Skip to main content

Advertisement

SpringerLink
Log in

Resilient sensor authentication in SCADA by integrating physical unclonable function and blockchain

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Industrial Control Systems and Supervisory Control and Data Acquisition (ICS/SCADA) systems are profound backbones of the national critical infrastructures and are essential to the sustainability of society since they help monitoring and controlling the cyber-enable services, such as energy, transportation, healthcare, etc. Modern SCADA systems continue to use the legacy communication protocols that lack adequate security mechanisms to provide trusted device authentication and ensure data flow integrity. Furthermore, advent of state-of-the-art network-capable sensor technology exposes many unique vulnerabilities to the adversaries. Thus, integrity of the data originated from field sensors along with their identity must be managed carefully in order to enhance reliability of ICS/SCADA ecosystems. In this paper, we present a blockchain-based SRAM PUF Authentication and Integrity (BloSPAI) protocol that aims to ensure a continuous authentication of field sensors and provide a robust data flow integrity process by leveraging distributed ledger and hardware security primitives. The prototype of the protocol has been implemented in a sensor-integrated Raspberry PI testbed that is interfaced with a permissioned blockchain network. We discuss the performance and overhead aspects of the proposed BloSPAI protocol and compare with state-of-art cybersecurity solutions. Through experimental evaluation demonstrates the relationship between the size of the blockchain network impacts the throughput in terms of time to commit transactions and overall systems setup time.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

Similar content being viewed by others

References

  1. Do, V.L., Fillatre, L., Nikiforov, I., Willett, P.: Security of SCADA systems against cyber-physical attacks. IEEE Aerosp. Electron. Syst. Mag. 32(5), 28–45 (2017)

    Article  Google Scholar 

  2. Kshetri, N., Voas, J.: Hacking power grids: a current problem. Computer 50(12), 91–95 (2017)

    Article  Google Scholar 

  3. You, W., Ge, H.: Design and implementation of modbus protocol for intelligent building security. In: Presented at the (2019)

  4. Lu, G., Feng, D., Huang, B.: Hidden Markov model-based attack detection for networked control systems subject to random packet dropouts. IEEE Trans. Ind. Electron. 68(1), 642–653 (2020)

    Article  Google Scholar 

  5. Gomez Rivera, A.O., Tosh, D.K., Acosta, J.C., Njilla, L.: Achieving sensor identification and data flow integrity in critical cyber-physical infrastructures. In: Presented at the (2020)

  6. Sadeghi, A., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6 (June 2015)

  7. Moghimi, D., Sunar, B., Eisenbarth, T., Heninger, N.: Tpm-fail: TPM meets timing and lattice attacks. In: Proceedings of the 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, pp. 2057–2073 (Aug. 2020)

  8. Pinto, S., Santos, N.: Demystifying arm trustzone: a comprehensive survey. ACM Comput. Surv. 51(6), 1–36 (2019). https://doi.org/10.1145/3291047

    Article  Google Scholar 

  9. Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V., et al.: Blockchain technology: beyond bitcoin. Appl. Innov. 2(6–10), 71 (2016)

    Google Scholar 

  10. Braeken, A.: Puf based authentication protocol for iot. Symmetry 10(8), 352 (2018)

    Article  Google Scholar 

  11. Chatterjee, U., Govindan, V., Sadhukhan, R., Mukhopadhyay, D., Chakraborty, R.S., Mahata, D., Prabhu, M.M.: Building puf based authentication and key exchange protocol for iot without explicit CRPS in verifier database. IEEE Trans. Depend. Secure Comput. 16(3), 424–437 (2019)

    Article  Google Scholar 

  12. Feng, W., Qin, Y., Zhao, S., Feng, D.: Aaot: lightweight attestation and authentication of low-resource things in iot and cps. Comput. Netw. 134, 167–182 (2018)

    Article  Google Scholar 

  13. Sajim, A.S.: Open-source software-based sram-puf for secure data and key storage using off-the-shelf sram. M.S. thesis, Delf University of Technology. https://github.com/Tribler/software-based-PUF/blob/master/ThesisReport/thesis.pdf (2018)

  14. Yang, T., Zhai, F., Liu, J., Wang, M., Pen, H.: Self-organized cyber physical power system blockchain architecture and protocol. Int. J. Distrib. Sens. Netw. 14(10), 1550147718803311 (2018)

    Google Scholar 

  15. Musleh, A.S., Yao, G., Muyeen, S.M.: Blockchain applications in smart grid-review and frameworks. IEEE Access 7, 86 746-86 757 (2019)

    Article  Google Scholar 

  16. Zhao, W., Jiang, C., Gao, H., Yang, S., Luo, X.: Blockchain-enabled cyber-physical systems: a review. IEEE Internet Things J. 8, 4023 (2020)

    Article  Google Scholar 

  17. Maw, A., Adepu, S., Mathur, A.: Ics-blockops: blockchain for operational data security in industrial control system. Pervasive Mob. Comput. 59, 101048 (2019)

    Article  Google Scholar 

  18. Skowroński, R.: The open blockchain-aided multi-agent symbiotic cyber-physical systems. Future Gener. Comput. Syst. 94, 430–443 (2019)

    Article  Google Scholar 

  19. Guin, U., Cui, P., Skjellum, A.: Ensuring proof-of-authenticity of iot edge devices using blockchain technology. In: Presented at the (2018)

  20. Gomez Rivera, A.O., Tosh, D.K.: Towards security and privacy of scada systems through decentralized architecture. In: Presented at the (2019)

  21. Galloway, B., Hancke, G.P.: Introduction to industrial control networks. IEEE Commun. Surv. Tutor. 15(2), 860–880 (2013)

    Article  Google Scholar 

  22. Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016)

    Article  Google Scholar 

  23. Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for SCADA systems. IEEE Internet Things J. 5(6), 4486–4495 (2018)

    Article  Google Scholar 

  24. Rasheed, M.M., Faaeq, M.K.: Behavioral detection of scanning worm in cyber defense. In: Arai, K., Bhatia, R., Kapoor, S. (eds.) Proceedings of the Future Technologies Conference (FTC) 2018, pp. 214–225. Springer International Publishing, Cham (2019)

  25. Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49–51 (2011)

    Article  Google Scholar 

  26. Wu, Y., Dai, H.N., Wang, H.: Convergence of blockchain and edge computing for secure and scalable IIoT critical infrastructures in industry 4.0. IEEE Internet Things J. 8, 2300 (2020)

    Article  Google Scholar 

  27. Antón, S.D., Fraunholz, D., Lipps, C., Pohl, F., Zimmermann, M., Schotten, H.D.: Two decades of scada exploitation: a brief history. In: Proceedings of the 2017 IEEE Conference on Application, Information and Network Security (AINS), pp. 98–104 (2017)

  28. Kalogeraki, E.-M., Polemi, N., Papastergiou, S., Panayiotopoulos, T.: Modeling SCADA attacks. In: Yang, X.-S., Nagar, A.K., Joshi, A. (eds.) Smart Trends in Systems, Security and Sustainability, pp. 47–55. Springer, Singapore (2018)

    Google Scholar 

  29. Liu, M., Zhou, C., Tang, Q., Parhi, K.K., Kim, C.H.: A data remanence based approach to generate 100 unclonable function. In: Proceedings of the IEEE/ACM International Symposium on Low Power Electronics and Design (ISLPED), vol.2017, pp. 1–6 (2017)

  30. Grubel, B.C., Bosworth, B.T., Kossey, M.R., Sun, H., Cooper, A.B., Foster, M.A., Foster, A.C.: Silicon photonic physical unclonable function. Opt. Express 25(11), 12 710-12 721 (2017)

    Article  Google Scholar 

  31. Rahnama, S., Gupta, S., Qadah, T.M., Hellings, J., Sadoghi, M.: Scalable, resilient, and configurable permissioned blockchain fabric. Proc. VLDB Endow. 13(12), 2893–2896 (2020). https://doi.org/10.14778/3415478.3415502

    Article  Google Scholar 

  32. Chatterjee, U., Chakraborty, R.S., Mukhopadhyay, D.: A puf-based secure communication protocol for iot. ACM Trans. Embed. Comput. Syst. 16(3), 1–25 (2017). https://doi.org/10.1145/3005715

    Article  Google Scholar 

  33. Amoah, R., Camtepe, S., Foo, E.: Formal modelling and analysis of dnp3 secure authentication. J. Netw. Comput. Appl. 59, 345–360 (2016)

    Article  Google Scholar 

  34. Kroeger, T., Cheng, W., Guilley, S., Danger, J.-L., Karimi, N.: Effect of aging on puf modeling attacks based on power side-channel observations. In: Proceedings of the Design. Automation Test in Europe Conference Exhibition (DATE), vol. 2020, pp. 454–459 (2020)

  35. Lin, I.-C., Liao, T.-C.: A survey of blockchain security issues and challenges. IJ Netw. Secur. 19(5), 653–659 (2017)

    Google Scholar 

  36. Banerjee, S., Odelu, V., Das, A.K., Chattopadhyay, S., Rodrigues, J.J.P.C., Park, Y.: Physically secure lightweight anonymous user authentication protocol for internet of things using physically unclonable functions. IEEE Access 7, 85 627-85 644 (2019)

    Article  Google Scholar 

  37. Herder, C., Yu, M., Koushanfar, F., Devadas, S.: Physical unclonable functions and applications: a tutorial. Proc. IEEE 102(8), 1126–1141 (2014)

    Article  Google Scholar 

  38. Haider, I., Höberl, M., Rinner, B.: Trusted sensors for participatory sensing and iot applications based on physically unclonable functions. In: Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security, ser. IoTPTS ’16. New York, NY, USA: Association for Computing Machinery, pp. 14–21. https://doi.org/10.1145/2899007.2899010 (2016)

  39. Dinh, T.T.A., Liu, R., Zhang, M., Chen, G., Ooi, B.C., Wang, J.: Untangling blockchain: a data processing view of blockchain systems. IEEE Trans. Knowl. Data Eng. 30(7), 1366–1385 (2018)

    Article  Google Scholar 

  40. Kraak, D., Taouil, M., Hamdioui, S., Weckx, P., Catthoor, F., Chatterjee, A., Singh, A., Wunderlich, H., Karimi, N.: Device aging: a reliability and security concern. In: Presented at the (2018)

  41. Lai, Z., Lee, K.: Using unstable sram bits for physical unclonable function applications on off-the-shelf sram. In: Proceedings of the IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), vol. 2019, pp. 41–44 (2019)

  42. Wang, W., Singh, A., Guin, U., Chatterjee, A.: Exploiting power supply ramp rate for calibrating cell strength in sram pufs. In: Presented at the (2018)

  43. Korenda, A.R., Afghah, F., Cambou, B., Philabaum, C.: A proof of concept sram-based physically unclonable function (puf) key generation mechanism for iot devices. n: Presented at the (2019)

  44. Zhou, C., Parhi, K.K., Kim, C.H.: Secure and reliable xor arbiter puf design: an experimental study based on 1 trillion challenge response pair measurements. In: Proceedings of the 54th Annual Design Automation Conference 2017, ser. DAC ’17. Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/3061639.3062315 (2017)

  45. Hyperledger fabric v2.0 documentation. https://wiki.hyperledger.org

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Texas at El Paso, El Paso, USA

    Abel O. Gomez Rivera & Deepak K. Tosh

  2. Department of EECS, Vanderbilt University, Nashville, USA

    Uttam Ghosh

Authors
  1. Abel O. Gomez Rivera
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Deepak K. Tosh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Uttam Ghosh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Deepak K. Tosh.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gomez Rivera, A.O., Tosh, D.K. & Ghosh, U. Resilient sensor authentication in SCADA by integrating physical unclonable function and blockchain. Cluster Comput 25, 1869–1883 (2022). https://doi.org/10.1007/s10586-021-03413-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03413-1

Keywords

Search

Navigation