Abstract
Industrial Cyber-Physical Systems require appropriate security mechanisms to provide protection against cyber attackers. In this paper, we propose a security architecture for a gateway connecting production and cloud systems. A Trusted Platform Module 2.0 is used for protecting the cryptographic keys used in secure communication protocols and to provide protection against illegitimate firmware manipulation. As proof of concept, we implemented the key protection functionality with a TPM 2.0 for the OPC UA protocol.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Integrity Measurement Architecture (IMA). https://sourceforge.net/p/linux-ima/wiki/Home/. Accessed 18 June 2019
MbedTLS. https://github.com/ARMmbed/mbedtls. Accessed 18 June 2019
open62541. https://github.com/open62541/open62541. Accessed 18 June 2019
OpenSSL. https://www.openssl.org/. Accessed 18 June 2019
OpenSSL engine for TPM2 devices. https://github.com/tpm2-software/tpm2-tss-engine. Accessed 25 Apr 2019
OSS implementation of the TCG TPM2 software stack (TSS2). https://github.com/tpm2-software/tpm2-tss. Accessed 25 Apr 2019
Unified architecture part 2: security model. https://opcfoundation.org/developer-tools/specifications-unified-architecture/part-2-security-model. Accessed 18 June 2019
Bull, P., Austin, R., Popov, E., Sharma, M., Watson, R.: Flow based security for IoT devices using an SDN gateway. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 157–163 (2016). https://doi.org/10.1109/FiCloud.2016.30
Elleithy, K., Sobh, T., Iskander, M., Kapila, V., Karim, M., Mahmood, A.: Technological Developments in Networking, Education and Automation. Springer, Amsterdam (2010)
Federal Office for Information Security: OPC UA security analysis. Technical report (2017). https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/OPCUA/OPCUA.html
Gaj, P., Kwiecień, A., Sawicki, M.: Computer Networks: 24th International Conference, CN 2017, Lądek Zdrój, Poland, June 20–23, 2017, Proceedings. Communications in Computer and Information Science. Springer International Publishing (2017)
Mala, D.: Integrating the Internet of Things into software engineering practices. In: Advances in Systems Analysis, Software Engineering, and High Performance Computing, pp. 2327–3453. IGI Global (2019). https://books.google.de/books?id=GPGCDwAAQBAJ
Mitchell, C.: Trusted Computing. Institution of Electrical Engineers, London (2005)
OPC Foundation: Practical security recommendations for building OPC UA applications. Technical report, OPC Foundation (2018). https://opcfoundation.org/wp-content/uploads/2017/11/OPC-UA-Security-Advise-EN.pdf
Raj, P., Raman, A.: The Internet of Things: Enabling Technologies, Platforms, and Use Cases. CRC Press (2017). https://books.google.de/books?id=cLI0DgAAQBAJ
Rein, A., Rieke, R., Jäger, M., Kuntze, N., Coppolino, L.: Trust Establishment in Cooperating Cyber-Physical Systems. Lecture Notes in Computer Science, vol. 9588, pp. 31–47. Springer International Publishing, Cham (2016). https://doi.org/10.1007/978-3-319-40385-4_3
Rinaldi, J.: OPC UA Unified Architecture: The Everyman’s Guide to the Most Important Information Technology in Industrial Automation. CreateSpace Independent Publishing Platform, Scotts Valley (2016)
Acknowledgements
This project (HA project no. 574/17-56) is funded in the framework of Hessen ModellProjekte, financed with funds of LOEWE – Landes-Offensive zur Entwicklung Wissenschaftlich-ökonomischer Exzellenz, Förderlinie 3: KMU-Verbundvorhaben (State Offensive for the Development of Scientific and Economic Excellence).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Bienhaus, D., Jäger, L., Rieke, R., Krauß, C. (2020). Gateway for Industrial Cyber-Physical Systems with Hardware-Based Trust Anchors. In: Kotenko, I., Badica, C., Desnitsky, V., El Baz, D., Ivanovic, M. (eds) Intelligent Distributed Computing XIII. IDC 2019. Studies in Computational Intelligence, vol 868. Springer, Cham. https://doi.org/10.1007/978-3-030-32258-8_61
Download citation
DOI: https://doi.org/10.1007/978-3-030-32258-8_61
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-32257-1
Online ISBN: 978-3-030-32258-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)