Visible to the public Biblio

Filters: Author is Haas, C.  [Clear All Filters]
2018-02-06
Birnstill, P., Haas, C., Hassler, D., Beyerer, J..  2017.  Introducing Remote Attestation and Hardware-Based Cryptography to OPC UA. 2017 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1–8.

In this paper we investigate whether and how hardware-based roots of trust, namely Trusted Platform Modules (TPMs) can improve the security of the communication protocol OPC UA (Open Platform Communications Unified Architecture) under reasonable assumptions, i.e. the Dolev-Yao attacker model. Our analysis shows that TPMs may serve for generating (RNG) and securely storing cryptographic keys, as cryptocoprocessors for weak systems, as well as for remote attestation. We propose to include these TPM functions into OPC UA via so-called ConformanceUnits, which can serve as building blocks of profiles that are used by clients and servers for negotiating the parameters of a session. Eventually, we present first results regarding the performance of a client-server communication including an additional OPC UA server providing remote attestation of other OPC UA servers.