Cybersecurity in the Internet of Things in Industrial Management

: Nowadays, people live amidst the smart home domain, business opportunities in the industrial smart city and health care, though, along with concerns about security. Security is central for IoT systems to protect sensitive data and infrastructure, whilst security issues become increasingly expensive, in particular in Industrial Internet of Things (IIoT) domains. Nonetheless, there are some key challenges for dealing with those security issues in IoT domains: Applications operate in distributed environments such as Blockchain, varied smart objects are used, and sensors are limited in what comes to machine resources. In this way, traditional security does not fit in IoT systems. In this vein, the issue of cyber security has become paramount to the Internet of Things (IoT) and Industrial Internet of Things (IIoT) in mitigating cyber security risk for organizations and end users. New cyber security technologies / applications present improvements for IoT security management. Nevertheless, there is a gap on the effectiveness of IoT cyber risk solutions. This review article dis-cusses the, trends around opportunities and threats in cyber security for IIoT.


Introduction
The internet of things (IoT) aims at integrating the digital and physical universes into a distinct system, thus providing major business opportunities for several sectors such as industry, tourism and energy. It has created a new paradigm in which a net-work of machines and devices capable of communicating and collaborating with each other are driving new processes. However, IoT is fragile in terms of many security is-sues that are frequently highly demanding due to its complex context and a vast num-ber of tools, which present flaws in terms of resources [1]. IoT is a system where the Internet is linked to the physical world through sensors [2] and can be deemed as the management of a network of devices, home appliances and vehicles of the IoT that is challenging due to the dynamic nature of the linkage between devices, actors and re-source constraints [3,4] involving hardware, software, sensors, and connectivity which allows them to connect, gather and exchange data [5]. Central for for IoT is the "smart factory", in which comprehends diverse elements: person, process, intelligent object and technological ecosystem [6]. IoT embraces traditional Internet connectivity to likewise traditionally non physical devices such as cars and electric tools, just to mention a few. As well, IoT is strongly related to manufacturing, in order to produce high quality products at low costs by putting together Industrial Internet of Things (IIoT), cloud computing and big data analytics [7], including robots [8].
The IoT has therefore become prevalent over diverse sectors, with the Inter-net-of-Battlefield-Things (IoBT), or the Internet-of-Vehicles (IoV) [3,9] along with its security issues, contributing therefore to the increasing of cyber attacks. Therefore, lately, it has been a concern with cyber security in this domain, amid a lack of policy direction and lack of understanding of user values related to cyber security in terms of the IoT, while policy has not been guided by key stakeholder values [10].

Literature Review: key concepts
Due to the characteristics of both cyber attacks and the IoT systems, it is necessary to understand the discussed concepts before move forward to the major current trends on the issue.

Cyber security
Cyber security turned out to be a major worry, as we know that most of our usual objects can be connected to internet, which is paramount in our daily lives. In so, if it can be connected, therefore, can be accessed. The primary concern for cyber security relies thus upon intrusion detection [23], in where physical or cloud computer activi-ties are monitored through analysis of system vulnerabilities and activity patterns [24]. The attacks could assume the form of, for example, Denial-Delay-of-Service (DDoS) [13], malicious IPs [25] and Data Manipulation [26], with ensuing outcomes, such as loss of information, operational losses and health damage [22,27].

Internet of Things
As already aforementioned, the Internet of Things (IoT) can be described as a new theme that encapsulates both the prevailing internet and the physical artifacts [1]. We can mention, for instance the 'smart home' [11] referring to home automation, manu-facturing systems as the industrial process, and health in terms of hospital automation [11] In this vein, IoT heavily augments the multiple gadgets and connected devices on our lives, for instance in smart grids [11] and in transportation through Electric Vehi-cles (EV) [3]. Thus, the internet technology, although presenting countless advantages, poses serious threats, as well [28]. IoT applications cover consequently a wide range of artifacts, from a smart home [25] to a huge smart factory [6], of smart grids [13]. In all mentioned cases, the correspondent devices are complemented with wireless interfaces of wireless sensor network (WSN) that constitutes a key IoT technology [1,2] to the wide stream of IoT systems, in particular 'smart grid', 'internet of thing' , 'manufac-turing systems', 'smart cities', and 'cloud computing in transport and smart homes [6,8,11,25] In the one hand, in the case of Smart Home, it is advisable to protect sensors identities from being recognized through wireless communication environment networks, while keeping the software up to date, from trustable vendors and cloud providers [1].in the other hand, in the case of smart cities, to which many population will tend to migrate, IoT offer multiple services such as smart parking, environmental, waste, wa-ter and traffic management and energy consumption monitoring, through operations that comprehend across IoT, its energy and architecture efficiency, mitigating its en-vironmental effects, always aware of its context interplay [26,29].

The Industrial Internet of Things (IIoT)
IIoT presents diverse nuances that differentiate it from traditional IoT. While the IoT operates in domestic environs, IIot operates in industrial environ. In this way, it copes with, for example, the optimization of supply chains, as to say, IIoT equals In-dustry 4.0 [30], which means a shared term for technologies and theories of value chain organization [18,31]. Industry 4.0 presents a modular structure, through which computers monitor and manage smart factories and its ensuing physical processes [32], creating a digital copy of the physical processes, while making decentralized de-cisions [33]. Along the process, computer systems interact one to another and people at once [30].
Also, both organizational and inter organizational services can be provided to ac-tors of the supply chain, interconnected objects, managed and accessed through data mining processes like Blockchain can be partly accessed and function as sensors and are enabled to interact with other devices [34,35]. Such system, made up of smart ar-tifacts within the IoT system demands minimal or none human action to exchange and produce data, often assisted by Artificial Intelligence mechanisms [36]. To summarize, the IIoT major concerns include reduce material and energy consumption, better managing the temporal dimensions of security in terms of 'intrusion detection', cloud computing and the interface between supply chain management and marketing pro-cesses; and better managing the complexity of infrastructures in terms of number of entry points [11,18,32,34,37,38].
The IIoT assembles therefore, both cyber security and IoT concerns in general. It focus on integrity, in which data is protected from modification by unauthorized party and authentication, in which the data source is verified as the pretended identity [39]; privacy, in which users' identities are non-traceable from their behaviors [40] confi-dentiality, in which information is made unintelligible to unauthorized entities, and Availability, in which the system services are available only for legitimate users [41].
IIoT faces thus important challenges in terms of, for example, operations in de-centralized environs such as Blockchain systems [42,43] and varying nature of smart artifacts [44]. Also, it is noteworthy to mention the sparse computational resources and power available to the diverse sensors that result in insufficient traditional security measures [9,45]. Those aforementioned issues augment the chances of cyber attacks to IoT systems, namely plants, transportation and household appliances [9], demanding substantial improvement in terms of authentication from remote systems, encryption from new sensors, and web interface and computer software for intrusion detection [46]. Additionally, the more IoT innovation, the more development in wireless tech-nologies, as well, such as the 5G, optimized well beyond voice and data, offering thus a vast array of opportunities [15,47].
The literature review we present in this piece of literature, also suggest a set of security solutions for cordless sensor networks with respect to IoT [48,49,50]. In par-ticular, in terms of network computing, of decentralized architectures, made up of countless objects [15], such as the Blockchain [25] and cloud computing systems that ease network management and configuration [51,52], ameliorating thus the IoT secu-rity [53], through sensors that optimize the sending of data, avoiding thus the redun-dancy in the wireless channels by systems such as big data that improve networking [18,30,54,55].
The design of the conceptual and technological framework for this piece of litera-ture was not made randomly, as we did a preliminary search on Scopus with the key-words "Internet of Things" and "Cyber Security", which results are presented and dis-cussed in the following sections.

Materials and Methods
This investigation uses a Systematic Review of Bibliometric Literature (LRSB) as proposed by Rosário and Raimundo [56], Raimundo and Rosário [57], Rosário et al., [58]. This qualitative approach analyzes and synthesizes documents on cybersecurity in the internet of things in industrial management that clearly indicate determining contexts the purpose of research through rigorous and precise design. Summarizing and combined relevant studies, thus expanding usable knowledge in decision-making and strategies. The main advantage of qualitative research is to allow the collection and analysis of data of cybersecurity factors in the internet of things in industrial management. LRSB are designed to be methodical, explicit and playable. This type of study provides guidance for the development of sketches, indicating new methods for future investigations and identifies which research methods have been used. With this methodology, it intended to build new knowledge about the context of cybersecurity in the internet of things in industrial management.
The LRSB process was carriers out, divided into 3 phases and 6 stages (

Phase
Step Description

Exploration
Step 1 problem of research Step 2 search of appropriate literature Step 3 the critical precision of the chosen studies Step 4 synthesis of data from individual sources

Interpretation
Step 5 reports and recommendations

Communicatio
Step 6 presentation of the LRSB report The database of indexation of scientific and/or academic documents was SCOPUS, the most important peer review of the scientific and/or academic environment. With nearly 19,500 titles from more than 5,000 international publishers, covering the cov-erage of 16,500 peer-reviewed journals in the scientific and/or academic fields.
However, we consider that the study has the limitation of considering only the SCO-PUS indexing database, excluding the other scientific and academic indexing da-tabases.
Bibliographic research includes peer-reviewed scientific and/or academic documents published by September 2021. The initial search involved the keyword "Cyber Security" and "Internet of Things" to track summaries, titles and keywords. 15,748 documents were identified using the keyword "Cyber Security" reduced to 1,316, add-ing the keyword "Internet of Things". The research was later limited to the research area "Business, Management and Accounting" to caution that only the most relevant research (Table  2).
Finally, content techniques and thematic analysis were users to recognize, analyze and report the various documents proposed by Rosário   Source: own elaboration. Of the 60 documents selected, 28 documents are conference paper; 24 articles; 4 reviews; 3 books; and 1 book chapter and short survey.
Publication distribution Peer-reviewed articles on the topic be period 2014-2021. The year 219 were the one with the most peer-reviewed publications on the subject, reaching 15.   Year In Table 3 we analyze for the Scimago Journal & Country Rank (SJR), the best quartile and the H index by publication.
International Journal Of Information Management is the most quoted publication with 2,770 (SJR), Q1 and H index 114.
There is a total of 7 journals on Q1, 4 journals on Q2 and 7 journals, Q3 and 5 journal on Q4. Journals from best quartile Q1 represent 15% of the 48 journals titles; best quartile Q2 represents 8%, best quartile Q3 represents 15%, and finally, best Q4 represents 10% each of the titles of 48 journals. Finally, 25 of the publications repre-senting 52%, the data are not available.
As evident from Table 3, the significant majority of articles on of Cybersecurity in the Internet of Things in Industrial Management on the Q1 best quartile index.  (14); Economics, Econometrics and Finance (7); Energy (5); Medicine ; Environmental Science (3); Mathematics; and Physics and Astronomy.
The most quoted article was "Blockchain technology innovations" with 155 quotes published in the 2017 IEEE Technology and Engineering Management Society Conference, TEMSCON 2017, 0,210 (SJR), not yet assigned quartile and with H index (6).
The published article focuses the study demonstrates the use of Blockchain tech-nology in various industrial applications.
In Figure 2   In Figure 3, a bibliometric study was performed to examine the development of scientific information by the main keywords. The study of bibliometric outputs by the scientific software VOSviewe, aims at identifying the main research keywords "Cyber Security", "Internet of Things".
The research relied upon the studied articles on consumer marketing strategy on ecommerce in the last decade. The correlated keywords can be viewed in Figure 4 al-lowing to making clear the network of keywords that appear together / linked in each scientific

Discussion
The aforementioned topics related with cyber security in IIoT emerge in literature under distinct subthemes, such as, for example, machine learning and cloud compu-ting, through several applications related to security. These abovementioned concepts have been widely deployed to solve important issues and highlight principal authors, particularly Ahram [20] and Ardito [32] ( figure 5). Also, the key themes that under-score the current debate are illustrated above (Figure 3 and Figure 4):

Cyber Security
Cyber security, as already discussed, has focused primarly on securing distinct data form phisical and cloud threats. It deals with the cyber security threats to digital infrastructure and are a concern for the mantenance of business growth amidst a sce-nario of changing technologies of social, mobility, analytics and cloud (SMAC) do-mains and internet of things (IOTs), demanding the validation of new cyber security capabilities [39]. It focus on the users' susceptibility to cyberattack, how different fac-tors e.g. users' competence to deal with online threats, mediate the relationship in IoT [40]; it elicit major significant threat drivers and identify emerging technologies, e.g. encryption and blockchain that are likely to have an impact on defense and attack ca-pabilities in cyber security [16].
Existent literature identify, as well, major platforms that could accommodate smart objects, such as smart home systems that are platforms for connecting sensors, which are consequently exposed to identity theft and need to be protected [1]; the is-sues of securing automated power consumption units, implemented by smart system technology in an environment controlled by IoT [41]; and review the most critical technologies, best practices, policies and security frameworks in different countries; relevant government, industry, civil society and academia [59]. Finally, some pieces of literature examine whether Cyber Security Law is justified, analyzing some countries e.g. China that need a cyber security regime [21];

Machine Learning
Closely related to cyber security is the issue of machine learning that includes artificial inteligence. This theme is focused on intelligence for energy management, in-cluding production systems, its cyber security in industry 4.0 and internet of things [49]. It is much centred on the interplay between the feature selection and the inter-pretation steps in a machine learning workflow, aiming at intrusion detection in IoT networks [24]. It resorts often to artificial intelligence (AI) techniques for recognizing a cyberattack in internet-connected systems domains such as smartphones or robotic factories and on what to do in the appearance of an incident through data mining ap-proaches, in which AI will improve cyber counter measures [8]. Others intend to in-volve AI in business, assisting in adopting a strategy that is rational, relevant, and practical, across enterprise functions including disruptive technologies such as IoT, Blockchain, and cloud computing [36];

Internet of Things (IoT)
IoT is central on this debate and its influence extends to industry (IIoT), network and cloud computing. This issue has shed light on the implementation of intrusion de-tection systems, able to protect data and physical devices, through for instance AI that allows an intelligent intrusion detection model to detect threats, through Decision Trees for network intrusion detection [23]. It operates also to household participants, to obtain control over the intelligent IoT agents operating in their personal spheres [60]; to executives, in providing businesses with an approach for securing an enterprise by a dynamic architecture of Extended Risk-Based Approach on Cloud and IoT [61]; and in general to all virtually paperless work environments [62], aiming at threats re-lated with distributed denial of service (DDoS) on power grids and hacking of indus-trial control systems (ICS) along with the ensuing regulatory responses [13].
IoT theory also search for solutions related with how supply chains as a whole may benefit from the adoption of 4.0 technologies, delivering the flexible response customers want, and benefit from big data, cloud computing and cyber security by an improved communication system [30]. For example, it aims at analyzing devices and network security, while considering different scenarios involving varying attackers intending to destroy the IoT wireless network [17], whereas applying learning curves to major global cyber-attacks [42].
Other stream of literature explores what technologies are being deployed and where the organizational risk is being considered within the organization, buildign a risk model to deal with AI, IoT and distributed ledger [43], while offered a detailed study of trust management models to enforce different security measures in IoT sys-tem, ensuring thus safety to connected devices [44]. Including technologies such as Augmented reality (AR), a concept that connects the real world to the virtual world, to develop guidelines, to industry 4.0. [31], to tourism, in integrating business and key performance metrics to build a strategy for smart tourism [63].
It is notewhorty to mention the case of Electric Vehicles (EVs) cybersecurity issues in identifying the key matters, of the overall EVs that have been developed, but do not address the requirements of cybersecurity (e.g. the EV battery stacks) [3], on networks [4] and suggest strategies the auto industry might pursue in this subject to face cyber-security threats [28]. In the same vein, others detail the security vulnerabilities of un-manned ships, subsequent defense strategies and ensuing countermeasures [55], while signaling vulnerabilities of wireless systems of software radios [45].
To summarize, as the Smart Devices are growing in number, there is a corre-sponding growth in risks, both to the user and to the internet as a whole by the hacking threats [54], whereas there is a lack of policy direction, user values on cybersecurity are misunderstood and there is a lack of clarity as to how IoT public policy should be de-veloped, as for instance being guided by stakeholder values [10]. Moreover, a new paradigm of proactive antifragility for cyber defence approaches is demanded in IoT, for instance in distributed computing paradigms of high complexity, beyond tradition-al cyber defence .e.g. the Internet of Battle Things (IoBT) [9], able to cope with novel threats [53].
Finally, others, propose solutions to new wireless challenges such as the 6G, shifting the paradigm "from Internet of Things (IoT) to Internet of Intelligence (IoI)", to provide connectivity, while mantaining the ability to process knowledge and make de-cisions autonomously [47]. Developing thus a novel methodology for fingerprinting IoT devices, by building data-driven techniques rooted in machine learning methods, which allows to unveil compromised IP addresses throughout diverse geographical areas [5]. Also it focus on the issue of distributed denial of service (DDoS) scope, in terms of classifications and opportunities for attacks, particularly in the health sector, of limited security [22], while examining the changing legal environment in the IoT regulatory context [48];

Industry 4.0 (IIoT)
Industry 4.0 is another important subtheme related with IoT. It is also known as Industrial Internet of Things (IIoT). Some literature investigate the influence of critical technologies such as Artificial Intelligence, Big Data and Virtual Augmented Reality on the circular economy e.g. recycling and reduction of waste and emissions, which con-firms the importance of Industry 4.0 for improving circularity [18]. Others enhance the impact of those digital technologies on e-finance, an opportunity to change business models, for example through AI [27]; develop such digital technologies for managing the interface between supply chain management and marketing processes in sustain-ing supply chain management marketing (SCM-M) integration [32]; focus on the oil and gas industry in terms of treaths on the migration of sensitive business data to the cloud digital platforms in industrial processes, which include decision-making pro-cesses and procedures [33] and the increasing of entry points for organizations to de-fend from threats [34].
Other stream of literature spots the research gaps in industry 4.0, using an open (Google) internet-based research search engine (OIBRSE) to acquire the digital object identifiers and universal resource locators if the DOI non-exists with research articles [53], namely regarding current debates around, for example the issue of Smart factory, which bases on ICT technology, used to drive down manufacturing costs and time, while security vulnerabilities must be reduced [6]. Moreover, with regard to this sort of critical infrastructures, securing electro-energy platforms represents an important demand for a secure platform in monitoring and control Electric Vehicle Recharge systems [52].
The main issue is always centred on how cyber security deal with the cyber-attacks for industry 4.0, while mapping current topics, such as 'cloud compu-ting', 'smart grid', 'intrusion detection', 'privacy', 'internet of thing', and 'smart cities' [11], in order to keep up with this technological paradigm shift and to introduce measures that prevent significant expected fatalities [51], over disparate sectors, from e-commerce to banks, in how to cope with digitalization, keeping customers at priority [37] and in which implementation degree increases as the firm size increases, among different manufacturers [7]. In the end, the Industrial Revolution 4.0 will have eco-nomic, social, and political consequences at global level, in causing revolutionary changes in the intelligent processes of goods production and services, with likewise rising unemployment and social stratification [38];

Blockchain and cloud computing
Decentralized architectures of IoT devices have been a current debate. Last achievements on blockchain technologies, for example, allowed the use of a smart ecosystem, able to support cybersecurity mechanisms across distinct sectors such as the smart homes installations, focusing on the immutability of users and devices as well as the dynamic and immutable management of blocked malicious IPs [25]; in multiple industrial applications, healthcare, finance, and government [20] and in terms of solutions for cyber security problems such as Accountability, Traceability and Identification [12].
The point is how to better improve security of systems architecture, in order to provide protection against malicious internal users and malware implanted inside the system, which can be solved through preventive safeguards, inherent to blockchain security architecture [19]. Blockchain, may contribute to privacy, security and non-repudiation, of an IoT system, through the large amount of data generated and variety of sensors and devices adopted [2], as the blockchain technology build a scala-ble and decentralized endto-end secure IoT system [14]. Also the IoT can be enhanced with an AI at the gateway level to detect and classify suspected activities [14]. Moreo-ver, Blockchain technology is also of use in parallel with cloud computing for higher education, in terms of primary infrastructure topology, putting together machine learning and artificial intelligence on training opportunities [35} Cloud computing is therefore highly correlated with Blockchain technology in what comes to preventing attacks against, for example, radio-frequency (RF) ena-bled hardware, Internet of Things (IoT) firmware, and wireless protocols [50]. Inter-connectedness of intelligent devices and the use of public networks is at the centre of debate with regard to smart sities due to interconnected services for their citizens, in where cyber security has become a major concern [29], namely in issues such as com-munication infrastructures, cloud computing, collaborative platforms, big data, smart health and energy management [26].
The discussion on cloud computing covers subthemes of cyber security of supply chain based on software and networks, to minimize risks of purchasing and disconnection of key machines from networks [46]. To summarize, 5G and 6G networks can provide novel communication networks infrastructure, although IoT systems, will remain with the same energy capacity for hackers take advantage of this weaknesses. There is a need for a system to identify and counter potential threats in those next generation networks and decentralised systems like Blockchain [15].

Conclusions
The IoT has been a key element for example, for smart manufacturing, smart cit-ies, smart health, smart grids and EVs. IoT and IIoT bridges thus physical artifacts and internet, either in our daily lives or in the industry environment. In the one hand, such linkage unveils countless opportunities, while in the other hand it exposes our infor-mation and behaviors to potentially hacking sensitive data and critical infrastructure.
Additionally, IoT produces huge amounts of information that need to be protected and that is linked to varied security risks, related with its interconnectedness, either through cloud computing, or Blockchain, for example in smart factories, smart homes and smart cities. In this way, due to the need of decision making and investment, cyber security must first focus on the varying weaknesses of IoT objects and further work on its security mechanisms such as privacy, access control, data storage and authoriza-tion, whereas organizations should adopt a cyber security strategy. Therefore, organi-zations need to keep up with the development of technologies to respond appropriate-ly to cyber security threats. This study fills a gap in the IIoT cyber security and intends to encourage further research on the topic.
Furthermore, arising technologies such as Blockchain may perform a central role in the future of cyber security in IoT an IIoT, while security will become more im-portant in future because the number of object of cordless connections augment in the short term and extends to virtually all areas of our daily lives that need to be effec-tively managed.
Author Contributions: : Ricardo J. G. Raimundo and Albérico M. Rosário. All authors have read and agreed to the pub-lished version of the manu-script.For research articles with several authors, a short paragraph specifying their individual contributions must be provided. The following statements should be used "Conceptualization, X.X. and Y.Y.; methodology, X.X.; software, X.X.; validation, X.X., Y.Y. and Z.Z.; formal analysis, X.X.; investigation, X.X.; resources, X.X.; data curation, X.X.; writ-ing-original draft preparation, X.X.; writing-review and editing, X.X.; visualization, X.X.; su-pervision, X.X.; project administration, X.X.; funding acquisition, Y.Y. All authors have read and agreed to the published version of the manuscript." Please turn to the CRediT taxonomy for the term ex-planation. Authorship must be limited to those who have contributed substantially to the work reported.
Funding: This research received no external funding.

Data Availability Statement:
In this section, please provide details regarding where data supporting reported results can be found, including links to publicly archived datasets analyzed or generated during the study. Please refer to suggested Data Availability Statements in section "MDPI Research Data Policies" at https://www.mdpi.com/ethics. You might choose to exclude this statement if the study did not report any data.

Conflicts of Interest:
The funders had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript, or in the decision to publish the results.