Remote health monitoring is one of the emerging IoT applications that has attracted the attention of communication and health sectors in recent years. We enable software defined networking in a wireless sensor network to provide easy reconfiguration and at run-time network management. In this way, we devise a multi-objective decision making approach that is implemented at the network intelligence to find the set of optimal paths that routes physiological data over a wireless medium. In this work, the main considered parameters for reliable data communication are path traffic, path consumed energy, and path length. Using multi-objective optimization technique within a case study, we find the best routes that provide reliable data communication.
Congestion control is a challenging issue in wireless sensor networks with limited channel bandwidth. Thus, many protocols have been designed to provide a distributed traffic control during packet forwarding. However, all these approaches are applied to single-hop communication networks, ignoring the multi-hop restrictions. In this work, we take advantage of software defined networking paradigm by devising a controller node in such a way that it collects all the necessary information from wireless sensor network nodes. Thus, based on hop count and local traffic information, controller decides for possible flow path changes to evenly distribute the traffic. The evaluations revealed that the SDN-TAP outperforms conventional routing protocols by reducing packet loss rate up to 46%.
The severity of cyber threats towards existing and future industrial systems has resulted in an increase of security awareness in the industrial automation domain. Compared to traditional information security, industrial communication systems have different performance and reliability requirements. The safety and availability requirements can also sometimes conflict with the system security design of plants. For instance, it is not acceptable to create a secure system which may take up additional time to establish security and as a consequence disrupt the production in plants. Similarly, a system which requires authentication and authorization procedures before any emergency action may not be suitable in industrial plants.
Therefore, there is a need for improvement of the security workflow in industrial plants, so that the security can be realized in practice. This also leads to the requirement of secure device deployment and secure data communication inside the industrial plants. In this thesis, the focus is on the initial trust establishment in industrial devices. The initial trust establishment is the starting point for enabling a secure communication infrastructure. Reusability analysis with financial sectors has been considered as the reuse of security solutions from this adjacent application domain can be a simple and an effective way to achieve the desired system security. Through this analysis, the reusability features have been identified and workflows have been proposed which can be used to bootstrap initial trust in the industrial process control devices and manage security workflow. A proof-of-concept implementation to prove the feasibility of the device deployment workflow has also been provided.
The severity of cyber threats towards existing and future industrial systems has resulted in an increase of security awareness in the industrial automation domain. Compared to traditional information systems, industrial communication systems have different performance and reliability requirements. The safety and availability requirements can also sometimes conflict with the system security design of plants. For instance, it is not acceptable to create a secure system that may take up additional time to establish security and as a consequence disrupt the production in plants. Similarly, a system that requires authentication and authorization procedures before an emergency action may not be suitable in industrial plants. On the other hand, lack of security can hamper safety of a plant. Therefore, there is a need for improvement of the security workflow in industrial plants, so that the practical realization of security can be achieved. This includes secure device deployment and secure data communication inside the industrial plants. Furthermore, the industrial plant networks are heterogeneous in terms of hardware, software, and protocols. This complicates security assessment of industrial networks.
In this thesis, the focus is on achieving a secured communication infrastructure for heterogeneous industrial networks. The initial trust establishment is the starting point for enabling a secure communication infrastructure. A framework for the initial trust establishment for industrial devices that can support key management using the existing trust of employees in a plant is proposed. With the help of a proof-of-concept implementation and security analysis, it is shown that the proposed framework is feasible to implement and satisfies the security objectives. After establishing initial trust within industrial devices, assessing heterogeneous security properties based on the network architecture is another focus of this thesis. A model to estimate the security assurance of nodes in a heterogeneous network, where all devices are not having the same level of security mechanisms, is given. Along with cyber security requirements of industrial plants, it is also necessary to consider other important requirements of plants in terms of network performance. In this thesis, identification of an optimized path between two systems in a heterogeneous network in terms of the network performance and the network security is explored. The applicability of this balancing approach has been demonstrated in a specific case of smart grid application where security, network capacity and reachability need to be optimal for successful network operation.
The security in industrial automation domain using cryptography mechansims is being discussed in both industry and academia. An efficient key management system is required to support cryptography for both symmetric key and public/private key encryption. The key managment should ensure that the device is verified before distributing the initial key parameters to devices. The software/firmware used in the device comes from manufacturers, therefore the initial authenticity of the device can be easily verified with the help of manufacturers. Mobile telecommunication is an industrial segment where wireless devices are being used for a long time and the security of the wireless device management has been considered through a standard driven approach. Therefore, it is interesting to analyse the security authentication mechanisms used in mobile communication, specified in Long-Term-Evolution (LTE) standard. This paper analyses the initial device authentication using public key infrastructure in LTE standard, and discusses if, where and how the studied solutions can be tailored for device authenticity verification in industrial plant automation systems.
In an industrial plant, there is usually a mix of devices with different levels of security features and computation capabilities. If a mix of devices with various degrees of security features and capabilities communicate, the overall network dynamics with respect to security and network performance will be complex. A secure communication path with high latency and low bandwidth may not satisfy the operational requirements in a plant. Therefore, there is a need to assess the relation of security and network performance for overall plant operation. In this work we focus on identifying an optimal flow path between two devices in a multi-hop heterogeneous network. We propose a model and an algorithm to estimate and generate a network path identified by flow performance indicators of a heterogeneous communication network. Through an example, we show how the flow performance metrics change with security, capacity and reachability of the devices in the network.
In any security design, the initial secret distribution for further key management solution is a major step. In industrial wireless sensor networks also, initial bootstrapping of the trust in the system is a major concern. The plant can be assumed to be a closed system, where only authenticated and trusted users are allowed to enter. However, wireless being the broadcast medium, wireless devices need to validate their identity to join the networks. So, there is a need for importing some initial secret key to the devices, so that they can be authenticated during the joining process. The standards for Industrial Wireless Sensor Networks (WirelessHART, ISA100.11a) also have left to the user the initial distribution of the key for joining during device provisioning. In this paper, the current industry practice and the pre-requisite of key distribution in industrial wireless sensor networks is discussed and an outline is presented for future research directions. © 2013 IEEE.
A key aspect of realizing the future smart grid communication solution is a balanced approach between the network performance and the network security during the network deployment. A high security communication flow path is not useful when the network path cannot support capacity and reachability requirements. The deployment phase in communication network can facilitate an optimal network path by focusing on both the network performance and the network security at the same time. In this paper, we describe a use case of smart grid application where security, network capacity and reachability needs to be optimal for successful network operation. We explain our proposed balancing approach of the network performance and the network security which can be useful for the optimal smart grid secure system design.
An efficient key management system is required to support cryptography. Most key management systems use either pre-installed shared keys or install initial security parameters using out-of-band channels. These methods create an additional burden for engineers who manage the devices in industrial plants. Hence, device deployment in industrial plants becomes a challenging task in order to achieve security. In this work, we present a device deployment framework that can support key management using the existing trust towards employees in a plant. This approach reduces the access to initial security parameters by employees; rather it helps to bind the trust of the employee with device commissioning. Thus, this approach presents a unique solution to the device deployment problem. Further, through a proof-of-concept implementation and security analysis using the AVISPA tool, we present that our framework is feasible to implement and satisfies our security objectives.
A growing concern of cyber threats towards industrial plants has prompted industrial practitioners to focus on secure communication solutions which can protect their systems from vulnerabilities and as well as their brand image. The security concerns and the solutions for industrial communication networks have become well-discussed topics in research communities. Despite a huge research effort in the area of industrial communication network security, there are several issues that need to be addressed properly such that a unified security solution can be adopted in the industrial domain. In this article, we aim to outline the research direction for industrial communication security. Though security is considered as an on-going process, the major issues that still need to be addressed are trust management for heterogeneous networks, managing network performance with security requirements, usable security and key management.
Industrial plants are heterogeneous networks with different computation and communication capabilities along with different security properties. The optimal operation of a plant requires a balance between communication capabilities and security features. A secure communication data flow with high latency and low bandwidth does not provide the required efficiency in a plant. Therefore, we focus on assessing the relation of security, capacity and timeliness properties of an industrial network for overall network performance.
Industrial networks have a mix of devices with different security properties. If a mix of devices with various degrees of security features and capabilities communicate, the overall network dynamics with respect to device trust and security of message exchange will be complex. Therefore, there is a need to understand the trust and risk probabilities of devices in a heterogeneous network. This is required for heterogeneous network where the network configuration has to be made based on how trustworthy they are. In this work we focus on assessing security risks for devices and message exchanges. We define the term emph{assurance value} to denote the resilience of a device to security attacks. We study the behavior of a communication network when devices with various degrees of security features exchange messages. We aim to identify the network security properties based on the network architecture. From the study, we propose a model to estimate and predict network security properties in a heterogeneous communication network.
In industrial plants, there is a mix of devices with different security features and capabilities. If there is a mix of devices with various degree of security levels, then this will create independent islands in a network with similar levels of security features. However, the industrial plant is interconnected for the purpose of reducing cost of monitoring with a centralized control center. Therefore, the different islands also need to communicate with each other to improve the asset management efficiency in a plant. In this work we aim to focus on the trustworthiness assessment of devices in industrial plant networks in term of node value. We study the behavior of industrial plant networks when devices with various degrees of security features communicate. We aim to identify network properties which influence the overall network behavior. From the study, we have found that the communication path, the order of different communication paths and the number of specific types of nodes affect the final trustworthiness of devices in the network.
Industrial device commissioning along with the initial distribution of keying material is an important step for the security of industrial plants. An efficient key management system is required in cryptography for both symmetric key or public/private key encryption. Most of the key management system use either pre-installed shared keys or install keys using out-of-band channels. In addition to that, the sensor devices both wired and wireless need to be verified whether it is connected to the correct physical entity since these devices are linked with the physical world. Therefore in industrial plants there is a requirement to automate the trust bootstrapping process, where the devices from upper level in communication network will be aware that the communication device from below level is trusted. In this work, we present a workflow that uses the existing trust mechanism on employees to enable the initial bootstrap of trust in the devices, and also optionally support the commissioning engineer to download the required configuration data in the device as well. Thus, this approach presents a unique solution to the initial trust distribution problem reusing the existing features and facilities in industrial plants
The security of industrial plants has gained a lot of importance since the last decade. The reason is that the different components from different network layers of automation systems have become inter-connected to support fast and cost-effective decisions at the management level. This inter-connectivity has posed many security challenges in this industrial segment. To achieve effective security mechanisms in industrial plants, there is a need to learn from other existing domains, matured in terms of security, whether existing matured security solutions can be reused in the industrial automation domain. The financial sector is a segment where security has been carefully managed since a long time, as security is very important for that sector. Therefore it would be beneficial to evaluate the security mechanisms present in financial card readers which are involved in financial transactions because these card readers have many similar characteristics with industrial process control devices. In this paper, the security requirements for both the field devices of industrial plants and card reader terminals of the financial sector have been evaluated to understand the security gap so that we can identify the areas where the security needs of industrial plants must be improved and where some of the existing security features of card reader terminals can be reused in field devices of industrial plants.
The next-generation electrical power system is focusing on reliable, automated, and secure power grid by using information and communication technology (ICT). To realize the new generation of power grid, the communication network is a decisive piece of the entire smart grid. Communication infrastructure in smart grids is a combination of both wired and wireless technologies. The salient features of wireless technology makes it attractive but the easy access to the radio medium in wireless communication increases the risk of security attacks. Consequently, the concern for cyber security has become an important issue to be addressed in a smart grid network. Intrusion detection and response to these intrusions in a timely manner is a way to improve system integrity. In this paper, we focus on a medium access control (MAC) layer intrusion detection system for wireless networks in smart grids. We propose a multi-level intrusion detection response system (IDRS) framework based on the perception of defense-in-depth. Through a simple simulation study, we verify the working of our proposed framework.