Abstract
The fourth industrial revolution is being mainly driven by the integration of Internet of Things (IoT) technologies to support the development lifecycle of systems and products. Despite the well-known advantages for the industry, an increasingly pervasive industrial ecosystem could make such devices an attractive target for potential attackers. Recently, the Manufacturer Usage Description (MUD) standard enables manufacturers to specify the intended use of their devices, thereby restricting the attack surface of a certain system. In this direction, we propose a mechanism to manage securely the obtaining and enforcement of MUD policies through the use of a Software-Defined Network (SDN) architecture. We analyze the applicability and advantages of the use of MUD in industrial environments based on our proposed solution, and provide an exhaustive performance evaluation of the required processes.
Highlights
The integration of Internet of Things (IoT) technologies in industrial environments has enabled the development of the well-known Industry 4.0 or Industrial Internet of Things (IIoT)
It should be noted that it is based on the YANG Data Model for Network Access Control Lists (ACLs) [27], which is augmented by the Manufacturer Usage Description (MUD) standard to define more expressive ACLs
It should be noted that, during this process, the new Medium-level Security Policy Language (MSPL) policies generated from the MUD file could represent conflicting restrictions with the security policies deployed in the deployment domain
Summary
The integration of Internet of Things (IoT) technologies in industrial environments has enabled the development of the well-known Industry 4.0 or Industrial Internet of Things (IIoT). The definition of these behavioral profiles can be challenging due to the heterogeneity of IoT devices, in which a wide variety of technologies and protocols can be used with different configurations Toward this end, the Manufacturer Usage Description (MUD) [5] has been recently proposed as an Internet Engineering Task Force (IETF) standard. We believe that the definition of these processes based on standard technologies is crucial to encourage the use and deployment of the MUD standard To address such needs, this work proposes the design and implementation of a security architecture for obtaining and enforcing MUD policies through the use of Software-Defined Networks (SDN) [7].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
