Trusted Platform Modules in Cyber-Physical Systems: On the Interference Between Security and Dependability

Cyber physical systems are the key innovation driver for many domains such as automotive, avionics, industrial process control, and factory automation. However, their interconnection potentially provides adversaries easy access to sensitive data, code, and configurations. If attackers gain control, material damage or even harm to people must be expected. To counteract data theft, system manipulation and cyber-attacks, security mechanisms must be embedded in the cyber physical system. Adding hardware security in the form of the standardized Trusted Platform Module (TPM) is a promising approach. At the same time, traditional dependability features such as safety, availability, and reliability have to be maintained. To determine the right balance between security and dependability it is essential to understand their interferences. This paper supports developers in identifying the implications of using TPMs on the dependability of their system.We highlight potential consequences of adding TPMs to cyber-physical systems by considering the resulting safety, reliability, and availability. Furthermore, we discuss the potential of enhancing the dependability of TPM services by applying traditional redundancy techniques.

[1]  Steven L. Kinney Trusted Platform Module Basics: Using TPM in Embedded Systems (Embedded Technology) , 2006 .

[2]  Andrea Höller,et al.  Development and Production Processes for Secure Embedded Control Devices , 2016, EuroSPI.

[3]  Christopher Preschern,et al.  An Architecture for Safe and Secure Automation System Devices and Maintenance Process , 2012, 2012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems.

[4]  Andrew J. Kornecki,et al.  Studying interrelationships of safety and security for software assurance in cyber-physical systems: Approach based on bayesian belief networks , 2013, 2013 Federated Conference on Computer Science and Information Systems.

[5]  Christian Steger,et al.  Cyber-Physical System and Internet of Things Security: An Overview , 2017 .

[6]  Heiko Stamer,et al.  A Software-Based Trusted Platform Module Emulator , 2008, TRUST.

[7]  Jacques Losq Influence of Fault-Detection and Switching Mechanisms on the Reliability of Stand-By Systems , 1998 .

[8]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[9]  Keith Mayes,et al.  Trusted Platform Module for Smart Cards , 2014, 2014 6th International Conference on New Technologies, Mobility and Security (NTMS).

[10]  Niraj K. Jha,et al.  Analysis and design of a hardware/software trusted platform module for embedded systems , 2008, TECS.

[11]  Srivaths Ravi,et al.  Security in embedded systems: Design challenges , 2004, TECS.

[12]  Manuel Oriol,et al.  Increasing efficiency of M-out-of-N redundancy , 2014, Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA).

[13]  Peter I. Corke,et al.  Toward trusted wireless sensor networks , 2010, TOSN.

[14]  Siani Pearson Trusted Computing Platforms , the Next Security Solution , 2002 .

[15]  Andy J. Wellings,et al.  GUARDS: A Generic Upgradable Architecture for Real-Time Dependable Systems , 1997, IEEE Trans. Parallel Distributed Syst..

[16]  Michael Gissing,et al.  acTvSM: A Dynamic Virtualization Platform for Enforcement of Application Integrity , 2010, INTRUST.

[17]  Eric Armengaud,et al.  A Combined Safety-Hazards and Security-Threat Analysis Method for Automotive Systems , 2014, SAFECOMP Workshops.

[18]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[19]  Andrea Höller,et al.  Integration of Integrity Enforcing Technologies into Embedded Control Devices: Experiences and Evaluation , 2017, 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC).

[20]  Andrea Höller,et al.  Poster: Towards a Secure, Resilient, and Distributed Infrastructure for Hydropower Plant Unit Control , 2016, EWSN.

[21]  Peter Priller,et al.  Securing smart maintenance services: Hardware-security and TLS for MQTT , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[22]  Damien Sauveron,et al.  Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[23]  Martin Klimke Hardware-based Secure Identities for machines in smart factories , 2016 .

[24]  Mohammad Nauman,et al.  Specification and Standardization of a Java Trusted Computing API , 2012, Softw. Pract. Exp..

[25]  Allan Tomlinson Introduction to the TPM , 2008 .

[26]  Morrie Gasser,et al.  The Digital Distributed System Security Architecture , 1989 .