Advanced

Security Solutions for Constrained Devices in Cyber-Physical Systems

Gunnarsson, Martin LU (2020) In Series of licentiate and doctoral theses
Abstract
Industrial Control Systems (ICS) are becoming more and more connected. While
connecting systems increases flexibility productivity in ICS, it also introduces risks and security vulnerabilities. Media have reported several cyberattacks against ICS, and security is a top priority in the next generation of ICS. High availability requirements and severe consequences of cyber-attacks make securing ICS a challenging problem.
In the next generation of industrial control systems, often called Industry 4.0,
most parts are assumed to be connected. These connected things are classified as Industrial Internet of Things (IIoT). The scale of deployment of these IIoT devices requires special considerations and solutions.
This thesis will... (More)
Industrial Control Systems (ICS) are becoming more and more connected. While
connecting systems increases flexibility productivity in ICS, it also introduces risks and security vulnerabilities. Media have reported several cyberattacks against ICS, and security is a top priority in the next generation of ICS. High availability requirements and severe consequences of cyber-attacks make securing ICS a challenging problem.
In the next generation of industrial control systems, often called Industry 4.0,
most parts are assumed to be connected. These connected things are classified as Industrial Internet of Things (IIoT). The scale of deployment of these IIoT devices requires special considerations and solutions.
This thesis will present work on security for industrial control systems and
cyber-physical systems. The contributions include protocols for secure communications in small, connected IIOT devices and schemes for security life cycle management of industrial control systems.
On the topic of protocols, this contribution consists of two papers. The first
is an evaluation of the recently standardized protocol OSCORE, in terms of effi-
ciency, to investigate its suitability for constrained devices. We also, in the second paper, propose a novel way of encrypting sensor data in transit to a remote server for analytics so that the sender’s identity remains hidden.
The long lifetimes of ICS require the management of devices over an extended
time. On this topic, we also include two papers. In the first, we have utilized the
new concept Digital Twin, for a security architecture where physical components are synchronized to a Digital Twin, to keep track of their security status. In the final paper, we observed that long lifetimes of devices in ICS also introduces the problem of how to deal with the ownership change. We have designed a protocol that transfers the ownership of IoT devices from one entity to another. (Less)
Please use this url to cite or link to this publication:
author
supervisor
organization
publishing date
type
Thesis
publication status
published
subject
in
Series of licentiate and doctoral theses
issue
128
pages
144 pages
publisher
Elektro- och informationsteknik
ISSN
1654-790X
ISBN
978-91-7895-444-5
978-91-7895-445-2
language
English
LU publication?
yes
id
46a4059e-a35d-42e2-91b7-2f228316614f
date added to LUP
2020-03-05 20:37:39
date last changed
2020-07-20 09:36:17
@misc{46a4059e-a35d-42e2-91b7-2f228316614f,
  abstract     = {Industrial Control Systems (ICS) are becoming more and more connected. While<br/>connecting systems increases flexibility productivity in ICS, it also introduces risks and security vulnerabilities. Media have reported several cyberattacks against ICS, and security is a top priority in the next generation of ICS. High availability requirements and severe consequences of cyber-attacks make securing ICS a challenging problem.<br/>In the next generation of industrial control systems, often called Industry 4.0,<br/>most parts are assumed to be connected. These connected things are classified as Industrial Internet of Things (IIoT). The scale of deployment of these IIoT devices requires special considerations and solutions.<br/>This thesis will present work on security for industrial control systems and<br/>cyber-physical systems. The contributions include protocols for secure communications in small, connected IIOT devices and schemes for security life cycle management of industrial control systems.<br/>On the topic of protocols, this contribution consists of two papers. The first<br/>is an evaluation of the recently standardized protocol OSCORE, in terms of effi-<br/>ciency, to investigate its suitability for constrained devices. We also, in the second paper, propose a novel way of encrypting sensor data in transit to a remote server for analytics so that the sender’s identity remains hidden.<br/>The long lifetimes of ICS require the management of devices over an extended<br/>time. On this topic, we also include two papers. In the first, we have utilized the<br/>new concept Digital Twin, for a security architecture where physical components are synchronized to a Digital Twin, to keep track of their security status. In the final paper, we observed that long lifetimes of devices in ICS also introduces the problem of how to deal with the ownership change. We have designed a protocol that transfers the ownership of IoT devices from one entity to another.},
  author       = {Gunnarsson, Martin},
  isbn         = {978-91-7895-444-5},
  issn         = {1654-790X},
  language     = {eng},
  month        = {03},
  note         = {Licentiate Thesis},
  number       = {128},
  publisher    = {Elektro- och informationsteknik},
  series       = {Series of licentiate and doctoral theses},
  title        = {Security Solutions for Constrained Devices in Cyber-Physical Systems},
  url          = {https://lup.lub.lu.se/search/ws/files/76905617/lic_avhandling_2020_03_05.pdf},
  year         = {2020},
}