the Internet is an interconnected network of networks in which the security of each of them affects the security of the others. [30]
Lets look at some IoT security threats:
Malware distribution botnets can be used to attack IoT devices connected to the global network;
Denial of service DoS attack to slow down services and discredit businesses;
social engineering attacks aimed at illegally obtaining confidential information about users can also be exposed to devices connected to IoT;
targeted cyber attacks in order to gain illegal control and access to the network while remaining unnoticed for a long period of time;
ransomware virus;
remote recording of Internet of Things users in order to obtain confidential data;
physical damage to equipment controlled by the Internet of Things by obtaining control;
falsification of data in order to make wrong decisions;
digital espionage.
As you can see, information in the modern world plays a very important role, especially when it is possible to remotely control various devices or predict the implementation and manage business or technological processes, so cybersecurity issues come to the fore.
Some methods of IoT risk reduction:
Management and control of Internet of Things endpoints by identifying and adding to the inventory of resources to reduce the likelihood of cyber attacks;
identify the IT security vulnerability zone;
detection of abnormal deviations in data during the interaction of devices and servers;
using a good data encryption system and protocols;
management control at the identity level to identify users and their actions. Authentication helps companies better understand how users access devices, which increases the level of protection against vulnerabilities and misuse.
It is worth noting that with the development of IoT, it is necessary to guarantee sufficient security of solutions, since they operate with a large amount of confidential data that directly affects the most important production processes. For this purpose, measures are carried out aimed at:
Security of devices and sensors. Device security is implemented through device authentication, partial message encryption, and sensor firmware updates.;
Connection protection. Ensuring the confidentiality of data and their protection from unauthorized modification is necessary when transferring data between the device and the IoT platform. Here the protection is based on Transport Layer Security (TLS) technology. At the same time, the data is encrypted to prevent unauthorized listening and understanding of the content.
1.1.3 Authentication as an important factor of the Internet of Things
It is necessary to ensure the following security properties of Internet of Things devices:
1) a reliable access and authentication system based on cryptography. Encryption is necessary to protect communication between iOS devices, and cryptographic device identifiers are needed for this. You need to make sure that only authorized users have access to connected devices;
2) cryptographic security of the software. Using the PKI system to sign the code and verify its authenticity;
3) software updates throughout the entire lifecycle of devices.
From the point of view of ensuring the security of Yota networks should be provided:
1) cryptographic data protection;
2) the absence of critical dependencies on connectivity. Maintaining critical functionality by the system even in the absence of communication;
3) creating an additional device specification that describes in detail the required security policy for a specific device. [31]
The security of the cloud platform is ensured by:
1) control of access to device resources. The application declares a set of resources that it would like to access, while the platform provides a list of devices with these resources. Accordingly, the user gets the opportunity to choose which devices and their capabilities this application can have access to, thereby authorizing the application.;
2) two-factor user authentication technology to increase the level of security;
3) verification of applications for the presence of malicious code. [31]
1.2 Internet of Things in the transport industry
Modern transport management is integrated, much attention is currently being paid to the development of multimodal and intermodal transport, since rail, road, aviation and sea modes of transport are closely interrelated. [66]
As noted in the study [66], in addition to the Internet of Things, cyber-physical systems (CPS) are used to manage transport facilities, and then cyber-physical transport systems (TCPS). They allow you to monitor and control physical devices in real time. An important feature of IoT is the use of mobile smart devices.
Communications between particularly responsible elements in transport play a key role. The functioning of modern rolling stock as a set of interconnected parts is largely provided by smart mobile devices. [66]
In addition to the types of IoT information interaction in TCPS transport cyberspace, V2V (Vehicular-to-Vehicular communications) interaction is often used, based on information interaction between single vehicles based on a variety of sensors that are installed on each mobile object. At the same time, information from individual vehicles enters a single information space for optimal control and interaction of moving objects. [66]
In the field of transport, a special wireless mobile communication network VANET is used. This network allows vehicles to exchange a variety of information over a wireless environment and contributes to the intensification of transportation. [66]
The transport industry plays a direct and significant role in the countrys economy. Many aspects depend on the efficient functioning of the transport system, such as timely delivery of goods to consumers, mobility of passengers in cities, logistics of large industrial institutions. [23,24,27,30]
Experts [30] identify several IoT functions in the transport industry, which include:
obtaining the necessary data from the transport system;
measurement of read data;
providing a wireless connection for the exchange of sent data;
functioning of a cloud platform to support management decision-making based on predictive analytics;
implementation of the regulatory impact according to the decisions taken.
For the successful operation of the Internet of Things, several functional levels are distinguished:
the level of communication channels;
analytical level;
service level;
the level of infrastructure.
The communication channel layer helps in transmitting data from the analytical layer through various networks. An important factor in the development of the level of communication channels is the issue of data transmission security. In addition, it is necessary to take into account the speed and transparency of data transmission.
At the service level, actions are performed that are transferred from the technical level in accordance with customer requirements. The service layer receives detailed information from the analytical layer through the communication channel layer. The received information is processed in different ways and detailed analysis is carried out by various computing tools.
The infrastructure layer is the layer that creates the technology necessary to perform various services and store the information received. This includes the geoinformation system service, cloud computing platform, cloud storage, Big Data analysis tools, etc.
In the transport industry, digital technologies should allow the transition to paperless technologies in the operation and design of any transport services, provide comprehensive monitoring of the state of transportation and transport infrastructure facilities.
It is worth noting the very important role of IoT in the tasks of monitoring infrastructure and vehicles, the use of which allows:
to take into account the work done, as well as the energy or resources spent on it;
to predict based on the results of data analysis of the pre-failure condition of the facility, for the implementation of operational measures and prevention of traffic safety violations;
automate maintenance and determination of pre-failure states;
to carry out operational changes in the vehicle control mode on the studied infrastructure in case of detection of dangerous failures. [51]
With the help of IoT technologies, it is possible to conduct intelligent tracking of the movement of vehicles, their location at the current time, working hours and parking time, attempts to enter the body of the vehicle, etc.
The use of elements of the Internet of Things technology allows you to measure the internal conditions inside the vehicle body during transportation (temperature, humidity, lighting conditions, etc.). The Internet of Things can also be used in vehicle control and navigation systems. Real-time monitoring of vehicles using IoT tools allows for efficient delivery of products to consumers in megacities.
The use of IoT makes it possible to significantly improve the quality of public transport services, to reorient the vector of preferred use of vehicles in the structure of the transport process from personal to public transport and, thus, reduce the load on the road network. [38]
Systems based on geolocation technologies in conjunction with the Internet of Things have also been widely developed, which allow linking information in a single network about the movement of vehicles, which allows real-time forecasting of the exact time of arrival of the desired object to the stopping point [69,70,71] Wide access for a large number of users via devices connected to the Internet, allows significantly improve the quality of decisions made by passengers on the implementation of a convenient travel option.
An important criterion for the implementation of the development of the transport infrastructure of the passenger complex is the accuracy of the analysis and forecasting of passenger flows. Most of this data is obtained by consolidating information about the number of people who have passed, taking into account the time of day, from sensors located in turnstiles [25,26,28].
The development of predictive analytics systems on the impact of weather events and weather emergencies on the restriction of transport, based on IoT data, allows for early adjustment of the timetable, notifying the population and transmitting a signal about the mobilization of emergency services.
1.2.1 IoT application in railway transport
In the context of the implementation of trends for the development of the digital economy in the Russian Federation and particularly important sectors of the national economy, the Digital Railway project is also being implemented, which is based on the concept of automatic collection of all necessary primary information about the state of the transportation process. Particularly important information affecting traffic safety and requiring operational control can include: the current state of the SCB, the speed and weight of trains, the dislocation of mobile units and their current condition, the presence of restrictions, etc.
The core of the formation of digital railway technologies is the full integration of intelligent communication technologies between the user, vehicle, traffic management system and infrastructure.
The main tasks of using IoT in railway transport include:
reducing the influence of the human factor;
development of paperless document management;
improving the reliability and safety of traffic;
reduction of the number of workers in the area of heavy traffic;
reduction of the life cycle cost of railway infrastructure and rolling stock;
improvement of transport logistics;
expansion of international transport corridors.
In railway transport, the industrial Internet of Things is characterized by the unification of information collection systems, a cloud platform and a personalized system for the formation of control actions.
There are many functional directions for the development of digital technologies and IoT. In particular, in relation to the railway transport complex, the following can be distinguished:
1) IoT is used in working with rolling stock: passenger and freight cars, locomotives, electric trains. With this technology, it is possible to control their movement and location in order to provide additional services.
The role of IoT in performing the task of optimizing production processes consists of the following functions:
maintenance of rolling stock according to technical condition;
reduction of consumption of fuel and energy resources;
remote monitoring and control of the location of the locomotive and wagon fleet, optimization of the logistics of wagons and cargo.
2) IoT diagnostics and monitoring of the condition of rolling stock:
analysis of data promptly received from sensors in the process of monitoring the technical condition of the train, allows you to move from the modeling system to predicting the pre-failure condition;
development of preventive measures aimed at improving reliability and operational readiness to increase the service life of particularly important components and parts of rolling stock, based on the analysis of their monitoring;
reduction of the probability of failures of the main elements and associated downtime;
creation of a database on the terms of repairs and areas of circulation of rolling stock for rational planning of maintenance and repair;
planning the allocation of resources and spare parts for repair work.
Data from monitoring systems of train parameters «on the move» are analyzed in real time and used to prevent accidents in the operation of rolling stock. [51]
3) IoT is used to monitor railway infrastructure. With the help of sensors, you can monitor the state of the infrastructure in real time, as well as predict pre-failure states.
The IoT functions for optimizing the technological state of the infrastructure are as follows:
remote monitoring and control of the dynamic characteristics of the railway track and switches;
remote control and monitoring of separate points and crossings;
precise positioning of the controlled object to increase the speed of response to dangerous failures;
improving the objectivity of the analysis of the state of objects
and their parameters in real time.
remote monitoring and control of automation and telemechanics.
When processing electronic data about a defect from an IoT device, an application for repair can be automatically created, the necessary material can be reserved in the warehouse and workers can be sent to the place of the defect.
4) The task of optimizing the control of consumption of fuel and energy resources:
automatic monitoring of fuel and energy resources consumption;