Physical Unclonable Function-Based Lightweight and Verifiable Data Stream Transmission for Industrial IoT

Abstract

The deep integration of informatization and industrialization has resulted in an increasingly close connection between supervisory control and data acquisition (SCADA) systems and the Internet, leading to a growing number of new applications in industrial IoT. The boundaries of the SCADA system are monitored by industrial smart sensors, which only have limited security protection and face severe security threats. One of the major threats is that smart sensors are vulnerable to physical attacks because they are often installed in unsafe areas far from plant protection. Under this attack, the data of sensors can be easily tampered with, which may not only mislead the system with corrupted information but also cheat the system to make incorrect decisions. Moreover, since sensors are resource-constrained physical devices, complex and expensive encryption algorithms are not applicable. In this paper, we design a lightweight industrial smart sensor data stream integrity verification scheme based on physical unclonable function (PUF) for industrial IoT, which can protect the physical security of sensors and the integrity of data streams to ensure the secure transmission of industrial smart sensor data streams. We utilize PUF, fuzzy extractor and bit selection algorithm to generate stable PUF responses. A malicious attacker cannot extract the key information through the physical attack. In addition, we design a lightweight integrity verification algorithm with efficient key updating based on lightweight cryptographic primitives, making it suitable for resource-constrained physical devices. We perform the security analysis to demonstrate the security of the scheme to known security vulnerabilities. We implement the proposed scheme and evaluate the performance of our scheme with extensive experiments. The experimental results show that the proposed scheme is efficient in secret key generation and integrity verification and is superior to existing schemes in computational and communication efficiency.