A Novel Edge Security Gateway for End-to-End Protection in Industrial Internet of Things

Research output: Chapter in Book/Report/Conference proceedingConference contribution

37 Downloads (Pure)

Abstract

Many critical industrial control systems integrate a mixture of state-of-the-art and legacy equipment. Legacy installations lack advanced, and often even basic security features, risking entire system security. Existing research primarily focuses on the development of secure protocols for emerging devices or protocol translation proxies for legacy equipment. However, a robust security framework not only needs encryption but also mechanisms to prevent reconnaissance and unauthorized access to industrial devices. This paper proposes a novel Edge Security Gateway (ESG) that provides both, communication and endpoint security. The ESG is based on double ratchet algorithm and encrypts every message with a different key. It manages the ongoing renewal of short-lived session keys and provides localized firewall protection to individual devices. The ESG is easily customizable for a wide range of industrial application. As a use case, this paper presents the design and validation for synchrophasor technology in smart grid. The ESG effectiveness is practically validated in detecting reconnaissance, manipulation, replay, and command injection attacks due to its perfect forward and backward secrecy properties.
Original languageEnglish
Title of host publication2021 IEEE Power and Energy Society General Meeting (PESGM 2021): Proceedings
Publisher IEEE
DOIs
Publication statusPublished - 30 Jan 2021

Publication series

NameIEEE Power & Energy Society General Meeting (PESGM): Proceedings
PublisherIEEE
ISSN (Print)1944-9925
ISSN (Electronic)1944-9933

Fingerprint Dive into the research topics of 'A Novel Edge Security Gateway for End-to-End Protection in Industrial Internet of Things'. Together they form a unique fingerprint.

Cite this