Story image

Fujitsu develops network control technology to minimize impact of cyber attacks

Fujitsu Laboratories announced the development of network control technology that can securely operate IoT devices installed on-site. 

Sensors, manufacturing equipment, and other IoT devices connected to networks in on-site environments such as factories lack the capability for authentication or virus checking, leaving them open to malware attacks that result in stoppages in factory operations. 

This is a global problem, and existing anti-virus software often cannot be installed in IoT devices due to CPU and memory capacity restrictions, and many existing devices are exposed to threats from cyber attacks. Fujitsu Laboratories has now developed technology that analyzes and manages the interconnectivity between IoT devices and network devices, based on operating information collected in gateways, responding to successive changes in the network structure to identify the communications of IoT devices behaving suspiciously. 

In addition, Fujitsu Laboratories developed technology to efficiently control communication blocks. 

If an IoT device infected with malware were to attack other devices, for example, these technologies could detect that communication by comparing ordinary communication routes, based on the relationships of connections recorded in the gateways, with the actual communication routes. 

Moreover, by restricting the most appropriate network device managed by the gateway, the impact of the cyber attack can be minimized. 

Fujitsu Laboratories aims to commercialize these technologies during fiscal 2018 as part of the gateway functionality of the Fujitsu Network Virtuora series of network products, offered by Fujitsu Limited.
Development Background

Recent years have seen an increasing degree of IoT adoption in a variety of industrial fields, and as IoT devices, such as sensors and manufacturing equipment, have been connected to the network, cases of these IoT devices being damaged by malware attacks have occurred worldwide. 

This has created an urgent need for security countermeasures for IoT devices. In many cases, however, IoT devices do not support anti-virus software due to CPU, memory, or OS restrictions, and even if anti-virus software is deployed, often software updates that require the device to be rebooted are not executed as the IoT device cannot be stopped while in operation. Due to these factors, the current situation is that many IoT devices are operating with insufficient security measures.

In light of these problems, various consortiums and network device vendors have proposed measures using gateways to separate the network the IoT devices are connected to form the networks ordinary devices, such as PCs and servers, are connected to.

This means that the gateway can protect the devices from cyber attacks from outside networks, but because cyber attacks can be conducted without going through the gateway if a device infected with malware is connected inside the network the IoT devices are connected to, it was not possible to protect them from cyber attacks from infected devices.

 Fujitsu Laboratories has developed technology that can collect operating information about IoT devices and network devices from gateway devices, deduce the topology of the network the IoT devices are connected to, and appropriately control the network devices based on this information. 

With this technology, IoT devices communicating along routes not accounted for in the topology can be treated as unauthorized devices, enabling the technology to minimize the impact of cyber attacks by making those IoT devices unable to communicate with other IoT devices.