Authenticated encryption for time-sensitive critical infrastructure

Abstract

Encryption is the primary tool for protecting information security, but cyber-physical systems that interact directly with critical infrastructure, in applications such as power, water and transport, typically use no encryption for their control messages at all. This is because computer systems that interface to physical devices are subject to strict realtime constraints and it is widely assumed that the computational overheads of encryption are too high in such situations. Indeed, some international standards for critical infrastructure systems explicitly recommend against using encryption. Here we present experimental results proving that data encryption can be used to defend cyber-physical systems within the timing constraints imposed by international standards for data communications in electricity distribution substations, even when using conventional hardware and software. To ensure the validity of the results we created a testbed composed of industry-standard devices, and to guarantee the experiments' accuracy we measured data packet timing using specialised hardware synchronised to GPS time. Our results provide the first detailed analysis of the time taken to encrypt, transmit, and decrypt a critical infrastructure protocol using a stream cipher in a realistic physical environment. Furthermore, in safety-critical systems data confidentiality is not the only information security concern. Data integrity must be preserved as well. We therefore show that such timing results are possible even when using an authenticated encryption algorithm, which provides both data confidentiality and integrity, thereby paving the way for deploying strong encryption technologies in cyber-physical systems.