Editing Chapter 6: Edge Security and Privacy (section)

==6.4 Case Studies: Real-World Security Breaches==

To further illustrate the edge computer security concepts, we will give a couple of short case studies where edge
computing security plays a prevalent role, as well as some solutions:

===Securing Egyptian VMSs Smart City Infrastructure===
Over hundreds of thousands of these edge devices such as traffic sensors, surveillance cameras,
smart lighting systems, and environmental monitors are deployed in an urban Smart City. We
have on the `the city edge cloud' these instruments for real-time traffic flow management, public
safety alarm, environmental monitoring with life supports among the green plants – in the area
usually known as! This city suffered a massive blackout, when multiple traffic lights were compromised at the source which caused them to act irregularly: Not
issuing signals, leading to gridlocks.
====Challenges:====
How were the traffic controllers found to be vulnerable? Meaning they hack the password hole
punch so they can bypass the external username password and gain direct access to the temples
of our data. Moreover, on some cameras, the public IP of that camera is exposed, making remote
attack possible: it was obviously a disadvantage for them. The edge network stutters steps from
one organization to the next, making it hard however much one tries to apply security policy
uniformly, as whose department is solely responsible for a given thing?
====Solutions Introduced:====
;Net Separation
: The city designed its infrastructure with isolation zones; meaning traffic
systems are completely isolated from all other municipal services so if one zone is attacked all
other zones of that type remain intact.
;Password Overhaul
: Each unit was provided with a complete rehash to change its default
passwords and other weak credentials to hardened unique passwords. Remote administrative
access was only accepted with Multi-Factor Authentication.
;Embrace of a Zero Trust Model
: In this city, we employed a robust, Zero Trust model. A
central token service gives authorization to every device communication and does not assume
the inherent trust of devices.
;Firmware Handling
: The OTA management system required by installation ensures known
exploits like traffic light management are repaired when discovered. Firmware cannot be
updated at weaker sites as the assumption is it is regularly updated.
;AI-based IDS Deployment
: An AI-based IDS at a traffic control center learns about every
equipment normal behavior going on at this session (like how frequently commands are sent out
for lighting systems) generate alerts, activate promise lockdowns any time an abnormal behavior
appears Mechanisms for rapid dissemination throughout the city.
==== Outcome:====
As a result of the proactive settings, these attempts were quickly identified and contained, with a
limited impact on operations. For example, a virus event that targeted digital kiosks was
contained through micro-segmentation and AI detection mechanisms that quickly isolated and as
such quarantined the attack. It led to enhanced overall resilience of this intelligent city — its
citizens’ trust in IoT services is continually getting better.


=== IIOT (INDUSTRIAL IOT) IN MANUFACTURING===
The production floor of a manufacturing company has integrated an IIoT system that is edge-
based. Sensors associated with the machinery connect to edge gateways that track the health of
the equipment for predictive maintenance. One extreme incident involved the main assembly
robot producing inaccurate sensor readings that were altered, driving the robot to malfunction
and claim weeks of expensive downtime on production. This revealed the insertion of an
unauthorized device, a small single-board computer that was disguised as a sensor node and
which fed erroneous data back to the control system.
====CHALLENGES:====
Even though it was optimized for efficiency, the factory edge network didn't include a device
authentication protocol; attackers could access new sensors without the need for tight controls.
Ensuring up time and keeping operational was prioritized often at the expense of timely
application of security updates. Moreover, the presence of devices from many vendors further
complicated efforts to establish consistent security standards, and production engineers received
little training in cybersecurity best practices.
====SOLUTIONS IMPLEMENTED====
To solve these problems, stringent onboarding procedures were put in place: each sensor or
controller must now present a digital certificate signed by the organization before being allowed
onto the network. Any unknown device attempting to gain access is rejected and notification
alerts are immediately sent out to ensure the remedying of bogus sensors does not take place in
future.
Additionally, they created a blockchain ledger to monitor device identities and to log any
configuration changes over time. Every new addition or firmware update triggers a blockchain
transaction being recorded to guarantee the creation of an immutable audit trail that can be
reviewed by IT as well as OT (operational technology) teams increasing trust and accountability
between departments. They segmented their network by listener and gateway: your sensors only
talk to local gateway, and then your gateway only talks to central controls understanding that if
any one part is breached there are limitations to how much of your network is attacked. More
importantly, they rolled out an AI-powered detection system that monitored sensor readings for
abnormalities.
For known rogue sensors where outputs were statistically different from expected machine
behavior; it is likely that ML models would have picked up on this irregularity early enough to
allow for preemptive safety shutters before doing damage.In addition, maintenance processes
were revised to ensure that scheduled downtimes were regular intervals of time explicitly
dedicated towards security (for example, patching software vulnerabilities and routine
equipment calibration checks). Training of staff on basic cyber hygiene such as ensuring that a
USB drive or laptop was validated before connecting it into the organization edge networks have
reduced the threat of the organization network being infected by malware.
====OUTCOME====
Then after enhancements made at this facility had enabled quick identification of anomalies; The
next, an internal attempt by someone trying to connect using unauthorized monitoring tools was
quickly detected and blocked ensuring nothing could affect operations in our pursuit against
cyber-physical threats going forward. This includes how to properly secure our edges given their
unique properties tightly coupled with how data generation happens right at the host itself which
underlines an edge rather than left assume by further maintaining data access principles and
protocols as logs have significantly aided audits of compliance as well being fitted into our own
investigation processes during incidents reducing times taken before identifying potential
problems where an immutable changelog was adapted into the process itself. Key Takeaways –
Smart cities & IIOT factories share common challenges yet demonstrate needs for customized
solutions & technologies but also show similar trends including segmentation, authentication
continuous supervision Reacting quickly overcoming new challenges through advanced
technology tools - Artificial Intelligence& Blockchain technologies just to name a few.