https://www.mdu.se/

In any security design, the initial secret distribution for further key management solution is a major step. In industrial wireless sensor networks also, initial bootstrapping of the trust in the system is a major concern. The plant can be assumed to be a closed system, where only authenticated and trusted users are allowed to enter. However, wireless being the broadcast medium, wireless devices need to validate their identity to join the networks. So, there is a need for importing some initial secret key to the devices, so that they can be authenticated during the joining process. The standards for Industrial Wireless Sensor Networks (WirelessHART, ISA100.11a) also have left to the user the initial distribution of the key for joining during device provisioning. In this paper, the current industry practice and the pre-requisite of key distribution in industrial wireless sensor networks is discussed and an outline is presented for future research directions. © 2013 IEEE.

The security of industrial plants has gained a lot of importance since the last decade. The reason is that the different components from different network layers of automation systems have become inter-connected to support fast and cost-effective decisions at the management level. This inter-connectivity has posed many security challenges in this industrial segment. To achieve effective security mechanisms in industrial plants, there is a need to learn from other existing domains, matured in terms of security, whether existing matured security solutions can be reused in the industrial automation domain. The financial sector is a segment where security has been carefully managed since a long time, as security is very important for that sector. Therefore it would be beneficial to evaluate the security mechanisms present in financial card readers which are involved in financial transactions because these card readers have many similar characteristics with industrial process control devices. In this paper, the security requirements for both the field devices of industrial plants and card reader terminals of the financial sector have been evaluated to understand the security gap so that we can identify the areas where the security needs of industrial plants must be improved and where some of the existing security features of card reader terminals can be reused in field devices of industrial plants.

Industrial device commissioning along with the initial distribution of keying material is an important step for the security of industrial plants. An efficient key management system is required in cryptography for both symmetric key or public/private key encryption. Most of the key management system use either pre-installed shared keys or install keys using out-of-band channels. In addition to that, the sensor devices both wired and wireless need to be verified whether it is connected to the correct physical entity since these devices are linked with the physical world. Therefore in industrial plants there is a requirement to automate the trust bootstrapping process, where the devices from upper level in communication network will be aware that the communication device from below level is trusted. In this work, we present a workflow that uses the existing trust mechanism on employees to enable the initial bootstrap of trust in the devices, and also optionally support the commissioning engineer to download the required configuration data in the device as well. Thus, this approach presents a unique solution to the initial trust distribution problem reusing the existing features and facilities in industrial plants