A Survey of Security Frameworks Suitable for Distributed Control Systems

Nowadays distributed control systems have become more and more common and important in everyday life. However, as many distributed control systems become mobile, wireless, autonomous, ubiquitous and connected, the need for secure communication is imminent. In particular, the need for a general security framework with sufficiently flexible structure, and applicable for various use cases, emerges. Especially this applies to control system based on heterogeneous networks consisting of a wired and a wireless parts. Wired networks are nowadays often connected to Internet and thereby more exposed to potential attackers, and wireless networks are, by nature, more vulnerable to eavesdropping, jamming and hijacking. In this paper we define a scope of use cases based on distributed control, together with requirements for evaluating existing security solutions and frameworks. In addition, several frameworks, mainly from the area of industrial automation, are surveyed and evaluated based on the identified use cases and security requirements.

[1]  Tal Mizrahi Time synchronization security using IPsec and MACsec , 2011, 2011 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control and Communication.

[2]  Xiao Qin,et al.  Scheduling security-critical real-time applications on clusters , 2006, IEEE Transactions on Computers.

[3]  Andreas Willig,et al.  Wireless Technology in Industrial Networks , 2005, Proceedings of the IEEE.

[4]  Mikael Gidlund,et al.  Future research challenges in wireless sensor and actuator networks targeting industrial automation , 2011, 2011 9th IEEE International Conference on Industrial Informatics.

[5]  David A. Wagner,et al.  Security considerations for IEEE 802.15.4 networks , 2004, WiSe '04.

[6]  Wilfried Steiner Candidate security solutions for TTEthernet , 2013, 2013 IEEE/AIAA 32nd Digital Avionics Systems Conference (DASC).

[7]  Danai Chasaki,et al.  Packet scheduling attacks on shipboard networked control systems , 2015, 2015 Resilience Week (RWS).

[8]  C. Warren Axelrod Applying lessons from safety-critical systems to security-critical software , 2011, 2011 IEEE Long Island Systems, Applications and Technology Conference.

[9]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[10]  Jürgen Jasperneite,et al.  Computer Communication Within Industrial Distributed Environment—a Survey , 2013, IEEE Transactions on Industrial Informatics.

[11]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[12]  Günther Lackner A Comparison of Security in Wireless Network Standards with a Focus on Bluetooth, WiFi and WiMAX , 2013, Int. J. Netw. Secur..

[13]  Insup Lee,et al.  Sensor Network Security: More Interesting Than You Think , 2006, HotSec.

[14]  Mats Björkman,et al.  Towards secure wireless TTEthernet for industrial process automation applications , 2014, Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA).

[15]  Hermann Kopetz,et al.  Clock Synchronization in Distributed Real-Time Systems , 1987, IEEE Transactions on Computers.

[16]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[17]  Jean-Dominique Decotignie,et al.  Ethernet-Based Real-Time and Industrial Communications , 2005, Proceedings of the IEEE.

[18]  Johan Akerberg ON SAFE AND SECURE COMMUNICATION IN PROCESS AUTOMATION , 2011 .

[19]  Gerhard P. Hancke,et al.  Industrial Wireless Sensor Networks: Challenges, Design Principles, and Technical Approaches , 2009, IEEE Transactions on Industrial Electronics.

[20]  Andreas Willig,et al.  Recent and Emerging Topics in Wireless Industrial Communications: A Selection , 2008, IEEE Transactions on Industrial Informatics.

[21]  P. Neumann,et al.  Architecture and model of Profinet IO , 2004, 2004 IEEE Africon. 7th Africon Conference in Africa (IEEE Cat. No.04CH37590).

[22]  Wenye Wang,et al.  Performance Assessment of Data and Time-Sensitive Wireless Distributed Networked-Control-Systems in Presence of Information Security , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[23]  Christos Koulamas,et al.  Wireless Sensor Network Technologies for Condition Monitoring of Industrial Assets , 2012, APMS.

[24]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[25]  M. Ullmann,et al.  Delay attacks — Implication on NTP and PTP time synchronization , 2009, 2009 International Symposium on Precision Clock Synchronization for Measurement, Control and Communication.

[26]  Mikael Gidlund,et al.  Efficient integration of secure and safety critical industrial wireless sensor networks , 2011, EURASIP J. Wirel. Commun. Netw..

[27]  Thiemo Voigt,et al.  Security considerations for the WirelessHART protocol , 2009, 2009 IEEE Conference on Emerging Technologies & Factory Automation.

[28]  Adriano Valenzano,et al.  Review of Security Issues in Industrial Networks , 2013, IEEE Transactions on Industrial Informatics.

[29]  Apala Ray,et al.  Initial Trust Establishment for Heterogeneous Industrial Communication Networks , 2014 .