identities
  • Financial: Protecting against financial loss
  • Reputation: Protecting reputation from breaches
  • Privacy and Regulation: Protecting sensitive data and adhering to regulations
  • Availability Guarantees: Ensuring system availability and uptime
  • Safety: Ensuring safety of the system and users

Step 2: Document the IoT System Architecture

• Create documents describing the system architecture, including:
  • Components of the system at all layers
  • Data flow between components
  • Technologies, protocols, and standards used

Step 3: Decompose the IoT System

• Gather information about the system, including:
  • Identifying trust boundaries between trusted and untrusted components
  • Identifying data flow between devices, networks, and applications
  • Identifying data entry points
  • Identifying sensitive data
  • Documenting the security profile of the system, including input validation, authentication, authorization, and configuration

Step 4: Identify and Rate Threats

• Use STRIDE to identify threats:
  • Spoofing Identity
  • Tampering with Data
  • Repudiation
  • Information Disclosure
  • Denial of Service
  • Elevation of Privilege
• Use DREAD to rate threats:
  • Damage
  • Reproducibility
  • Exploitability
  • Affected Users
  • Discoverability

Step 5: Recommend Mitigation Techniques and Technologies

• Determine the best mitigation techniques for each threat
• Select appropriate technologies to reduce or eliminate threats
• Consider business needs and existing policies

Chapter Summary

• Layered models help explain protocols and operations
• IoT Reference Model emphasizes security across all levels
• ETSI model has three domains: M2M device, network, and application
• Other IoT models include Purdue Model, IIRA, and IoT-A
• Simplified IoT model has three layers for security: device, network, and application
• Threat model analysis involves identifying security objectives, documenting architecture, decomposing the system, identifying and rating threats, and recommending mitigations using STRIDE and DREAD

Description

This quiz covers the important concepts of layered models in IoT, detailing the seven layers of the IoT Reference Model and their interconnections. Additionally, it explores the significance of threat model analysis in ensuring security across IoT systems. Test your understanding of these critical aspects of IoT architecture and security.