Security of Cloud Services with Low-Performance Devices in Critical Infrastructures
Michael Molle, Ulrich Raithel, Dirk Kraemer, Norbert Graß, Matthias Söllner, Andreas Aßmuth
TL;DR
Problem: Low-performance OT devices connected to Cloud in critical infrastructures introduce security gaps due to limited computing power and memory. Approach: The paper discusses the iSEC project and proposes end-to-end security combining PUF-based hardware identity, lightweight cryptography, and secure cloud interfaces within a CAN-Linux-TCP/IP architecture. Contributions: Threat analysis of Cloud-based SCADA and OT devices, a security-by-design framework, and a plan for verifiable secure design and in-situ testing, including device updates and lifecycle considerations. Significance: Enables secure, scalable IIoT integration in critical infrastructure while protecting data integrity, confidentiality, and availability against DDoS, backdoors, and supply-chain attacks.
Abstract
As part of the Internet of Things (IoT) and Industry 4.0 Cloud services are increasingly interacting with low-performance devices that are used in automation. This results in security issues that will be presented in this paper. Particular attention is paid to so-called critical infrastructures. The authors intend to work on the addressed security challenges as part of a funded research project, using electrical actuators and battery storages as specific applications. The core ideas of this research project are also presented in this paper.