Dataflow Challenges in an Internet of Production: A Security & Privacy Perspective

The Internet of Production (IoP) envisions the interconnection of previously isolated CPS in the area of manufacturing across institutional boundaries to realize benefits such as increased profit margins and product quality as well as reduced product development costs and time to market. This interconnection of CPS will lead to a plethora of new dataflows, especially between (partially) distrusting entities. In this paper, we identify and illustrate these envisioned inter-organizational dataflows and the participating entities alongside two real-world use cases from the production domain: a fine blanking line and a connected job shop. Our analysis allows us to identify distinct security and privacy demands and challenges for these new dataflows. As a foundation to address the resulting requirements, we provide a survey of promising technical building blocks to secure inter-organizational dataflows in an IoP and propose next steps for future research. Consequently, we move an important step forward to overcome security and privacy concerns as an obstacle for realizing the promised potentials in an Internet of Production.

[1]  P. Conway,et al.  Towards Industrial Internet of Things: Crankshaft Monitoring, Traceability and Tracking Using RFID , 2016 .

[2]  Herbert J. Mattord,et al.  Principles of Information Security, 4th Edition , 2011 .

[3]  Yehuda Lindell,et al.  Secure Multiparty Computation for Privacy-Preserving Data Mining , 2009, IACR Cryptol. ePrint Arch..

[4]  Klaus Wehrle,et al.  Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..

[5]  G. Seliger,et al.  Opportunities of Sustainable Manufacturing in Industry 4.0 , 2016 .

[6]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[7]  Klaus Wehrle,et al.  myneData: Towards a Trusted and User-controlled Ecosystem for Sharing Personal Data , 2017, GI-Jahrestagung.

[8]  Jianhua Chen,et al.  Certificateless Searchable Public Key Encryption Scheme for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[9]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[10]  Klaus Wehrle,et al.  Network Security and Privacy for Cyber-Physical Systems , 2017 .

[11]  Liang Zhou,et al.  Multimedia traffic security architecture for the internet of things , 2011, IEEE Network.

[12]  Klaus Wehrle,et al.  A Case for Integrated Data Processing in Large-Scale Cyber-Physical Systems , 2019, HICSS.

[13]  Klaus Wehrle,et al.  Smart Contract-Based Car Insurance Policies , 2018, 2018 IEEE Globecom Workshops (GC Wkshps).

[14]  Kim-Kwang Raymond Choo,et al.  Cloud Manufacturing: Security, Privacy, and Forensic Concerns , 2016, IEEE Cloud Computing.

[15]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[16]  Günther Schuh,et al.  The Digital Shadow of Services: A Reference Model for Comprehensive Data Collection in MRO Services of Machine Manufacturers , 2018 .

[17]  Moni Naor,et al.  Our Data, Ourselves: Privacy Via Distributed Noise Generation , 2006, EUROCRYPT.

[18]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[19]  Albert Levi,et al.  A Survey on Anonymity and Privacy in Bitcoin-Like Digital Cash Systems , 2018, IEEE Communications Surveys & Tutorials.

[20]  Jay Lee,et al.  A Cyber-Physical Systems architecture for Industry 4.0-based manufacturing systems , 2015 .

[21]  Josep Domingo-Ferrer,et al.  Big Data Privacy: Challenges to Privacy Principles and Models , 2015, Data Science and Engineering.

[22]  Jorge Pereira,et al.  IIoTEED: An Enhanced, Trusted Execution Environment for Industrial IoT Edge Devices , 2017, IEEE Internet Computing.

[23]  Christian Brecher,et al.  Industrial Internet of Things and Cyber Manufacturing Systems , 2017 .

[24]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[25]  Jing Liu,et al.  Internet of things' authentication and access control , 2012, Int. J. Secur. Networks.

[26]  Fabrizio Lamberti,et al.  Blockchain and Smart Contracts for Insurance: Is the Technology Mature Enough? , 2018, Future Internet.

[27]  Martin Henze,et al.  Privacy-preserving Comparison of Cloud Exposure Induced by Mobile Apps , 2017, MobiQuitous.

[28]  Rohit Negi,et al.  Guaranteeing Secrecy using Artificial Noise , 2008, IEEE Transactions on Wireless Communications.

[29]  Insup Lee,et al.  Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.

[30]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[31]  Klaus Wehrle,et al.  Peer-to-Peer Systems and Applications , 2005, Peer-to-Peer Systems and Applications.

[32]  Elaine Shi,et al.  Privacy-Preserving Aggregation of Time-Series Data , 2011, NDSS.

[33]  Paul Conway,et al.  Towards industrial internet of things , 2016 .

[34]  Klaus Wehrle,et al.  Stamping Process Modelling in an Internet of Production , 2020 .

[35]  J. Pennekamp,et al.  BLOOM: BLoom filter based oblivious outsourced matchings , 2017, BMC Medical Genomics.

[36]  Jin Wang,et al.  Location Privacy Protection Based on Differential Privacy Strategy for Big Data in Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[37]  Stephen Pollard,et al.  Authentication of 3D Printed Parts using 3D Physical Signatures , 2018 .

[38]  F. Klocke,et al.  Dependencies of the die-roll height during fine blanking of case hardening steel 16MnCr5 without V-ring using a nesting strategy , 2018 .

[39]  F. Klocke Manufacturing Processes 1 , 2011 .

[40]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[41]  Zhen Zhao,et al.  State-of-the-art and future challenge in fine-blanking technology , 2019, Prod. Eng..

[42]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[43]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[44]  David C. Mills,et al.  Distributed Ledger Technology in Payments, Clearing, and Settlement , 2016 .

[45]  Martin Henze,et al.  Tailoring Onion Routing to the Internet of Things: Security and Privacy in Untrusted Environments , 2019, 2019 IEEE 27th International Conference on Network Protocols (ICNP).

[46]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[47]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[48]  Jens Hiller,et al.  Privacy-Preserving Remote Knowledge System , 2019, 2019 IEEE 27th International Conference on Network Protocols (ICNP).

[49]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[50]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[51]  Jason E. Lueg,et al.  Supply chain security: an overview and research agenda , 2008 .

[52]  Swen Kortig,et al.  Springer Handbook of Mechanical Engineering , 2021, Springer Handbooks.

[53]  Mohamed Abdel-Basset,et al.  Internet of Things (IoT) and its impact on supply chain: A framework for building smart, secure and efficient systems , 2018, Future Gener. Comput. Syst..

[54]  Xiaofeng Chen,et al.  Introduction to Secure Outsourcing Computation , 2016, Introduction to Secure Outsourcing Computation.

[55]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[56]  Xue Liu,et al.  PDA: Privacy-Preserving Data Aggregation in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[57]  Matthew McCullough,et al.  Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development , 2009 .

[58]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[59]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[60]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[61]  Álvaro Enrique Arenas,et al.  Contracts as Trust Substitutes in Collaborative Business , 2008, Computer.

[62]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[63]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[64]  Ethan Heilman,et al.  An Empirical Analysis of Traceability in the Monero Blockchain , 2017, Proc. Priv. Enhancing Technol..

[65]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[66]  Valtteri Niemi,et al.  Distributed Usage Control , 2011, ANT/MobiWIS.

[67]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[68]  Christian Brecher,et al.  Towards an Infrastructure Enabling the Internet of Production , 2019, 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS).

[69]  Klaus Wehrle,et al.  CloudAnalyzer: Uncovering the Cloud Usage of Mobile Apps , 2017, MobiQuitous.

[70]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[71]  Rolf Steinhilper,et al.  The Digital Twin: Demonstrating the Potential of Real Time Data Acquisition in Production Systems ☆ , 2017 .

[72]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[73]  Yuan Xiao,et al.  SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution , 2018, 2019 IEEE European Symposium on Security and Privacy (EuroS&P).

[74]  Joe Kilian Secure Computation , 2011, Encyclopedia of Cryptography and Security.

[75]  Marek A Cyran,et al.  Blockchain as a Foundation for Sharing Healthcare Data , 2018 .

[76]  Klaus Wehrle,et al.  CPPL: Compact Privacy Policy Language , 2016, WPES@CCS.

[77]  Jan H. P. Eloff,et al.  Information Security Policy - What do International Information Security Standards say? , 2002, ISSA.