Abstract
Industrial Automation and Control Systems (IACS) are broadly utilized in critical infrastructures for monitoring and controlling the industrial processes remotely. The real-time transmissions in such systems provoke security breaches. Many security breaches have been reported impacting society severely. Hence, it is essential to achieve secure communication between the devices for creating a secure environment. For this to be effective, the keys used for secure communication must be protected against unauthorized disclosure, misuse, alteration or loss, which can be taken care of by a Key Management Infrastructure. In this paper, by considering the generic industrial automation network, a comprehensive key management infrastructure (CKMI) is designed for IACS. To design such an infrastructure, the proposed scheme employs ECDH, matrix method, and polynomial crypto mechanisms. The proposed design handles all the standard key management operations, viz. key generation, device registration, key establishment, key storage, device addition, key revocation, key update, key recovery, key archival, and key de-registration and destruction. The design supports secure communication between the same and different levels of IACS devices. The proposed design can be applied for major industrial automation networks to handle the key management operations. The performance analysis and implementation results highlight the benefits of the proposed design.
Highlights
Critical infrastructures are the primary needs of the society
2: comprehensive key management infrastructure (CKMI) server: 3: Considers one polynomial share (PS) ∈ polynomial pool, ID used for generating PS and field level group key (FGK). 4: CKMI server −{−PS−|−|I−D−||F−G−K−}−EJ−oin−k→ey New Field Device. 5: CKMI server broadcasts message to all field level devices about the addition of new device. 6: else if New Control Device is added to the control level network
We have proposed an elegant key management design for Industrial Automation and Control Systems (IACS) to handle the key management operations
Summary
Critical infrastructures are the primary needs of the society. To reduce the complexity in the operations of critical infrastructures, there is a need for simple and efficient process supporting remote monitoring and control of various activities, which can be achieved through automation. Our Contribution: In this paper, by considering the generic architecture of IACS, a comprehensive key management infrastructure is designed (Figure 8). Key management is designed in such a way that it can be applied for major industrial networks to secure the communications of industrial devices. 3. The proposed design supports secure communication between the same and different levels of IACS devices. Polynomial method is chosen for field level devices, matrix method for control level devices and ECDH for plant level devices These schemes are basically meant for establishing secret keys between the communicating devices, but we have used the same methods to support other key management operations such as key update, device joining, key revocation, key storage, archival, key recovery and key de-registration and destruction.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
