Abstract
Industrial Control Systems and Supervisory Control and Data Acquisition (ICS/SCADA) systems are profound backbones of the national critical infrastructures and are essential to the sustainability of society since they help monitoring and controlling the cyber-enable services, such as energy, transportation, healthcare, etc. Modern SCADA systems continue to use the legacy communication protocols that lack adequate security mechanisms to provide trusted device authentication and ensure data flow integrity. Furthermore, advent of state-of-the-art network-capable sensor technology exposes many unique vulnerabilities to the adversaries. Thus, integrity of the data originated from field sensors along with their identity must be managed carefully in order to enhance reliability of ICS/SCADA ecosystems. In this paper, we present a blockchain-based SRAM PUF Authentication and Integrity (BloSPAI) protocol that aims to ensure a continuous authentication of field sensors and provide a robust data flow integrity process by leveraging distributed ledger and hardware security primitives. The prototype of the protocol has been implemented in a sensor-integrated Raspberry PI testbed that is interfaced with a permissioned blockchain network. We discuss the performance and overhead aspects of the proposed BloSPAI protocol and compare with state-of-art cybersecurity solutions. Through experimental evaluation demonstrates the relationship between the size of the blockchain network impacts the throughput in terms of time to commit transactions and overall systems setup time.
Similar content being viewed by others
References
Do, V.L., Fillatre, L., Nikiforov, I., Willett, P.: Security of SCADA systems against cyber-physical attacks. IEEE Aerosp. Electron. Syst. Mag. 32(5), 28–45 (2017)
Kshetri, N., Voas, J.: Hacking power grids: a current problem. Computer 50(12), 91–95 (2017)
You, W., Ge, H.: Design and implementation of modbus protocol for intelligent building security. In: Presented at the (2019)
Lu, G., Feng, D., Huang, B.: Hidden Markov model-based attack detection for networked control systems subject to random packet dropouts. IEEE Trans. Ind. Electron. 68(1), 642–653 (2020)
Gomez Rivera, A.O., Tosh, D.K., Acosta, J.C., Njilla, L.: Achieving sensor identification and data flow integrity in critical cyber-physical infrastructures. In: Presented at the (2020)
Sadeghi, A., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6 (June 2015)
Moghimi, D., Sunar, B., Eisenbarth, T., Heninger, N.: Tpm-fail: TPM meets timing and lattice attacks. In: Proceedings of the 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, pp. 2057–2073 (Aug. 2020)
Pinto, S., Santos, N.: Demystifying arm trustzone: a comprehensive survey. ACM Comput. Surv. 51(6), 1–36 (2019). https://doi.org/10.1145/3291047
Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V., et al.: Blockchain technology: beyond bitcoin. Appl. Innov. 2(6–10), 71 (2016)
Braeken, A.: Puf based authentication protocol for iot. Symmetry 10(8), 352 (2018)
Chatterjee, U., Govindan, V., Sadhukhan, R., Mukhopadhyay, D., Chakraborty, R.S., Mahata, D., Prabhu, M.M.: Building puf based authentication and key exchange protocol for iot without explicit CRPS in verifier database. IEEE Trans. Depend. Secure Comput. 16(3), 424–437 (2019)
Feng, W., Qin, Y., Zhao, S., Feng, D.: Aaot: lightweight attestation and authentication of low-resource things in iot and cps. Comput. Netw. 134, 167–182 (2018)
Sajim, A.S.: Open-source software-based sram-puf for secure data and key storage using off-the-shelf sram. M.S. thesis, Delf University of Technology. https://github.com/Tribler/software-based-PUF/blob/master/ThesisReport/thesis.pdf (2018)
Yang, T., Zhai, F., Liu, J., Wang, M., Pen, H.: Self-organized cyber physical power system blockchain architecture and protocol. Int. J. Distrib. Sens. Netw. 14(10), 1550147718803311 (2018)
Musleh, A.S., Yao, G., Muyeen, S.M.: Blockchain applications in smart grid-review and frameworks. IEEE Access 7, 86 746-86 757 (2019)
Zhao, W., Jiang, C., Gao, H., Yang, S., Luo, X.: Blockchain-enabled cyber-physical systems: a review. IEEE Internet Things J. 8, 4023 (2020)
Maw, A., Adepu, S., Mathur, A.: Ics-blockops: blockchain for operational data security in industrial control system. Pervasive Mob. Comput. 59, 101048 (2019)
Skowroński, R.: The open blockchain-aided multi-agent symbiotic cyber-physical systems. Future Gener. Comput. Syst. 94, 430–443 (2019)
Guin, U., Cui, P., Skjellum, A.: Ensuring proof-of-authenticity of iot edge devices using blockchain technology. In: Presented at the (2018)
Gomez Rivera, A.O., Tosh, D.K.: Towards security and privacy of scada systems through decentralized architecture. In: Presented at the (2019)
Galloway, B., Hancke, G.P.: Introduction to industrial control networks. IEEE Commun. Surv. Tutor. 15(2), 860–880 (2013)
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016)
Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for SCADA systems. IEEE Internet Things J. 5(6), 4486–4495 (2018)
Rasheed, M.M., Faaeq, M.K.: Behavioral detection of scanning worm in cyber defense. In: Arai, K., Bhatia, R., Kapoor, S. (eds.) Proceedings of the Future Technologies Conference (FTC) 2018, pp. 214–225. Springer International Publishing, Cham (2019)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49–51 (2011)
Wu, Y., Dai, H.N., Wang, H.: Convergence of blockchain and edge computing for secure and scalable IIoT critical infrastructures in industry 4.0. IEEE Internet Things J. 8, 2300 (2020)
Antón, S.D., Fraunholz, D., Lipps, C., Pohl, F., Zimmermann, M., Schotten, H.D.: Two decades of scada exploitation: a brief history. In: Proceedings of the 2017 IEEE Conference on Application, Information and Network Security (AINS), pp. 98–104 (2017)
Kalogeraki, E.-M., Polemi, N., Papastergiou, S., Panayiotopoulos, T.: Modeling SCADA attacks. In: Yang, X.-S., Nagar, A.K., Joshi, A. (eds.) Smart Trends in Systems, Security and Sustainability, pp. 47–55. Springer, Singapore (2018)
Liu, M., Zhou, C., Tang, Q., Parhi, K.K., Kim, C.H.: A data remanence based approach to generate 100 unclonable function. In: Proceedings of the IEEE/ACM International Symposium on Low Power Electronics and Design (ISLPED), vol.2017, pp. 1–6 (2017)
Grubel, B.C., Bosworth, B.T., Kossey, M.R., Sun, H., Cooper, A.B., Foster, M.A., Foster, A.C.: Silicon photonic physical unclonable function. Opt. Express 25(11), 12 710-12 721 (2017)
Rahnama, S., Gupta, S., Qadah, T.M., Hellings, J., Sadoghi, M.: Scalable, resilient, and configurable permissioned blockchain fabric. Proc. VLDB Endow. 13(12), 2893–2896 (2020). https://doi.org/10.14778/3415478.3415502
Chatterjee, U., Chakraborty, R.S., Mukhopadhyay, D.: A puf-based secure communication protocol for iot. ACM Trans. Embed. Comput. Syst. 16(3), 1–25 (2017). https://doi.org/10.1145/3005715
Amoah, R., Camtepe, S., Foo, E.: Formal modelling and analysis of dnp3 secure authentication. J. Netw. Comput. Appl. 59, 345–360 (2016)
Kroeger, T., Cheng, W., Guilley, S., Danger, J.-L., Karimi, N.: Effect of aging on puf modeling attacks based on power side-channel observations. In: Proceedings of the Design. Automation Test in Europe Conference Exhibition (DATE), vol. 2020, pp. 454–459 (2020)
Lin, I.-C., Liao, T.-C.: A survey of blockchain security issues and challenges. IJ Netw. Secur. 19(5), 653–659 (2017)
Banerjee, S., Odelu, V., Das, A.K., Chattopadhyay, S., Rodrigues, J.J.P.C., Park, Y.: Physically secure lightweight anonymous user authentication protocol for internet of things using physically unclonable functions. IEEE Access 7, 85 627-85 644 (2019)
Herder, C., Yu, M., Koushanfar, F., Devadas, S.: Physical unclonable functions and applications: a tutorial. Proc. IEEE 102(8), 1126–1141 (2014)
Haider, I., Höberl, M., Rinner, B.: Trusted sensors for participatory sensing and iot applications based on physically unclonable functions. In: Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security, ser. IoTPTS ’16. New York, NY, USA: Association for Computing Machinery, pp. 14–21. https://doi.org/10.1145/2899007.2899010 (2016)
Dinh, T.T.A., Liu, R., Zhang, M., Chen, G., Ooi, B.C., Wang, J.: Untangling blockchain: a data processing view of blockchain systems. IEEE Trans. Knowl. Data Eng. 30(7), 1366–1385 (2018)
Kraak, D., Taouil, M., Hamdioui, S., Weckx, P., Catthoor, F., Chatterjee, A., Singh, A., Wunderlich, H., Karimi, N.: Device aging: a reliability and security concern. In: Presented at the (2018)
Lai, Z., Lee, K.: Using unstable sram bits for physical unclonable function applications on off-the-shelf sram. In: Proceedings of the IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), vol. 2019, pp. 41–44 (2019)
Wang, W., Singh, A., Guin, U., Chatterjee, A.: Exploiting power supply ramp rate for calibrating cell strength in sram pufs. In: Presented at the (2018)
Korenda, A.R., Afghah, F., Cambou, B., Philabaum, C.: A proof of concept sram-based physically unclonable function (puf) key generation mechanism for iot devices. n: Presented at the (2019)
Zhou, C., Parhi, K.K., Kim, C.H.: Secure and reliable xor arbiter puf design: an experimental study based on 1 trillion challenge response pair measurements. In: Proceedings of the 54th Annual Design Automation Conference 2017, ser. DAC ’17. Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/3061639.3062315 (2017)
Hyperledger fabric v2.0 documentation. https://wiki.hyperledger.org
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Gomez Rivera, A.O., Tosh, D.K. & Ghosh, U. Resilient sensor authentication in SCADA by integrating physical unclonable function and blockchain. Cluster Comput 25, 1869–1883 (2022). https://doi.org/10.1007/s10586-021-03413-1
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-021-03413-1