+********************************************************************** * * * Einladung * * * * Informatik-Oberseminar * * * +********************************************************************** Zeit: Mittwoch, 2. Juli 2025, 10.00 Uhr Ort: Raum 9007, Gebäude E3, Ahornstr. 55 (COMSYS Seminarraum [1]) Referent: Markus Dahlmanns, M.Sc. Lehrstuhl für Informatik 4 (COMSYS) Thema: Identifying Security Issues in the Industrial Internet of Things Abstract: The Industrial Internet of Things (IIoT) allows the collection and communication of data from production processes as well as sending and receiving commands for interaction and actuation to, e.g., increase the efficiency of processes. However, a secure and safe operation is essential to protect, e.g., workers laboring in the operating space of machines and the environment, which were shown to suffer from the misoperation of critical IIoT deployments. As a foundation for such a secure and safe operation IIoT protocols nowadays include security features. However, it is unclear whether these developments of protocol specifications lead to a secure IIoT in practice. In this talk, we address the open research gap of the current uncertainty on IIoT security. To this end, we first set out to assess the security of today's IIoT. Second, we analyze the pitfalls that hinder operators from operating securely despite the existence of secure protocols. Last, we give an overview on novel approaches that help operators secure their deployments. Our first three contributions show from various angles that the majority of Internet-exposed IIoT deployments are insecurely configured, independently of their potential deployment date and the protocol used being either secure-by-design or retrofitted. In our fourth contribution, we trace this problem back to modern technologies like containerization that ease deployment processes but also disguise security issues. Our last two contributions propose two novel mechanisms that can increase the security of the IoT in the future. Our contributions underpin the vast number of issues in IIoT security despite the existence of strong security features in today's protocol specifications and sketch countermeasures to tackle the identified pitfalls that operators tap into when configuring their deployments. Overall, our results encourage shifting from secure-by-design to secure-by-default protocols. Es laden ein: die Dozentinnen und Dozenten der Informatik [1] https://www.comsys.rwth-aachen.de/contact/how-to-get-to-comsys.pdf -- Markus Dahlmanns, M.Sc., Ph.D. Student Chair of Communication and Distributed Systems RWTH Aachen University, Germany tel: +49 241 80 21425 web: https://www.comsys.rwth-aachen.de/team/markus-dahlmanns/