Advertisement

Gateway for Industrial Cyber-Physical Systems with Hardware-Based Trust Anchors

  • Diethelm BienhausEmail author
  • Lukas Jäger
  • Roland Rieke
  • Christoph Krauß
Conference paper
  • 197 Downloads
Part of the Studies in Computational Intelligence book series (SCI, volume 868)

Abstract

Industrial Cyber-Physical Systems require appropriate security mechanisms to provide protection against cyber attackers. In this paper, we propose a security architecture for a gateway connecting production and cloud systems. A Trusted Platform Module 2.0 is used for protecting the cryptographic keys used in secure communication protocols and to provide protection against illegitimate firmware manipulation. As proof of concept, we implemented the key protection functionality with a TPM 2.0 for the OPC UA protocol.

Keywords

Industrial cyber-physical systems security Gateway security Open Platform Communications Unified Architecture (OPC UA) security Trustworthy systems Industrial Internet of Things Measured boot Trusted Platform Module 

Notes

Acknowledgements

This project (HA project no. 574/17-56) is funded in the framework of Hessen ModellProjekte, financed with funds of LOEWE – Landes-Offensive zur Entwicklung Wissenschaftlich-ökonomischer Exzellenz, Förderlinie 3: KMU-Verbundvorhaben (State Offensive for the Development of Scientific and Economic Excellence).

References

  1. 1.
    Integrity Measurement Architecture (IMA). https://sourceforge.net/p/linux-ima/wiki/Home/. Accessed 18 June 2019
  2. 2.
    MbedTLS. https://github.com/ARMmbed/mbedtls. Accessed 18 June 2019
  3. 3.
    open62541. https://github.com/open62541/open62541. Accessed 18 June 2019
  4. 4.
    OpenSSL. https://www.openssl.org/. Accessed 18 June 2019
  5. 5.
    OpenSSL engine for TPM2 devices. https://github.com/tpm2-software/tpm2-tss-engine. Accessed 25 Apr 2019
  6. 6.
    OSS implementation of the TCG TPM2 software stack (TSS2). https://github.com/tpm2-software/tpm2-tss. Accessed 25 Apr 2019
  7. 7.
    Unified architecture part 2: security model. https://opcfoundation.org/developer-tools/specifications-unified-architecture/part-2-security-model. Accessed 18 June 2019
  8. 8.
    Bull, P., Austin, R., Popov, E., Sharma, M., Watson, R.: Flow based security for IoT devices using an SDN gateway. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 157–163 (2016).  https://doi.org/10.1109/FiCloud.2016.30
  9. 9.
    Elleithy, K., Sobh, T., Iskander, M., Kapila, V., Karim, M., Mahmood, A.: Technological Developments in Networking, Education and Automation. Springer, Amsterdam (2010)CrossRefGoogle Scholar
  10. 10.
    Federal Office for Information Security: OPC UA security analysis. Technical report (2017). https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/OPCUA/OPCUA.html
  11. 11.
    Gaj, P., Kwiecień, A., Sawicki, M.: Computer Networks: 24th International Conference, CN 2017, Lądek Zdrój, Poland, June 20–23, 2017, Proceedings. Communications in Computer and Information Science. Springer International Publishing (2017)Google Scholar
  12. 12.
    Mala, D.: Integrating the Internet of Things into software engineering practices. In: Advances in Systems Analysis, Software Engineering, and High Performance Computing, pp. 2327–3453. IGI Global (2019). https://books.google.de/books?id=GPGCDwAAQBAJ
  13. 13.
    Mitchell, C.: Trusted Computing. Institution of Electrical Engineers, London (2005)CrossRefGoogle Scholar
  14. 14.
    OPC Foundation: Practical security recommendations for building OPC UA applications. Technical report, OPC Foundation (2018). https://opcfoundation.org/wp-content/uploads/2017/11/OPC-UA-Security-Advise-EN.pdf
  15. 15.
    Raj, P., Raman, A.: The Internet of Things: Enabling Technologies, Platforms, and Use Cases. CRC Press (2017). https://books.google.de/books?id=cLI0DgAAQBAJ
  16. 16.
    Rein, A., Rieke, R., Jäger, M., Kuntze, N., Coppolino, L.: Trust Establishment in Cooperating Cyber-Physical Systems. Lecture Notes in Computer Science, vol. 9588, pp. 31–47. Springer International Publishing, Cham (2016).  https://doi.org/10.1007/978-3-319-40385-4_3CrossRefGoogle Scholar
  17. 17.
    Rinaldi, J.: OPC UA Unified Architecture: The Everyman’s Guide to the Most Important Information Technology in Industrial Automation. CreateSpace Independent Publishing Platform, Scotts Valley (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Diethelm Bienhaus
    • 1
    Email author
  • Lukas Jäger
    • 2
  • Roland Rieke
    • 2
  • Christoph Krauß
    • 2
  1. 1.Institute of Technical-Informatics, Department of Mathematics, Natural Sciences and Computer ScienceUniversity of Applied Sciences MittelhessenGiessenGermany
  2. 2.Fraunhofer Institute for Secure Information TechnologyDarmstadtGermany

Personalised recommendations