Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Galem KAYO
on 17 November 2020

Cybersecurity defenses for IIoT


Cybersecurity attacks on industrial IoT solutions can have detrimental consequences. This is the case because IoT devices record privacy-sensitive data and control production assets. Therefore, demonstrable trustworthiness is prerequisite to IoT adoption in industrial settings.

Fortunately, IT security is a mature field. Experts have identified classes of threats devices may be subject to. Let’s discuss these threat patterns and mitigation strategies in the IIoT context.

 Threat modelling: what can go wrong?

Cybersecurity practitioners often use threat models to map attacks that might compromise a system. The STRIDE model developed by Microsoft is widely used for threat modelling. Here are examples of threats for IoT devices.

The STRIDE model for cybersecurity threats

Following are key operating system features that mitigate these threats.

Authenticating software with secure boot

IoT devices are most vulnerable at boot. Initiating the OS with malicious software components could lead to the total corruption of a device. This type of breach exposes devices to additional security threats.

Simplified illustration of the secure boot process

Secure boot verifies that software is authentic and originates from a trustworthy source. This verification prevents boot process alteration. A component therefore executes, only if its digital signature is validated by the preceding component.

The firmware validates the bootloader using a public key stored on-device (root of trust). The bootloader then validates the kernel, which in turn deciphers the root file system. The result is a software chain of trust.

Protecting data with full disk encryption

IoT devices store data from sensors installed in privacy-sensitive environments. Threat actors can extract confidential information, trade secrets or intellectual property, if they gain access to such data. information disclosure can lead to other vulnerabilities.

How then to protect data stored on the disk from unauthorised access? The answer is encryption of the whole disk or of key partitions. For this purpose, the operating system uses a single key to encrypt and unencrypt data. This key is stored on a separate disk partition.

Example of encryption scheme on the disk of an IoT device

Wouldn’t it then suffice to know the storage location of that key to unlock the disk? The answer is no, because that key is itself encrypted. It thus has to be unencrypted with a master key. The master key is usually stored on the chip, or on special-purpose external devices (like TPMs or secure elements).

Locking down devices with digital signatures

Constraining the behavior of IoT devices reduces the surface of attack. Locking down actions susceptible to lead to any STRIDE mode of attack during uptime is an effective defense strategy. Highly secure operating systems can orchestrate digital signatures to lock down such actions.

Secure device onboarding process with Ubuntu Core

Behaviors that the OS can control using digital signatures are: authentication, communication and app execution. Authenticating devices controls access privileges. Restricting addresses a device can accept traffic from creates a barrier to spoofing and DoS attacks. Locking down the software bill of materials allowed on a device prevents tampering with apps.

A resilient endpoint security mix

Strong endpoint security is essential in a defense in depth strategy for IIoT . However, most Linux distributions do not provide security capabilities like secure boot, full disk encryption or digitally signed assertions out of the box. This results in additional costs for developers to build trustworthy IIoT devices.

Security capabilities in Ubuntu Core

Ubuntu Core offers advanced security capabilities by default. The operating system orchestrates the features described above to mitigate cybersecurity threats. This empowers any innovator to create IIoT appliances suitable for use in mission-critical environments like factories, smart cities and more.

Related posts


Felicia Jia
29 February 2024

Join Canonical at 2024 GTC AI Conference

AI Article

As a key technology partner with NVIDIA, Canonical is proud to showcase our joint solutions at NVIDIA GTC again. Join us in person at NVIDIA GTC on March 18-21, 2024 to explore what’s next in AI and accelerated computing. We will be at booth 1601 in the MLOps & LLMOps Pavilion, demonstrating how open source ...


Rhys Knipe
5 November 2024

What is IoT device management?

Internet of Things Article

IoT device management refers to processes or practices used to deploy, monitor and maintain IoT devices. As organizations scale up their IoT efforts, a solid device management approach is essential to running a secure, streamlined fleet of devices.  The proliferation of connected devices worldwide (projected to reach 18.8 billion in 2024) ...


Gokhan Cetinkaya
30 September 2024

How to deploy AI workloads at the edge using open source solutions

AI Article

Running AI workloads at the edge with Canonical and Lenovo AI is driving a new wave of opportunities in all kinds of edge settings—from predictive maintenance in manufacturing, to virtual assistants in healthcare, to telco router optimisation in the most remote locations. But to support these AI workloads running virtually everywhere, com ...