Securing IT/OT Links for Low Power IIoT Devices: Design Considerations for Industry 4.0

Manufacturing is facing a host of new security challenges due to the convergence of information technology (IT) and operational technology (OT) in the industry. This article addresses the challenges that arise due to the use of low power Industrial Internet of Things (IIoT) devices in modular manufacturing systems of Industry 4.0. First, we analyze security challenges concerning the manufacturing execution system (MES) and programmable logic controllers (PLC) in IIoT through a selective literature review. Second, we present an exploratory case study to determine a protocol for cryptographic key management and key exchange suitable for the Smart Production Lab of Aalborg University (a learning cyber-physical factory). Finally, we combine the findings of the case study with a quality function deployment (QFD) method to determine design requirements for Industry 4.0. We identify specific requirements from both the high-level domain of factory capabilities and the low-level domain of cryptography and translate requirements between these domains using a QFD analysis. The recommendations for designing a secure smart factory focus on how security can be implemented for low power and low-cost IIoT devices. Even though there have been a few studies on securing IT to OT data exchange, we conclude that the field is not yet in a state where it can be applied in practice with confidence.

[1]  Mohammad Zulkernine,et al.  Attacks and Defenses in Short-Range Wireless Technologies for IoT , 2020, IEEE Access.

[2]  Pietro Tedeschi,et al.  LiKe: Lightweight Certificateless Key Agreement for Secure IoT Communications , 2020, IEEE Internet of Things Journal.

[3]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[4]  Kagermann Henning Recommendations for implementing the strategic initiative INDUSTRIE 4.0 , 2013 .

[5]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[6]  Xinyi Huang,et al.  Security and Privacy Techniques for the Industrial Internet of Things , 2019, Security and Privacy Trends in the Industrial Internet of Thing.

[7]  Cristina Alcaraz Secure Interconnection of IT-OT Networks in Industry 4.0 , 2019 .

[8]  Robert H. Deng,et al.  Efficient and Robust Certificateless Signature for Data Crowdsensing in Cloud-Assisted Industrial IoT , 2019, IEEE Transactions on Industrial Informatics.

[9]  Suxia Cui,et al.  Industrial Internet of Things , 2018 .

[10]  Srinivas Devadas,et al.  A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication , 2016, IEEE Transactions on Multi-Scale Computing Systems.

[11]  Peter Nyhuis,et al.  Changeable Manufacturing - Classification, Design and Operation , 2007 .

[12]  Charles Møller,et al.  An Overview of Next-generation Manufacturing Execution Systems: How important is MES for Industry 4.0? , 2019, Procedia Manufacturing.

[13]  Richard Paes,et al.  A Guide to Securing Industrial Control Networks: Integrating IT and OT Systems , 2020, IEEE Industry Applications Magazine.

[14]  Joe Cunningham,et al.  The industrial internet of things (IIoT): An analysis framework , 2018, Comput. Ind..

[15]  Weisong Shi,et al.  Edge Computing: Vision and Challenges , 2016, IEEE Internet of Things Journal.

[16]  Gilberto Berardinelli,et al.  Implementation and Trial Evaluation of a Wireless Manufacturing Execution System for Industry 4.0 , 2019, 2019 IEEE 90th Vehicular Technology Conference (VTC2019-Fall).

[17]  Octavian Morariu,et al.  Policy-based security for distributed manufacturing execution systems , 2017, Int. J. Comput. Integr. Manuf..

[18]  Parikshit N. Mahalle,et al.  Security Issues in IIoT: A Comprehensive Survey of Attacks on IIoT and Its Countermeasures , 2018, 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN).

[19]  Jianhua Chen,et al.  Certificateless Searchable Public Key Encryption Scheme for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[20]  Huaqun Guo,et al.  A Survey on IIoT Security , 2019, 2019 IEEE VTS Asia Pacific Wireless Communications Symposium (APWCS).

[21]  Biplab Sikdar,et al.  Mutual Authentication in IoT Systems Using Physical Unclonable Functions , 2017, IEEE Internet of Things Journal.

[22]  Digitalization of Manufacturing Execution Systems : the core technology for realizing future Smart Factories , 2017 .

[23]  SK Hafizul Islam,et al.  Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments , 2018, IEEE Transactions on Industrial Informatics.

[24]  Ole Madsen,et al.  The AAU Smart Production Laboratory for Teaching and Research in Emerging Digital Manufacturing Technologies , 2017 .

[25]  D. Harkins,et al.  Simultaneous Authentication of Equals: A Secure, Password-Based Key Exchange for Mesh Networks , 2008, 2008 Second International Conference on Sensor Technologies and Applications (sensorcomm 2008).

[26]  Weisong Shi,et al.  On security challenges and open issues in Internet of Things , 2018, Future Gener. Comput. Syst..

[27]  Boris Otto,et al.  Design Principles for Industrie 4.0 Scenarios , 2016, 2016 49th Hawaii International Conference on System Sciences (HICSS).

[28]  Stephen Hailes,et al.  Security of smart manufacturing systems , 2018 .

[29]  Sébastien Canard,et al.  IoT-Friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography , 2019, IACR Cryptol. ePrint Arch..

[30]  Sushmita Ruj,et al.  A Comprehensive Survey on Attacks, Security Issues and Blockchain Solutions for IoT and IIoT , 2020, J. Netw. Comput. Appl..

[31]  Alan R. Hevner,et al.  The Three Cycle View of Design Science , 2007, Scand. J. Inf. Syst..

[32]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[33]  Dimitri Konstantas,et al.  A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model , 2018 .

[34]  Babak A. Farshchian,et al.  A Communication Framework for the Internet of People and Things Based on the Concept of Activity Feeds in Social Computing , 2013, 2013 9th International Conference on Intelligent Environments.

[35]  Chunhua Su,et al.  Security and Privacy for the Industrial Internet of Things: An Overview of Approaches to Safeguarding Endpoints , 2018, IEEE Signal Processing Magazine.

[36]  Lei Shu,et al.  Smart Factory of Industry 4.0: Key Technologies, Application Case, and Challenges , 2018, IEEE Access.

[37]  Jochen Sassmannshausen,et al.  Interoperability and Security Challenges of Industry 4.0 , 2017, GI-Jahrestagung.

[38]  Detlef Zühlke,et al.  SmartFactory - Towards a factory-of-things , 2010, Annu. Rev. Control..

[39]  Ralf Steinmetz,et al.  Resilience in Security and Crises through Adaptions and Transitions , 2019, GI-Jahrestagung.

[40]  Xenofon Fafoutis,et al.  A Systematic Survey of Industrial Internet of Things Security: Requirements and Fog Computing Opportunities , 2020, IEEE Communications Surveys & Tutorials.

[41]  Armin Babaei,et al.  Physical Unclonable Functions in the Internet of Things: State of the Art and Open Challenges , 2019, Sensors.

[42]  Amin Hassanzadeh,et al.  Towards effective security control assignment in the Industrial Internet of Things , 2015, 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT).

[43]  Ali Dehghantanha,et al.  A survey on internet of things security: Requirements, challenges, and solutions , 2019, Internet Things.

[44]  Nuno Pereira,et al.  Security and Privacy in the Industrial Internet of Things: Current Standards and Future Challenges , 2020, IEEE Access.

[45]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[46]  Kevin Weekly,et al.  OpenWSN: a standards‐based low‐power wireless development environment , 2012, Trans. Emerg. Telecommun. Technol..

[47]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[48]  Sergio García Villalonga,et al.  Exploiting Local Clouds in the Internet of Everything Environment , 2015, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.