Cyber Threats to Industrial IoT: A Survey on Attacks and Countermeasures
Round 1
Reviewer 1 Report
Dear authors.
Thank you for the chance to contribute to such a high level of work. The following are some observations about your work.
Note: the citation style and paper numbering need to be revised to meet the journal's layout.
Abstract
The abstract is well written, contextualizing the target problem and explaining this review paper's main objective.
Introduction.
The introduction is well written and contextualizes the main relevant concepts on the topic.
I advise the authors to highlight the main differentials of this paper in the introduction.
MetaSurvey
The meta survey brings very relevant information to the study. However, explanations about other surveys carried out in the literature are lacking.
The differences between these Surveys and the one proposed in this paper must be presented. The methodology for choosing surveys and the works presented in this paper should also be explained so as not to appear to be a survey study biased to a group of authors.
Each of the authors' techniques could be enriched with explanatory images about each of the attacks. This would make reading easier.
Cyber ​​Threats and its Countermeasures
This section is well explained and features exciting papers and approaches.
Discussion
The table complements the authors' reasoning well. Section very well explained.
Conclusion.
The conclusion presents essential and relevant factors.
Authors should explore this survey's strengths and weaknesses, such as the limitations of research on some papers, approaches, and problems or positive aspects they found in the researched approaches.
References
The authors covered a minimal number of papers, where almost ten papers by the same author stand out. A survey needs to be diversified.
Please review this situation, including authors of different techniques, preferably with more recent research (2020 and 2021 if applicable).
Author Response
Dear Editor,
We would like to thank you for your prompt response with the reviewers’ reply to our paper entitled "Cyber Threats to Industrial IoT: A Survey on Attacks on Countermeasures". We would also like to thank the reviewers for their constructive remarks and suggestions, which we believe we have fully addressed by making the necessary revisions, that have resulted in substantial improvement of the overall quality of our manuscript.
……………………….
Yours sincerely,
Konstantinos Tsiknas, Dimitrios Taketzis, Konstantinos Demertzis and Charalabos Skianis
Comment 1. The introduction is well written and contextualizes the main relevant concepts on the topic. I advise the authors to highlight the main differentials of this paper in the introduction.
Answer. Thank you for this constructive comment. We have updated the introduction to highlight the main differences between our paper in comparison to the existing literature and shown below:
Generally speaking, the most relevant studies conducted so far, focus on the security risks in IoT systems. For the particular environment of the Industrial IoT systems, however, there is no available extensive research to our best of acknowledgment. In addition, the existing studies fail to contribute substantially to the awareness and clear understanding of the risks associated with IIoT systems as well as the severity of the attacks against them, which in most cases results in great damage and even loss of human lives.
...
In this context, the main difference from the other IIoT surveys is the provision of a complete, up to date and valid reference framework for the identification and the assessment of the risks related to the ever-evolving industrial environment.
Comment 2. The meta survey brings very relevant information to the study. However, explanations about other surveys carried out in the literature are lacking. The differences between these Surveys and the one proposed in this paper must be presented. The methodology for choosing surveys and the works presented in this paper should also be explained so as not to appear to be a survey study biased to a group of authors.
Answer. Thank you for this suggestion. In meta survey, a literature review on the surveys works conducted so far and devoted to the threats associated with the Industrial environment of IoT systems. We comment on their contribution and on the topics that require further analysis. In our paper, we provide a more detailed and thorough analysis of the security risks and the countermeasures in IIoT systems. We have accordingly updated Section 2 and Section 3 to underline the difference in the analysis and the methodology followed in our work. We include the updated paragraphs below for your convenience.
Section 2 (meta survey)
In this section, a literature review on the surveys works on the threats associated with the industrial IoT systems. The main security risks are discussed, along with the suggested countermeasures. In particular, we discuss their contribution to the field and we raise topics of interest that require further investigation and analysis.
….
Section 3 (Cyber Threats and its Countermeasures)
In the following subsections, we classify the IIoT threats if five generic categories: phishing attacks, ransomware, protocol, supply chain, and system attacks [42]. This separation enables a clear and comprehensive presentation of the security risks and the associated counter-measures as specialized in the Industrial IoT environment.
Comment 3. Each of the authors' techniques could be enriched with explanatory images about each of the attacks. This would make reading easier.
Answer. It is practically impossible to include an explanatory image for every attack described in the paper due to space limitations and the complexity of some attacks which can not always be represented with a figure. We have, however, added two more figures in chapter 3. Please see pg. … Fig. 4 (Block diagram of PHONEY architecture) and pg. Fig. 5 (IIoT system Testbed for the analysis of ransomware attacks), in addition to the figures already included in the paper. Thank you for this constructive comment.
Comment 4. The conclusion presents essential and relevant factors. Authors should explore this survey's strengths and weaknesses, such as the limitations of research on some papers, approaches, and problems or positive aspects they found in the researched approaches.
Answer.
Thank you for the comment, I think we address the observation. For instance, in Section 2, page …
This study in particular, simply lists the building blocks of a functional SCADA architecture, while an analysis of the attacks in the physical layer is completely superficial. In addition… communication protocols.
also in Section 2, page …..
Although this study provides a solid approach on how the IIoT works and the corresponding vulnerabilities associated with it, it is generally considered incomplete, as it does not provide examples of similar attacks, or techniques that could prevent them. It is rather a survey on the known types of attacks which provides some minimal information that can be easily extracted by the literature.
in Section 2, page …..
A holistic approach based on the business planning and the standardization on security requirements designed by the standardization bodies …
in Section 2, page …..
Given the complexity of the architectures associated with SCADA systems and related prototypes, Ghosh and S. Sampalli provide a comprehensive study of the current security standards
Comment 5. (References). The authors covered a minimal number of papers, where almost ten papers by the same author stand out. A survey needs to be diversified. Please review this situation, including authors of different techniques, preferably with more recent research (2020 and 2021 if applicable).
Answer. We would like to thank the reviewer for this constructive comment that gives us the chance to clarify things further. In our work, we made an attempt to document as many attacks on industrial infrastructures as possible. In this spirit, over 450 documents were thoroughly reviewed and studied, of which finally (in this revised version) 110 are included from almost 87 authors who are specialized in this area of research (including members of our team). It is also important to mention that most of the papers and studies are from 2017 and later, although, for the completeness of the research, we also selected older works (approximately 15), which have been checked for their validity.
Reviewer 2 Report
The authors have surveyed the IIOT attacks and countermeasures, which are getting critical these days and they have done a meta survey with some findings.
I believe the length of the paper is not justified for the contents as some of the contents in the first few pages could be easily summarised.
The aim of the paper reads as " an extensive study of the most popular ways of
79 attacking industrial applications, as well as the corresponding literature studies related to them, with the aim to provide a more effective, cyber security-oriented approach and ultimately lead to a more resilient industrial environment" but I could not see this translated into the output.
My primary concern is - What new knowledge area does the author looks into? In addition, every paper has not been critically analysed rather it has been summarised and presented.
In the conclusion, it is not learning to any new area or provides the reader with alternative thinking.
Author Response
Dear Editor,
We would like to thank you for your prompt response with the reviewers’ reply to our paper entitled "Cyber Threats to Industrial IoT: A Survey on Attacks on Countermeasures". We would also like to thank the reviewers for their constructive remarks and suggestions, which we believe we have fully addressed by making the necessary revisions, that have resulted in substantial improvement of the overall quality of our manuscript.
……………………….
Yours sincerely,
Konstantinos Tsiknas, Dimitrios Taketzis, Konstantinos Demertzis and Charalabos Skianis
Comment 1. The authors have surveyed the IIOT attacks and countermeasures, which are getting critical these days and they have done a meta survey with some findings. I believe the length of the paper is not justified for the contents as some of the contents in the first few pages could be easily summarised.
Answer.
Thanks for the comment, we have reduced the length of the paper by summarising the contents of Section 2 (Metasurvey) as suggested.
Comment 2. The aim of the paper reads as "an extensive study of the most popular ways of attacking industrial applications, as well as the corresponding literature studies related to them, with the aim to provide a more effective, cyber security-oriented approach and ultimately lead to a more resilient industrial environment" but I could not see this translated into the output. My primary concern is - What new knowledge area does the author looks into? In addition, every paper has not been critically analysed rather it has been summarised and presented. In the conclusion, it is not learning to any new area or provides the reader with alternative thinking.
Answer.
Thank you for this helpful comment. The main contribution of this paper is to provide a thorough study on the attacks against the Industrial IoT systems, since most of the surveys in the area of IoT are not focus on the Industrial IoT environment. We have updated the introduction to clarify further the main differences between our paper in comparison to the existing literature as shown below.
Generally speaking, the most relevant studies conducted so far, focus on the security risks in IoT systems in general. For the particular environment of the Industrial IoT systems, however, there is no available extensive research to our best of knowledgement. In addition, the existing studies fail to contribute substantially to the awareness and clear understanding of the risks associated with IIoT systems as well as the severity of the attacks against them, which in most cases results in great damage and even loss of human lives.
...
In this context, the main difference from the other IIoT surveys is the provision of a complete, uptodate and valid reference framework for the identification and the assessment of the risks related to the ever-evolving industrial environment.
In addition, we believe that we critically analyse the work presented, as shown for instance, in Section 2,
This study in particular, simply lists the building blocks of a functional SCADA architecture, while an analysis of the attacks in the physical layer is completely superficial. In addition… communication protocols.
in Section 2,
Although this study provides a solid approach on how the IIoT works and the corresponding vulnerabilities associated with it, it is generally considered incomplete, as it does not provide examples of similar attacks, or techniques that could prevent them. It is rather a survey on the known types of attacks which provides some minimal information that can be easily extracted by the literature.
in Section 2,
A holistic approach based on the business planning and the standardization on security requirements designed by the standardization bodies …
in Section 2,
Given the complexity of the architectures associated with SCADA systems and related prototypes, Ghosh and S. Sampalli provide a comprehensive study of the current security standards
Finally, we believe that we have adequately and substantially the IIoT attacks and the corresponding counter-measures, which is currently missing from the literature, whereas the classification of the IIoT in the five categories provided in chapter 3 of our analysis enables a clear and comprehensive presentation of the security risks and the associated counter-measures as specialised in the Industrial IoT environment. We have appropriately updated the introduction and section 3 to explain more clearly our contribution.
Also in Introduction
The main contribution of this work is to provide researchers, but also organizations dealing with Industrial IoT technologies in general, a comprehensive study on issues related to cyber threats on industrial equipment, as well as the latest countermeasures for the protection of the infrastructure in question, through a critical and benchmarking framework. In this context, the main difference from the other IIoT surveys is the provision of a complete, uptodate and valid reference framework for the identification and the assessment of the risks related to the ever-evolving industrial environment.
and Section 3
In the following subsections we classify the IIoT threats in five generic categories: phishing attacks, ransomwares, protocol, supply chain and system attacks [43]. This separation enables a clear and comprehensive presentation of the security risks and the associated counter-measures as specialised in the Industrial IoT environment.
Reviewer 3 Report
This paper presents a study of ways of attacking industrial applications, as well as the corresponding literature studies.
The information presented is interesting, though the authors' ideas will be further supported with some structural improvements.
1. Chapter 2:
- Each mode of attack against a SCADA system shall be further supported with references in most if not all cases.
- the latter part about the complexity of SCADA systems shall be back with references in all of its topics
2.
chapter 3.1 and 3.2 shall also include a comparison table of the referenced works on attacks.
3.
There are lots of interesting references included in tha manuscript that shall be presented in comparative tables and summarizing paragraphs for each section.
It would be in favour of the mansucript readership to address the topics above.
Author Response
Comment 1. Chapter 2: Each mode of attack against a SCADA system shall be further supported with references in most if not all cases. The latter part about the complexity of SCADA systems shall be back with references in all of its topics
Answer: We have improved a lot the background and supported it with more references in most cases in order to make the paper self-consistent according to the reviewer’s comment and suggestion. Thank you for this constructive remark.
Comment 2. Chapter 3.1 and 3.2 shall also include a comparison table of the referenced works on attacks.
Answer: Thanks for the comment. In table 2 of chapter 4 (Discussion) we summarise the threats and the countermeasures discussed in chapters 3.1 and 3.2
Comment 3. There are lots of interesting references included in the manuscript that shall be presented in comparative tables and summarizing paragraphs for each section. It would be in favor of the manuscript readership to address the topics above.
Answer: Thanks for the helpful comment. In the provided tables (1 and 2) we summarize the threats and the countermeasures discussed in section 3 along with the associated references.
Round 2
Reviewer 2 Report
Thanks to the authors for performing the corrections. I am satisfied with the corrections made.