Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Cyberspace Safety and Security

CSS 2017: Cyberspace Safety and Security pp 485–493Cite as

TICS: Trusted Industry Control System Based on Hardware Security Module

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10581))

Abstract

The new attack technologies have caused great security threats to industry control system, especially APT attacks such as Stuxnet, BlackEnergy, WannaCrypt. Traditional protection methods fail to defend the hackers attacks on the cyber and physical components of ICS. This paper propose an ICS terminal defense solution in establishing the trustworthiness of with trusted execution environment. The check attestation method is employed to optimize ICS software attestation, and the whitelist mechanism is used to enforce the process execution in terminal. We design and implement a trusted terminal defense system in industry control network. The test results shows that the performance of hardware security module and process enforcement meets the real-time requirements. abstract environment.

Y. Qin—The research presented in this paper is supported by National Natural Science Foundation of China (No. 61402455, No. 61602455).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. National Institute of Standards and Technology: NIST Spp. 800-82 Guide to Industrial Control System (ICS) Security (2011)

    Google Scholar 

  2. International Electrotechnical Commission: IEC Industrial Control Network and System Security Standardization (2013)

    Google Scholar 

  3. National Technical Committee 124 on Standardization Administration of China (SAC/TC124): Evaluation Specification for Security in Industrial Control Network (2010)

    Google Scholar 

  4. Defrawy, K.E., Francillon, A., Perito, D., Tsudik, G.: SMART: secure and minimal architecture for (establishing a dynamic) root of trust. In: Network and Distributed System Security Symposium (NDSS). Internet Society (2012)

    Google Scholar 

  5. Koeberl, P., Schulz, S., Sadeghi, A.-R., et al.: Trustlite: a security architecture for tiny embedded devices. In: Proceedings of the Ninth European Conference on Computer Systems (EuroSys 2014) (2014)

    Google Scholar 

  6. Brasser, F., El Mahjoub, B., Sadeghi, A.-R., et al.: TyTAN: tiny trust anchor for tiny devices. In: Proceedings of the 52nd Annual Design Automation Conference (DAC 2015) (2015)

    Google Scholar 

  7. Sadeghi, A.R., Wachsmann, C, Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 52nd Annual Design Automation Conference, vol. 54. ACM (2015)

    Google Scholar 

  8. Da Xu, L., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Ind. Inform. 10(4), 2233–2243 (2014)

    Article  Google Scholar 

  9. Keoh, S.L., Kumar, S.S., Tschofenig, H.: Securing the internet of things: a standardization perspective. Internet Things J. IEEE 1(3), 265–275 (2014)

    Article  Google Scholar 

  10. Kil, C., Sezer, E.C., Azab, A.M., Ning, P., Zhang, X.: Remote attestation to dynamic system properties: towards providing complete system integrity evidence. In: IEEE/IFIP DSN (2009)

    Google Scholar 

  11. Seshadri, A., Perrig, A., Van Doorn, L., Khosla, P.: SWATT: software-based attestation for embedded devices. In: IEEE S&P (2004)

    Google Scholar 

  12. Li, Y., McCune, J.M., Perrig, A.: VIPER: verifying the integrity of PERipherals firmware. In: ACM CCS (2011)

    Google Scholar 

  13. Seshadri, A., Luk, M., Perrig, A.: SAKE: software attestation for key establishment in sensor networks. Ad Hoc Netw. 9(6) (2008)

    Google Scholar 

  14. Seshadri, A., Luk, M., Perrig, A., Doorn, L.V., Khosla, P.: SCUBA: secure code update by attestation in sensor networks. In: ACM WiSec (2006)

    Google Scholar 

  15. Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: Using FIRE & ICE for detecting and recovering compromised nodes in sensor networks. Technical report, DTIC Document, December 2004

    Google Scholar 

  16. Li, Y., McCune, J.M., Perrig, A.: SBAP: software-based attestation for peripherals. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 16–29. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13869-0_2

    Chapter  Google Scholar 

  17. Armknecht, F., Sadeghi, A.R., Schulz, S., et al.: A security framework for the analysis and design of software attestation. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1–12. ACM (2013)

    Google Scholar 

  18. Coble, K., Wang, W., Chu, B., et al.: Secure software attestation for military telesurgical robot systems. In: Proceedings of Military Communications Conference (MILCOM 2010), pp. 965–970. IEEE (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Trusted Computing and Information Assurance Laboratory, Institute of Software Chinese Academy of Science, Beijing, China

    Yu Qin, Yingjun Zhang & Wei Feng

Authors
  1. Yu Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yingjun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wei Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Qin .

Editor information

Editors and Affiliations

  1. Deakin University , Geelong, China

    Sheng Wen

  2. Fujian Normal University, Fuzhou Shi, China

    Wei Wu

  3. University of Salerno, Fisciano, Italy

    Aniello Castiglione

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Qin, Y., Zhang, Y., Feng, W. (2017). TICS: Trusted Industry Control System Based on Hardware Security Module. In: Wen, S., Wu, W., Castiglione, A. (eds) Cyberspace Safety and Security. CSS 2017. Lecture Notes in Computer Science(), vol 10581. Springer, Cham. https://doi.org/10.1007/978-3-319-69471-9_37

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69471-9_37

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69470-2

  • Online ISBN: 978-3-319-69471-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation