Securing IIoT using Defence-in-Depth: Towards an End-to-End secure Industry 4.0

Industry 4.0 uses a subset of the IoT, called Industrial IoT (IIoT) to achieve connectivity, interoperability and decentralisation. The deployment of industrial networks rarely considers security by design, but this becomes imperative in smart manufacturing as connectivity increases. The combination...

Descripción completa

Detalles Bibliográficos
Autores: Mosteiro Sánchez, Aintzane, Barceló, Marc, Astorga Burgo, Jasone, Urbieta Aizpurua, Aitor
Tipo de recurso: artículo
Fecha de publicación:2020
País:España
Institución:Universidad del País Vasco
Repositorio:Addi. Archivo Digital para la Docencia y la Investigación
OAI Identifier:oai:addi.ehu.eus:10810/76520
Acceso en línea:http://hdl.handle.net/10810/76520
Access Level:acceso abierto
Palabra clave:Industry 4.0
IIoT
E2E security
defense in depth
OSCORE
attribute based encryption
Descripción
Sumario:Industry 4.0 uses a subset of the IoT, called Industrial IoT (IIoT) to achieve connectivity, interoperability and decentralisation. The deployment of industrial networks rarely considers security by design, but this becomes imperative in smart manufacturing as connectivity increases. The combination of OT and IT infrastructures in Industry 4.0 adds new security threats beyond those of traditional industrial networks. Defence-in-Depth (DiD) strategies tackle the complexity of this problem by providing multiple defence layers, each of these focusing on a particular set of threats. Additionally, the severe requirements of IIoT networks demand lightweight encryption algorithms. Nevertheless, these ciphers must provide E2E (End-to-End) security, as data pass through intermediate entities, or middleboxes, before reaching its destination. If compromised, middleboxes could expose vulnerable information to potential attackers if it is not encrypted throughout this path. This paper presents an analysis of the most relevant security strategies in Industry 4.0, focusing primarily on DiD. With these in mind, it proposes a combination of DiD, a lightweight E2E encryption algorithm called Attribute-Based-Encryption (ABE) and object security (i.e., OSCORE) to get a full E2E security approach. This analysis is a critical first step to develop more complex and lightweight security frameworks suitable for Industry 4.0.