Industrial IoT Security: Best Practice for Authentication

June 2022

Industrial IoT Security:
Best Practice for Authentication

Henrike Gerbothe and Jürgen Fitschen spoke about alternatives to username and password logins at IoT & Edge Days 2022, an event organized by Eclipse IoT.

Here is a brief introduction to the topic of the lecture:

Locally or globally networked industrial automation applications can be functionally assigned to the Internet of Things (IoT). On the one hand, they are now also exposed to the same risks of possible cyber attacks as millions of other IoT applications.

On the other hand, with regard to the cyber security protection of such applications, they can also refer to standards and norms such as ETSI EN 303 645, NITSIR 8259, and IEC 62443. In the past, many IoT devices were provided with universal usernames and passwords (such as "admin,"admin") by the manufacturers to make initial commissioning easier.

The lecture provides some standard-compliant examples with safe but still user-friendly methods that should be used instead. One of them is based on QR codes and a special out-of-band channel technique. One other uses FIDO2 compatible hardware tokens.

Watch the complete lecture on YouTube.



Overview News

SSV Software Systems GmbH

Dünenweg 5
30419 Hannover

Phone: +49(0)511 / 40 000-0
Fax: +49(0)511 / 40 000-40

Imprint    ·    Privacy Policy    ·    Terms & Conditions

© 2022 SSV Software Systems GmbH. All rights reserved.

ISO 9001:2015