Industrial IoT Fundamentals: Architecture and Security
Q1. Relationship Between IoT and IIoT
IIoT (Industrial IoT) is a specialized branch of IoT applied to factories, energy, and other industrial settings. Both connect physical devices to networks to collect and exchange data, but their priorities differ: consumer IoT focuses on convenience and cost, while IIoT focuses on reliability, safety, and precision. IIoT systems must tolerate harsh environments, run continuously, and meet strict real-time and security requirements because a failure can stop production or endanger people. Its main functional characteristics are:
- High availability
- Deterministic (predictable) communication
- Interoperability with existing OT equipment
- Scalability to thousands of sensors
- Strong security
In short, IIoT is IoT with industrial-grade dependability.
Q2. IIoT Systems and the IIRA Framework
The IIRA (Industrial Internet Reference Architecture) is a standard framework for designing IIoT systems using four viewpoints: business, usage, functional, and implementation. Each viewpoint addresses different stakeholder concerns, ensuring requirements flow from business goals down to concrete implementation. The functional viewpoint is split into five domains: control, operations, information, application, and business. Data flows upward from the control domain (sensors/actuators) through information and application domains for analytics, while control commands flow back down. The balance of these flows determines latency and stability; time-critical control loops are kept near the edge, while slower analytics happen higher up.
Q3. Three-Tier Architecture
The three-tier IIoT architecture consists of:
- Edge Tier: Contains sensors, actuators, and gateways that collect data and perform fast local control.
- Platform Tier: Often cloud-based, it aggregates and stores data, manages devices, and runs analytics.
- Enterprise Tier: Hosts business applications, dashboards, and decision-making systems.
Data moves up the tiers while control commands move down, separating real-time edge tasks from heavy processing.
Q4. Sensor Classification and Application
Sensors are classified by the quantity they measure: physical (temperature, pressure), mechanical (vibration, weight), optical (light, proximity), chemical/gas (humidity), and electrical (current, voltage). They are also grouped as analog vs. digital and active vs. passive. In industry, thermocouples monitor furnaces, pressure sensors protect pipelines, and proximity sensors guide robots. Selection depends on range, accuracy, response time, and environmental factors like heat or dust.
Q5. Role and Types of Actuators
An actuator converts a control signal into physical action. They are the output counterpart to sensors. Main types include:
- Electric: Motors, servos, relays, solenoids.
- Pneumatic: Driven by compressed air.
- Hydraulic: Driven by pressurized fluid for high force.
In automation, they open valves, move robot arms, and switch machinery based on controller decisions.
Q6. Classification of Embedded Systems
Embedded systems are classified by:
- Function: Stand-alone, real-time, networked, or mobile.
- Real-time strictness: Hard real-time (e.g., airbag control) vs. soft real-time (e.g., displays).
- Complexity: Small-scale (8-bit), medium-scale (32-bit), or sophisticated (multi-core/RTOS).
Q7. System-on-Chip (SoC) Advantages
A System-on-Chip (SoC) integrates CPU, memory, I/O, and wireless radios onto a single chip (e.g., ESP32). Advantages include smaller size, lower power consumption, reduced cost, and higher reliability due to fewer external connections. On-chip communication is also faster, enabling compact and efficient IoT devices.
Q8. Firmware Design Constraints and Approaches
IoT firmware must manage limited memory, processing power, and energy budgets. Designers must prioritize efficient code and power-saving sleep modes. Common approaches include:
- Bare-metal: Simple super-loop for small tasks.
- RTOS-based: Uses a real-time operating system (e.g., FreeRTOS) for multi-tasking and timing guarantees.
Secure over-the-air (OTA) updates are essential for long-term maintenance.
Q9. Secure SDLC and Programming Principles
A Secure SDLC integrates security into every phase—requirements, design, coding, testing, and maintenance. Key principles include input validation, least privilege, secure defaults, encryption, and defense-in-depth. Threat modeling and automated testing (SAST/DAST) catch vulnerabilities early, ensuring firmware resists tampering and protects data.
Q10. RFID vs. NFC Technologies
Both use radio waves, but differ in range and usage:
- RFID: Reads from centimeters to meters; used for inventory and logistics.
- NFC: Limited to ~4 cm; supports two-way peer-to-peer exchange for payments and secure pairing.
Q11. Wireless Sensor Network (WSN) Principles
A WSN consists of nodes with a sensing unit, processing unit, communication unit, and power unit. Key principles include:
- Multi-hop routing: Forwarding data through neighbors to save power.
- Self-organization: Dynamic network formation.
- Data aggregation: Combining readings to reduce traffic.
Q12. IEEE 802.15.4, 6LoWPAN, and RPL
These protocols form a stack for IP-based IoT:
- IEEE 802.15.4: Defines physical and MAC layers.
- 6LoWPAN: Adapts IPv6 for small 802.15.4 frames.
- RPL: Manages multi-hop routing in low-power networks.
Q13. ZigBee, ZigBee IP, and Thread
- ZigBee: Non-IP, mature, used in home automation.
- ZigBee IP: Adds IPv6 for smart-energy applications.
- Thread: IPv6-based, secure, self-healing mesh for smart homes (basis for Matter).
Q14. MQTT vs. CoAP
- MQTT: Publish/subscribe model over TCP; reliable, ideal for telemetry and cloud collection.
- CoAP: Request/response model over UDP; lightweight, ideal for constrained, battery-powered devices.
Q15. AMQP, XMPP, and Secure MQTT
- AMQP: Robust message-queuing for enterprise reliability.
- XMPP: XML-based, supports real-time presence and messaging.
- Secure MQTT: Lightweight telemetry protected by TLS encryption.
Q16. Edge Computing and Real-Time Decisions
Edge computing processes data locally, reducing latency and ensuring system stability if cloud connections fail. Stream processing catches anomalies instantly, while event-driven approaches minimize network load, providing predictable responses for industrial control.
Q17. Cloud-Based IoT Platforms
Platforms like AWS or Azure provide infrastructure for device management, data storage, and visualization. Selection criteria include service models (IaaS/PaaS), security features, and avoiding vendor lock-in through open standards.
Q18. Cybersecurity Risks in IIoT
Risks include weak authentication, unpatched firmware, and insecure remote access. Impacts range from production downtime and sabotage to safety hazards for workers, making security vital for operational continuity.
Q19. Authentication, Encryption, and Access Control
These mechanisms provide layered security: authentication verifies identity, encryption protects data integrity, and access control enforces least privilege. Together, they prevent unauthorized commands and man-in-the-middle attacks.
Q20. IT/OT Integration Security
IT and OT have conflicting priorities (confidentiality vs. availability). Integration challenges include legacy protocols and patching difficulties. Approaches like network segmentation, firewalls, and continuous monitoring are used to protect OT systems without disrupting production availability.
