Some have dubbed this the era of “smart agriculture”—with farms around the world scaling up their use of the Internet, IoT, big data, cloud computing and artificial intelligence to increase yields and sustainability. Yet with so much digital technology, naturally, also comes heightened potential cybersecurity vulnerabilities.
There’s no scaling back smart agriculture either. By the end of this decade we will need the extra food it produces—with world’s population projected to cross 8.5 billion, and more than 840 million people affected by acute hunger. Unless smart agriculture can dramatically increase the global food system’s efficiency, the prospect of reducing global malnutrition and hunger—let alone the ambitious goal of zero hunger by 2030—appears very difficult indeed.
Agriculture 4.0 (as smart ag is also called) aims not just at growing more food but also at increased efficiency, more powerful data analysis, and more intelligent automation and decision-making.
Although smart agriculture has been extensively studied, “the security issues [around] smart agriculture have not,” says Xing Yang from Nanjing Agricultural University in China. Research in the field to date, he adds, has mostly involved applying conventional cybersecurity wisdom to agricultural tech. Agricultural cybersecurity, by contrast, he says, is not given enough attention.
Yang and his colleagues surveyed the different kinds of smart agriculture, as well as the key technologies and applications specific to them. Agricultural IoT applications have unique characteristics that give rise to security issues, which the authors enumerate and suggest counter-measures for. (Their research was published in a recent issue of the journal IEEE/CAA Journal of Automatica Sinica.)
For example, while field agriculture might be subject to threats from damage to the facility, poultry and livestock breeding may face sensor failures, and greenhouse cultivation could face control system intrusions. All of these could result in damage to the IoT architecture, both hardware and software, leading to failure or malfunction in farming operations. Plus, there are threats to data acquisition technologies—malicious attacks, unauthorized access, privacy leaks, and so on—while blockchain technologies can be vulnerable to access control failure and unsafe consensus agreement.
In Yang’s opinion, the most pressing security problems in smart agriculture involve the physical environment, such as plant factory control system intrusion and unmanned aerial vehicle (UAV) false positioning. “The network for rural areas is not as good as that of cities,” he says, “which means that the network signals in some areas are poor, which leads to…false base station signals.”
The researchers also paid extra attention to agricultural equipment as potential security threats, something that recent studies have not done. “Considering that the deployment of IoT devices in farmland is relatively sparse and cannot be effectively supervised, how to ensure the physical security of these devices is a challenge,” Yang says. “In addition, the delay caused by long-distance signal transmission also increases the risk of Sybil attacks [which is] transmitting malicious data through virtual nodes.”
In their experiments with solar insecticidal lamps, for instance, they found that the lamp’s high voltage pulse affects the data transmission from Zigbee-based IoT devices and data acquisition sensors. Thus, Yang says, to minimize unnecessary losses, it’s important to study each device in the context of how it’s actually deployed in the field, including the possible safety risks of specific agricultural equipment.
The study also summarizes existing security and privacy countermeasures suitable for smart agriculture, including authentication and access control protocols, privacy-preserving frameworks, robust intrusion detection systems, and cryptography and key management. Yang is optimistic that the application of existing technologies—such as edge computing, artificial intelligence and blockchain—can be used to mitigate some of the existing problems. He says that AI algorithms can be developed that might detect the presence of malicious users, while existing industrial security standards can be applied to design a targeted security scheme for agricultural IoT.
This represents a significant research challenge, he says, because current datasets used in deep-learning approaches are not based on smart agriculture environments. Therefore, new datasets are required to build network intrusion detectors in a smart agriculture environment. “These [new] technologies can help the development of smart agriculture and solve some of the existing security problems,” Yang says, “but they have loopholes, so they also bring new security issues.”