Water-Tight IoT–Just Add Security

Guillaume Bour; Camillo Bosco; Rita Ugarelli; Martin Gilje Jaatun

doi:10.3390/jcp3010006

Journal of Cybersecurity and Privacy (Mar 2023)

Water-Tight IoT–Just Add Security

Guillaume Bour,
Camillo Bosco,
Rita Ugarelli,
Martin Gilje Jaatun

Affiliations

Guillaume Bour: SINTEF Digital, Strindvegen 4, 7034 Trondheim, Norway
Camillo Bosco: SINTEF Community, Børrestuveien 3B, 0314 Oslo, Norway
Rita Ugarelli: SINTEF Community, Børrestuveien 3B, 0314 Oslo, Norway
Martin Gilje Jaatun: SINTEF Digital, Strindvegen 4, 7034 Trondheim, Norway

DOI: https://doi.org/10.3390/jcp3010006
Journal volume & issue: Vol. 3, no. 1
pp. 76 – 94

Abstract

Read online

The security of IoT-based digital solutions is a critical concern in the adoption of Industry 4.0 technologies. These solutions are increasingly being used to support the interoperability of critical infrastructure, such as in the water and energy sectors, and their security is essential to ensure the continued reliability and integrity of these systems. However, as our research demonstrates, many digital solutions still lack basic security mechanisms and are vulnerable to attacks that can compromise their functionality. In this paper, we examine the security risks associated with IoT-based digital solutions for critical infrastructure in the water sector, and refer to a set of good practices for ensuring their security. In particular, we analyze the risks associated with digital solutions not directly connected with the IT system of a water utility. We show that they can still be leveraged by attackers to trick operators into making wrong operational decisions.

Published in Journal of Cybersecurity and Privacy

ISSN: 2624-800X (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Technology (General)
Website: https://www.mdpi.com/journal/jcp

About the journal

Abstract

Keywords