skip to main content
10.1145/1352533.1352550acmconferencesArticle/Chapter ViewAbstractPublication PageswisecConference Proceedingsconference-collections
research-article

Key management and secure software updates in wireless process control environments

Published: 31 March 2008 Publication History

Abstract

Process control systems using wireless sensor nodes are large and complex environments built to last for a long time. Cryptographic keys are typically preloaded in the wireless nodes prior to deployment and used for the rest of their lifetime. To reduce the risk of successful cryptanalysis, new keys must be established (rekeying). We have designed a rekeying scheme that provides both backward and forward secrecy.
Furthermore, since these nodes are used for extensive periods of time, there is a need to update the software on the nodes. Different types of sensors run different types and versions of software. We therefore establish group keys to update the software on groups of nodes. The software binary is split into fragments to construct a hash chain that is then signed by the network manager. The nodes can thus verify the authenticity and the integrity of the new software binary. We extend this protocol by encrypting the packets with the group key such that only the intended receivers can access the new software binary.

References

[1]
P. Baronti, P. Pillai, V. W. C. Chook, S. Chessa, A. Gotta, and Y. F. Hu. Wireless Sensor Networks: A survey on the state of the art and the 802.15.4 and ZigBee standards. Comput. Commun., 30(7):1655--1695, 2007.
[2]
C. Beaver, D. Gallup, W. Neumann, and M. Torgerson. Key Management for SCADA. Technical report, Sandia National Laboratories, 2002.
[3]
B. Blanchet. Analysis of Cryptographic Protocols in the Formal Model. http://www.di.ens.fr/~blanchet/crypto-eng.html.
[4]
Z. Brown. Cebolla: Pragmatic IP anonymity. In Ottawa Linux Symposium, 2002.
[5]
S. A. Camtepe and B. Yener. Key Distribution Mechanisms for Wireless Sensor Networks: A survey. Technical report, Rensselaer Polytechnic Institute, 2005.
[6]
Crossbow Wireless Sensor Networks. Imote2 Specification. http://www.xbow.com/Products/productdetails.aspx?sid=253, 2007.
[7]
D. Dolev and A. C. Yao. On the Security of Public Key Protocols. In IEEE 22nd Annual Symposium on Foundations of Computer Science, Stanford, CA, USA, 1981.
[8]
Dust Networks. Technical Overview of Time Synchronized Mesh Protocol (TSMP), 2006.
[9]
B. Dutertre, S. Cheung, and J. Levy. Lightweight Key Management in Wireless Sensor Networks by Leveraging Initial Trust. Technical report, SRI International, 2004.
[10]
P. K. Dutta, J. W. Hui, D. C. Chu, and D. E. Culler. Securing the Deluge Network Programming System. In IPSN '06: Proceedings of the Fifth International Conference on Information Processing in Sensor Networks, pages 326--333, New York, NY, USA, 2006. ACM Press.
[11]
L. Eschenauer and V. D. Gligor. A Key-Management Scheme for Distributed Sensor Networks. In CCS '02: Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 41--47, New York, NY, USA, 2002. ACM Press.
[12]
S. Halevi and H. Krawczyk. Strengthening Digital Signatures via Randomized Hashing. In The 26th Annual International Cryptology Conference (CRYPTO), pages 41--59, 2006.
[13]
HART Communication Foundation. WirelessHART Technical Data Sheet, 2007.
[14]
J. Hui. Deluge 2.0 - TinyOS Network Programming. http://www.cs.berkeley.edu/~jwhui/research/deluge/deluge-manual.pdf, 2005.
[15]
I. Hussain and S. M. Mahmud. Group Key Management for Secure Multicasting in Remote Software Upload to Future Vehicles. Technical report, Electrical and Computer Engineering Department, Wayne State University, Detroit, MI 48202 USA, 2006.
[16]
C. Karlof, N. Sastry, and D. Wagner. TinySec: A link layer security architecture for wireless sensor networks. In SenSys '04: Proceedings of the 2nd International Conference on Embedded Networked Sensor Systems, pages 162--175, Baltimore, November 2004.
[17]
M. Luk, G. Mezzour, A. Perrig, and V. Gligor. MiniSec: A secure sensor network communication architecture. In IPSN '07: Proceedings of the 6th International Conference on Information Processing in Sensor Networks, pages 479--488, New York, NY, USA, 2007. ACM Press.
[18]
W. Mao. Modern Cryptography: Theory and Practice. Hewlett-Packard, Prentice Hall, Upper Saddle River, NJ, USA, 2003.
[19]
National Institute of Standards and Technology. Recommendation for Block Cipher Modes of Operation. NIST Special Publication 800-38A, 2001.
[20]
National Institute of Standards and Technology. Randomized Hashing Digital Signatures. NIST Special Publication 800-106 Draft, 2007.
[21]
P. Ning, A. Liu, and P. Kampanakis. TinyECC: Elliptic curve cryptography for sensor networks. Technical report, Department of Computer Science, North Carolina State University, November 2007.
[22]
A. Perrig, R. Szewczyk, V. Wen, D. E. Culler, and J. D. Tygar. SPINS: Security protocols for sensor networks. In Mobile Computing and Networking, pages 189--199, 2001.
[23]
P. Rogaway, M. Bellare, J. Black, and T. Krovetz. OCB: A block-cipher mode of operation for efficient authenticated encryption. In ACM Conference on Computer and Communications Security, pages 196--205, 2001.
[24]
R. Watro, D. Kong, S.-F. Cuti, C. Gardiner, C. Lynn, and P. Kruus. TinyPK: Securing sensor networks with public key technology. In SASN '04: Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks, pages 59--64, New York, NY, USA, 2004. ACM Press.

Cited By

View all
  • (2025)An Adaptable Security-by-design approach for ensuring a secure Over the Air (OTA) update in modern vehiclesComputers & Security10.1016/j.cose.2024.104268150(104268)Online publication date: Mar-2025
  • (2024)Over-the-air upgrading for enhancing security of intelligent connected vehicles: a surveyArtificial Intelligence Review10.1007/s10462-024-10968-z57:11Online publication date: 3-Oct-2024
  • (2023)On the Development of a Protection Profile Module for Encryption Key Management ComponentsIEEE Access10.1109/ACCESS.2023.323904311(9113-9121)Online publication date: 2023
  • Show More Cited By

Index Terms

  1. Key management and secure software updates in wireless process control environments

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      WiSec '08: Proceedings of the first ACM conference on Wireless network security
      March 2008
      234 pages
      ISBN:9781595938145
      DOI:10.1145/1352533
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 31 March 2008

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. key management
      2. process control systems
      3. rekeying
      4. software updates
      5. wireless sensor nodes

      Qualifiers

      • Research-article

      Conference

      WISEC '08
      Sponsor:
      WISEC '08: First ACM Conference on Wireless Network Security
      March 31 - April 2, 2008
      VA, Alexandria, USA

      Acceptance Rates

      Overall Acceptance Rate 98 of 338 submissions, 29%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)17
      • Downloads (Last 6 weeks)2
      Reflects downloads up to 13 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2025)An Adaptable Security-by-design approach for ensuring a secure Over the Air (OTA) update in modern vehiclesComputers & Security10.1016/j.cose.2024.104268150(104268)Online publication date: Mar-2025
      • (2024)Over-the-air upgrading for enhancing security of intelligent connected vehicles: a surveyArtificial Intelligence Review10.1007/s10462-024-10968-z57:11Online publication date: 3-Oct-2024
      • (2023)On the Development of a Protection Profile Module for Encryption Key Management ComponentsIEEE Access10.1109/ACCESS.2023.323904311(9113-9121)Online publication date: 2023
      • (2019)Design and Implementation of Wireless Sensor Network Re-encryption Protocol Based on Key DistributionJournal of Physics: Conference Series10.1088/1742-6596/1345/5/0520371345(052037)Online publication date: 28-Nov-2019
      • (2016)Security-Enhanced Reprogramming with XORs Coding in Wireless Sensor NetworksInformation and Communications Security10.1007/978-3-319-29814-6_36(421-435)Online publication date: 5-Mar-2016
      • (2015)Framework for Secure Code Updates for Wireless Sensor NodesProceedings of the 2015 12th International Conference on Information Technology - New Generations10.1109/ITNG.2015.53(292-295)Online publication date: 13-Apr-2015
      • (2015)SCUMGProceedings of the 2015 12th International Conference on Information Technology - New Generations10.1109/ITNG.2015.46(249-254)Online publication date: 13-Apr-2015
      • (2013)"Stacking the Deck" Attack on Software UpdatesProceedings of the 2013 IEEE/WIC/ACM International Joint Conferences on Web Intelligence (WI) and Intelligent Agent Technologies (IAT) - Volume 0210.1109/WI-IAT.2013.123(293-300)Online publication date: 17-Nov-2013
      • (2013)A confidential and DoS-resistant multi-hop code dissemination protocol for wireless sensor networksComputers and Security10.1016/j.cose.2012.09.01232:C(36-55)Online publication date: 1-Feb-2013
      • (2011)Secure automotive on-board protocolsProceedings of the Third international conference on Communication technologies for vehicles10.5555/1987310.1987333(224-238)Online publication date: 23-Mar-2011
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media