The role of Al in industrial loT cybersecurity

Kai Goebel, SRI International ABSTRACT: In this talk we discuss the role that AI plays in cybersecurity of industrial IoT. As the integration of IoT in industrial systems proliferates, it is imperative to also consider the potential vulnerabilities that are being created by these technologies. Hackers have already famously used SCADA and PLC systems to sabotage industrial facilities. As such, it is important to understand the exposure to malfeasance to ensure that industrial IoT does not end up being the enabling mechanism for unauthorized access to the system. AI plays a dual role in this arena: For one, it can be used to protect form attacks through Anomaly detection of unusual patterns of network activity; gathering and analyzing data to provide real-time information about potential threats to IoT systems; Vulnerability assessment by scanning IoT systems for known vulnerabilities; blocking malicious traffic in real-time; and enhancing authentication processes by using biometric data. On the flip side, AI is actually being used to attack industrial IoT through malware that can bypass traditional security systems and infect IoT devices; AI-powered network attacks; and AI-powered reconnaissance that gathers information about IoT systems. It is important to understand both roles to ensure that operations are not interrupted. A specific focus of this talk is on systems that are used for Predictive Maintenance (or PHM) as it heavily taps into the use of SCADA, PLC, and other systems that are part of an attack surface in industrial plants.