Edge computing makes it possible to process data closer to where it was created, but as it becomes more prevalent, it’s having a major impact on communications, especially when it comes to Industrial Internet of Things (IIoT) security. To optimize edge computing communication models for your organization, you have to understand how it’s used and what security risks come along with it. So how does edge computing increase operational technology (OT) risk, and how is it changing communications?
Traditional OT communication protocols depend on a model that requires point-to-point connections that use a request-response or poll-response communication model, according to Josh Eastburn of Opto22. If you have a piece of hardware that needs to create a unique connection to, for example, a piece of software that’s consuming its data or to another piece of hardware that it is requesting data from, that’s point-to-point.
“As the number of devices grow that want to communicate, the number of connections grows,” Eastburn said. “Each of those devices needs to remain open to incoming connection requests because the way that the communication model works requires some primary device or application send[ing] out a request for information.”
When the recipient sends back its data, the device on the edge doesn’t get to determine when it responds. It just sits in an open and listening position. The network is built out of servers that are wide open to incoming connection requests. Looking at that from a security perspective, it’s a big problem.
“We don’t have nearly enough firewalls out there in the process,” Eastburn said. “These devices aren’t capable, generally speaking, of protecting themselves from a malicious request.”
As vendors introduced new communication protocols over the years, they were doing it primarily for the speed they could offer and their ability to gather input/output (IO) data or send IO data out. They were not looking at it the way cybersecurity professionals would for a device that was intended to go on the internet, according to Eastburn. The assumption was that they were not operating in a high-risk environment because there were other things keeping it safe. The underlying problem is that the communication model lends itself to a lack of security, because it requires that everything is open, listening and essentially ready to receive a bad request.
Edge computing and communication
According to Eastburn, edge-oriented architectures shift the communication model to focus on the device and on creating outbound connections rather than incoming connections. An edge device exists on the edge of the network rather than being oriented toward the core of the network, where the majority of processing generally occurs. Edge-oriented architectures create new options and are an evolution on the traditional request-response model. One such evolution is the publish-subscribe communication model.
MQ Telemetry Transport (MQTT) is a great example of that. Many people are taking an interest in MQTT because of the way it affects security. Using a publish-subscribe model flips that relationship on its head. Rather than having a bunch of servers in your network that are open, listening and ready to respond to requests, they become clients and publish data when they’re ready by creating an outbound connection request to a central server.
“It makes it a lot easier to secure that kind of system, because you have essentially one node or one cluster that needs to be sitting there with an open port,” Eastburn said. “The rest of the network can be closed off to incoming connection requests because it’s just not required by that communication model.”
If those devices aren’t sitting in a listening mode, they get to determine when they make a connection and who they make it to, rather than the other way around. This means security is less of an issue, as complexity is greatly reduced.
“Where you have an IO device communicating to a PLC (programmable logic controller), communicating to a SCADA (supervisory control and data acquisition), communicating to MES (manufacturing execution system), to ERP (enterprise resource planning), and on and on — and with levels of security in between all of that — the device itself can actually exist on the network and be inherently protected from a malicious request or from something like a man in the middle attack.”
With that architecture, you don’t need multiple layers of defense because the device itself is inherently secure. The draconian security policies sometimes found in industrial environments, like only having static IP addresses, are no longer necessary.
Reducing complexity, increasing efficiency
Reducing the complexity of the network also increases the ability to manage it efficiently.
“You don’t have so many devices. You have fewer points of contact with the outside world that need to be managed and monitored,” Eastburn said. “The number of point-to-point connections is also reduced in, for example, an MQTT network. Each client node, which again would be an edge device that’s communicating with your central MQTT server, makes one connection regardless of the number of data consumers.”
A PLC that’s capable of communicating over MQTT is generally going to make its one outbound connection to the MQTT server. From there, the MQTT server gets to determine who’s going to consume that information. If more consumers are added to the network, that controller doesn’t need to create more connections.
This results in fewer connections to secure, and each of the connections in your network is inherently more secure. As a result, the whole architecture becomes simpler.
Check out Part 1 of our interview with Opto 22’s Josh Eastburn, where he discusses the benefits of edge computing and how to develop the best edge security strategy for your organization. And check out our Industrial Cybersecurity Pulse YouTube page to view previous installments from our expert interview series.