Title | A Novel Edge Security Gateway for End-to-End Protection in Industrial Internet of Things |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Khan, Rafiullah, McLaughlin, Kieran, Kang, BooJoong, Laverty, David, Sezer, Sakir |
Conference Name | 2021 IEEE Power & Energy Society General Meeting (PESGM) |
Keywords | command injection attacks, composability, Image edge detection, industrial control, integrated circuits, Logic gates, Market research, Metrics, Protocols, pubcrawl, Reconnaissance, Resiliency |
Abstract | Many critical industrial control systems integrate a mixture of state-of-the-art and legacy equipment. Legacy installations lack advanced, and often even basic security features, risking entire system security. Existing research primarily focuses on the development of secure protocols for emerging devices or protocol translation proxies for legacy equipment. However, a robust security framework not only needs encryption but also mechanisms to prevent reconnaissance and unauthorized access to industrial devices. This paper proposes a novel Edge Security Gateway (ESG) that provides both, communication and endpoint security. The ESG is based on double ratchet algorithm and encrypts every message with a different key. It manages the ongoing renewal of short-lived session keys and provides localized firewall protection to individual devices. The ESG is easily customizable for a wide range of industrial application. As a use case, this paper presents the design and validation for synchrophasor technology in smart grid. The ESG effectiveness is practically validated in detecting reconnaissance, manipulation, replay, and command injection attacks due to its perfect forward and backward secrecy properties. |
DOI | 10.1109/PESGM46819.2021.9638002 |
Citation Key | khan_novel_2021 |