Towards post-quantum security for cyber-physical systems: Integrating PQC into industrial M2M communication1

2021 ◽  
pp. 1-31
Author(s):  
Sebastian Paul ◽  
Patrik Scheible ◽  
Friedrich Wiemer
Keyword(s):  
Quantum Computer ◽  
Mutual Authentication ◽  
Cyber Physical Systems ◽  
Transport Layer ◽  
Superior Performance ◽  
Symbolic Model ◽  
Physical Systems ◽  
Open Platform ◽  
Hybrid Solution ◽  
Security Levels

The threat of a cryptographically relevant quantum computer contributes to an increasing interest in the field of post-quantum cryptography (PQC). Compared to existing research efforts regarding the integration of PQC into the Transport Layer Security (TLS) protocol, industrial communication protocols have so far been neglected. Since industrial cyber-physical systems (CPS) are typically deployed for decades, protection against such long-term threats is needed. In this work, we propose two novel solutions for the integration of post-quantum (PQ) primitives (digital signatures and key establishment) into the industrial protocol Open Platform Communications Unified Architecture (OPC UA): a hybrid solution combining conventional cryptography with PQC and a solution solely based on PQC. Both approaches provide mutual authentication between client and server and are realized with certificates fully compliant to the X.509 standard. We implement the two solutions and measure and evaluate their performance across three different security levels. All selected algorithms (Kyber, Dilithium, and Falcon) are candidates for standardization by the National Institute of Standards and Technology (NIST). We show that Falcon is a suitable option – especially – when using floating-point hardware provided by our ARM-based evaluation platform. Our proposed hybrid solution provides PQ security for early adopters but comes with additional performance and communication requirements. Our solution solely based on PQC shows superior performance across all evaluated security levels in terms of handshake duration compared to conventional OPC UA but comes at the cost of increased handshake sizes. In addition to our performance evaluation, we provide a proof of security in the symbolic model for our two PQC-based variants of OPC UA. For this proof, we use the cryptographic protocol verifier ProVerif and formally verify confidentiality and authentication properties of our quantum-resistant variants.

scholarly journals IoT-Based Digital Twin for Energy Cyber-Physical Systems: Design and Implementation

Energies ◽  
2020 ◽  
Vol 13 (18) ◽  
pp. 4762 ◽  
Author(s):  
Ahmed Saad ◽  
Samy Faddel ◽  
Osama Mohammed
Keyword(s):  
Power Systems ◽  
Systems Design ◽  
Cyber Physical Systems ◽  
Superior Performance ◽  
Physical Systems ◽  
Digital Twin ◽  
Power And Control ◽  
Amazon Web Services ◽  
High Bandwidth ◽  
And Control

With the emergence of distributed energy resources (DERs), with their associated communication and control complexities, there is a need for an efficient platform that can digest all the incoming data and ensure the reliable operation of the power system. The digital twin (DT) is a new concept that can unleash tremendous opportunities and can be used at the different control and security levels of power systems. This paper provides a methodology for the modelling of the implementation of energy cyber-physical systems (ECPSs) that can be used for multiple applications. Two DT types are introduced to cover the high-bandwidth and the low-bandwidth applications that need centric oversight decision making. The concept of the digital twin is validated and tested using Amazon Web Services (AWS) as a cloud host that can incorporate physical and data models as well as being able to receive live measurements from the different actual power and control entities. The experimental results demonstrate the feasibility of the real-time implementation of the DT for the ECPS based on internet of things (IoT) and cloud computing technologies. The normalized mean-square error for the low-bandwidth DT case was 3.7%. In the case of a high-bandwidth DT, the proposed method showed superior performance in reconstructing the voltage estimates, with 98.2% accuracy from only the controllers’ states.

scholarly journals Hash-MAC-DSDV: Mutual Authentication for Intelligent IoT-Based Cyber-Physical Systems

2021 ◽  
pp. 1-1
Author(s):  
Muhammad Adil ◽  
Mian Ahmad Jan ◽  
Spyridon Mastorakis ◽  
Houbing Song ◽  
Muhammad Mohsin Jadoon ◽  
...  
Keyword(s):  
Mutual Authentication ◽  
Cyber Physical Systems ◽  
Physical Systems

scholarly journals A Literature Survey on Open Platform Communications (OPC) Applied to Advanced Industrial Environments

Electronics ◽  
2019 ◽  
Vol 8 (5) ◽  
pp. 510 ◽  
Author(s):  
Isaías González ◽  
Antonio José Calderón ◽  
João Figueiredo ◽  
João M. C. Sousa
Keyword(s):  
Scientific Literature ◽  
Cyber Physical Systems ◽  
Literature Survey ◽  
Information Communication ◽  
Research Directions ◽  
Broad Perspective ◽  
Physical Systems ◽  
Open Platform ◽  
Open Research ◽  
Distributed Components

Extensive digitization and interconnection through networks have ushered in a number of new paradigms over the last years: Internet of Things, cyber–physical systems, Industry 4.0, etc. These challenging systems rely on an effective information communication between distributed components. Therefore, the heterogeneity of entities, both hardware and software, must be handled to achieve an operative interoperability and a proper behavior. However, there is also a heterogeneous availability of solutions; different technologies, protocols, and architectures aim to achieve a seamless interconnection. Henceforth, the standardization still requires great efforts from industrial and scientific environments. In this sense, the interface of the open platform communications (OPC) has supported connectivity for automation and supervision infrastructures for more than two decades. The OPC comprises the so-called classic OPC, the original protocol, as well as the last specification, unified architecture (UA). The widespread utilization of the classic OPC together with the powerful functionalities of OPC UA, make the latter one of the main candidates to lead the standardization and systems integration. This paper presents a survey of recent OPC-based systems reported in scientific literature for different domains as well as research projects. The goal of this paper is to provide a broad perspective about the OPC’ applicability and capabilities in order to support the decision about communication interfaces. The results are analyzed and discussed putting special attention on the aforementioned new paradigms. Finally, the main conclusions and open research directions are highlighted.

Emerging Cyber-Physical Systems : An Overview

2018 ◽  
pp. 306-316
Author(s):  
Okolie S.O. ◽  
Kuyoro S.O. ◽  
Ohwo O. B
Keyword(s):  
Health Care ◽  
Economic Benefit ◽  
Physical World ◽  
Cyber Physical Systems ◽  
Cyber Physical System ◽  
Economic Sectors ◽  
Strategic Research ◽  
Physical Systems ◽  
Security Issues ◽  
Wide Range

Cyber-Physical Systems (CPS) will revolutionize how humans relate with the physical world around us. Many grand challenges await the economically vital domains of transportation, health-care, manufacturing, agriculture, energy, defence, aerospace and buildings. Exploration of these potentialities around space and time would create applications which would affect societal and economic benefit. This paper looks into the concept of emerging Cyber-Physical system, applications and security issues in sustaining development in various economic sectors; outlining a set of strategic Research and Development opportunities that should be accosted, so as to allow upgraded CPS to attain their potential and provide a wide range of societal advantages in the future.

Security of Cyber-Physical Systems: A Generalized Algorithm for Intrusion Detection and Determining Security Robustness of Cyber Physical Systems using Logical Truth Tables

2013 ◽  
Vol 9 ◽  
Author(s):  
Curtis G. Northcutt
Keyword(s):  
Intrusion Detection ◽  
Cyber Security ◽  
Logical Truth ◽  
Cyber Physical Systems ◽  
Security Model ◽  
Security Measures ◽  
Physical Systems ◽  
Multiple Signal ◽  
Security Attack ◽  
Truth Tables

The recent proliferation of embedded cyber components in modern physical systems [1] has generated a variety of new security risks which threaten not only cyberspace, but our physical environment as well. Whereas earlier security threats resided primarily in cyberspace, the increasing marriage of digital technology with mechanical systems in cyber-physical systems (CPS), suggests the need for more advanced generalized CPS security measures. To address this problem, in this paper we consider the first step toward an improved security model: detecting the security attack. Using logical truth tables, we have developed a generalized algorithm for intrusion detection in CPS for systems which can be defined over discrete set of valued states. Additionally, a robustness algorithm is given which determines the level of security of a discrete-valued CPS against varying combinations of multiple signal alterations. These algorithms, when coupled with encryption keys which disallow multiple signal alteration, provide for a generalized security methodology for both cyber-security and cyber-physical systems.

Sign in / Sign up

Export Citation Format

Share Document