Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

POSTER: Towards Secure 5G Infrastructures for Production Systems

Martin Henze, Maximilian Ortmann, Thomas Vogt, Osman Ugus, Kai Hermann, Svenja Nohr, Zeren Lu, Sotiris Michaelides, Angela Massonet, Robert H. Schmitt

TL;DR

The paper addresses security challenges arising from migrating industrial production to 5G, including reliability gaps, new vulnerabilities, and accountability concerns. It proposes a comprehensive toolbox consisting of prevention, detection, and response mechanisms: hardware token–based Industrial Device Authentication (IDA) with PKI certificate management and OCSP-based revocation; a deterministic 5G-TSN infrastructure protected by MACsec with keys derived from the IDA service; wireless-adapted anomaly detection via an extended IPAL framework and a jamming detection/localization system using SDRs; and response strategies that include PKI- and 5G-based device exclusion alongside regulatory accountability analyses. Key contributions include the IDA service with mutual authentication and certificate lifecycle management, integration of MACsec keys into TSN pipelines, the wireless-aware extension of IPAL for industrial anomaly detection, and a dedicated jamming framework, all complemented by legal assessments aligned with evolving regulations such as NIS2 and the Cyber Resilience Act. Collectively, these efforts enable secure, reliable 5G deployment in production environments and are planned to be validated in industry use cases on the 5G-Industry Campus Europe for practical applicability and scalability.

Abstract

To meet the requirements of modern production, industrial communication increasingly shifts from wired fieldbus to wireless 5G communication. Besides tremendous benefits, this shift introduces severe novel risks, ranging from limited reliability over new security vulnerabilities to a lack of accountability. To address these risks, we present approaches to (i) prevent attacks through authentication and redundant communication, (ii) detect anomalies and jamming, and (iii) respond to detected attacks through device exclusion and accountability measures.

POSTER: Towards Secure 5G Infrastructures for Production Systems

TL;DR

The paper addresses security challenges arising from migrating industrial production to 5G, including reliability gaps, new vulnerabilities, and accountability concerns. It proposes a comprehensive toolbox consisting of prevention, detection, and response mechanisms: hardware token–based Industrial Device Authentication (IDA) with PKI certificate management and OCSP-based revocation; a deterministic 5G-TSN infrastructure protected by MACsec with keys derived from the IDA service; wireless-adapted anomaly detection via an extended IPAL framework and a jamming detection/localization system using SDRs; and response strategies that include PKI- and 5G-based device exclusion alongside regulatory accountability analyses. Key contributions include the IDA service with mutual authentication and certificate lifecycle management, integration of MACsec keys into TSN pipelines, the wireless-aware extension of IPAL for industrial anomaly detection, and a dedicated jamming framework, all complemented by legal assessments aligned with evolving regulations such as NIS2 and the Cyber Resilience Act. Collectively, these efforts enable secure, reliable 5G deployment in production environments and are planned to be validated in industry use cases on the 5G-Industry Campus Europe for practical applicability and scalability.

Abstract

To meet the requirements of modern production, industrial communication increasingly shifts from wired fieldbus to wireless 5G communication. Besides tremendous benefits, this shift introduces severe novel risks, ranging from limited reliability over new security vulnerabilities to a lack of accountability. To address these risks, we present approaches to (i) prevent attacks through authentication and redundant communication, (ii) detect anomalies and jamming, and (iii) respond to detected attacks through device exclusion and accountability measures.
Paper Structure (7 sections, 2 figures)

This paper contains 7 sections, 2 figures.

Table of Contents

  1. Introduction
  2. 5G in Industrial Communication
  3. Secure 5G Infrastructures for Production Systems
  4. Prevention
  5. Detection
  6. Response
  7. Outlook & Conclusion

Figures (2)

  • Figure 1: Moving from wired to wireless industrial communication introduces novel risks: limited reliability, new security vulnerabilities, and lack of accountability.
  • Figure 2: Our secure 5G infrastructure for production systems provides mechanisms to prevent, detect, and respond to attacks.