Top

Published in:

2017 | OriginalPaper | Chapter

Supporting the Integration of New Security Features in Embedded Control Devices Through the Digitalization of Production

Authors : Tobias Rauter, Johannes Iber, Michael Krisper, Christian Kreiner

Published in: Systems, Software and Services Process Improvement

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Security is a vital property of Industrial Control Systems (ICS), especially in the context of critical infrastructure. In this work, we focus on distributed control devices for hydro-electric power plants. Much work has been done for specific lifecylce phases of distributed control devices such as development or operational phase. Our aim here is to consider the entire product lifecycle and the consequences of security feature implementations for a single lifecycle stage on other stages. At the same time, recent trends such as the digitization of production is an enabler of production process extensions that support the integration of such security features during the operational phase of a control devices. In particular, we propose a security concept that enables assurance of the integrity of software components and product configuration of other control devices in the same network. Moreover, we show how these concepts result in additional requirements for the production stages. We show how we meet these requirements and focus on a production process by extending previously proposed methods that enable the commissioning of secrets such as private keys during the manufacturing phase. We extend this process by extracting information about the configurations of the actually produced devices during production. Based on this information, the proposed security techniques can be integrated without considerable overhead for bootstrapping.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Chances for Virtual and Augmented Reality Along the Value Chain

next chapter A Conceptual Mixed Realities (AR/VR) Capability Maturity Model – With Special Emphasis on Implementation

Here, certification is achieved through using public-key cryptography. The private part of the key represent the device secret. The public part signed by the OEM and augmented with meta-information to generate the certificate.

Ceccato, M., Ofek, Y., Tonella, P.: A protocol for property-based attestation. Theory Pract. Comput. Sci. 7 (2008). http://portal.acm.org/citation.cfm?doid=1179474.1179479, http://link.springer.com/chapter/10.1007/978-3-540-77566-9_8

Chen, L., Löhr, H., Manulis, M., Sadeghi, A.-R.: Property-based attestation without a trusted third party. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 31–46. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85886-7_3 CrossRef

Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., O’Hanlon, B., Ramsdell, J., Segall, A., Sheehy, J., Sniffen, B.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011)CrossRef

Sharing, E.I., Center, A.: Analysis of the cyber attack on the ukrainian power grid. Technical report (2016)

Fischer, K., Gesner, J.: Security architecture elements for IoT enabled automation networks. In: International Conference on Emerging Technologies and Factory Automation (2012)

Kylänpää, M., Rantala, A.: Remote attestation for embedded systems. In: Security of Industrial Control Systems and Cyber Physical Systems (2015)

Liserre, M., Sauter, T., Hung, J.: Future energy systems: integrating renewable energy sources into the smart power grid through industrial electronics. IEEE Ind. Electron. Mag. 4(1), 18–37 (2010). http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=5439057 CrossRef

Miller, B., Rowe, D.: A survey SCADA of and critical infrastructure incidents. In: Annual Conference on Research in Information Technology p. 51 (2012). http://dl.acm.org/citation.cfm?doid=2380790.2380805

Mitchell, R., Chen, I.R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 1–29 (2014)CrossRef

10.

Rauter, T., Höller, A., Iber, J., Kreiner, C.: Development and production processes for secure embedded control devices. In: Kreiner, C., Connor, R., Poth, A., Messnarz, R. (eds.) EuroSPI 2016. Communications in Computer and Information Science, vol. 633, pp. 119–131. Springer, Cham (2016). doi:10.1007/978-3-319-44817-6_10 CrossRef

11.

Rauter, T., Iber, J., Krisper, M., Kreiner, C.: Integration of integrity enforcing technologies into embedded control devices: experiences and evaluation. In: The 22nd IEEE Pacific Rim International Symposium on Dependable Computing (2017)

12.

Sadeghi, A., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms, pp. 67–77 (2004). http://dl.acm.org/citation.cfm?id=1066038

13.

Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: USENIX Security (2004)

14.

Urbina, D.I., Giraldo, J., Cardenas, A.A., Tippenhauer, N.O., Valente, J., Faisal, M., Ruths, J., Candell, R., Sandberg, H.: Limiting the impact of stealthy attacks on industrial control systems. In: 23rd ACM Conference on Computer and Communications Security (2016)

Title: Supporting the Integration of New Security Features in Embedded Control Devices Through the Digitalization of Production
Authors: Tobias Rauter
Johannes Iber
Michael Krisper
Christian Kreiner
Publisher: Springer International Publishing
Book: Systems, Software and Services Process Improvement
Print ISBN: 978-3-319-64217-8

Electronic ISBN: 978-3-319-64218-5

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-64218-5_30

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner