Article Preview
Top1. Introduction
With the fast evolution of IoT technologies, more and more household devices are connected to the Internet. Meanwhile, embedded systems are rapidly developing, plenty of industrial equipment are connected to the Internet and work intelligently. Cybersecurity vulnerabilities in the household devices and industrial equipment, therefore, becomes a severe issue which could lead to the whole network system hazardous. For instance, most smart home devices such as intelligent sockets and wireless smart cameras do not use a secure protocol, constrained by the performance of embedded system chips or the default configurations. Thus, the manufacturers have to frequently update the softwares to enhance the device’s security. However, majority users are not usually aware of the available software updates as for security precaution. In such cases, devices are exposed to attacks. The Common Vulnerabilities and Exposures Details (CVE-Details) database shows that the TP-link, as a world-wide vendor for router devices, discover their products’ vulnerabilities every year (Özkan 2018). The Figure 1 shows that by 7th July 2018, there are 31 new vulnerabilities related to the TP-Link's routers (CVE-Details 2018). Such large number of new security vulnerabilities on the TP-link router suggests that the home wireless network environment is quite fragile. Furthermore, these vulnerabilities could introduce hidden hazards into commercial production. It is quite common that in semi-automated factories they manage the manufacturing equipment through an intranet. Once the virus infects a device, the entire factory’s intranet could be crippled all together. On 6th August 2018, Apple chip supplier TSMC warned its customers of 170 million dollars hit from a virus (Pham 2018). The virus invaded one machine by exploiting the vulnerability and then spread to the whole intranet. It is not difficult to tell that the vulnerability in any network device is potentially hazardous. So, it is indispensable for individuals and organisations to identify security risks then to upgrade the software of the devices accordingly. To effectively deal with the hazard of cybersecurity vulnerability, the MITRE Corporation (Christey and Martin 2007), the United States National Institute of Standards and Technology (NIST) (Franqueira and Keulen 2012), and other third-party platforms such as the CVE-Details are collecting and analysing the cybersecurity vulnerabilities data. These organisations discern and examine the essentials of the complex vulnerability’s data aiming to work out the anti-vulnerability solution. Though solving a solo vulnerability might be relatively simple and straightforward, detecting all vulnerabilities within a certain network and realizing the enduring security of an intranet is however complex and challenging. Considering different vulnerabilities across multiple devices affecting with each other in the intranet, it is hard to discover and resolve all the cybersecurity issues by referring to the vulnerability interpretation documents.
Figure 1. TP-link: Vulnerability Statistics (CVE-Details 2018)
When facing of complex network environments, individuals, even companies feel difficult to reach a suitable tool to detect all vulnerabilities and come up with solutions. The article is based on IEC 62443 because the standard taking asset analysis into account as a fundamental part of risk analysis. Therefore, an asset pool is the backbone as it enables the tracking of a variety of attributes, including device name, asset ID, function, manufacturer, serial number, model, firmware version, responsible organization, operating system, and network address (Desruisseaux 2018). In this way, IACAP will help an organization to better understand, manage, and reduce its cybersecurity risks. This new platform provides an integrated way to detect the vulnerabilities of the devices which are connected to the Internet. The platform collects information from various cybersecurity vulnerability databases and is integrated with a popular device search engine called Shodan. This specialized search engine allows searching the Internet-exposed assets in real time. Meanwhile, Shodan feeds the platform with detailed information such as version, location, and IP address of different devices. Through this integrated design, this platform offers a direct way to check the cybersecurity condition of devices and discover the vulnerabilities within a network environment. The main contributions of this work are listed below: