Authentication Technology in Industrial Control System Based on Identity Password

Aiming at the current lack of certification capability in domestic industrial control systems, an industrial control system authentication scheme based on identity cryptography algorithm is proposed. When authenticating between control system devices, the scheme integrates the identity-based digital signature algorithm into the SSL/TLS handshake protocol to complete identity authentication between the engineering station and the trusted PLC. At the same time, when the connection is established for the first time between devices, the connection authentication is selected by the challenge/response based method. The authentication technology based on the identity cryptographic algorithm no longer requires the existence of a public key certificate. This eliminates the need to revoke, store, and issue certificates, simplifies the certification process and reduces the amount of computation required by the authentication process. At the same time, the improved handshake protocol is universal in industrial control systems. The authentication technology based on the identity and password algorithm no longer requires the existence of a public key certificate, eliminating the need for certificate revocation, storage, and issuance, simplifying authentication steps, and reducing system maintenance. Finally, by establishing a test environment, the improved handshake protocol is implemented, and the feasibility of the authentication scheme is verified and analyzed.

[1]  Leandros A. Maglaras,et al.  Vulnerability Analysis of Network Scanning on SCADA Systems , 2018, Secur. Commun. Networks.

[2]  Mehmet A. Orgun,et al.  An efficient quantum blind digital signature scheme , 2017, Science China Information Sciences.

[3]  Florin Sandu,et al.  SDR Implementation of a D2D Security Cryptographic Mechanism , 2019, IEEE Access.

[4]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[5]  Lun Xie,et al.  Data Security Transmission Mechanism in Industrial Networked Control Systems against Deception Attack , 2016 .

[6]  Craig A. Shue,et al.  A deployable SCADA authentication technique for modern power grids , 2014, 2014 IEEE International Energy Conference (ENERGYCON).

[7]  Ercan Nurcan Yilmaz,et al.  Attack detection/prevention system against cyber attack in industrial control systems , 2018, Comput. Secur..

[8]  Sami Zhioua,et al.  On PLC network security , 2018, Int. J. Crit. Infrastructure Prot..

[9]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.