Securing IIoT using Defence-in-Depth: Towards an End-to-End Secure Industry 4.0

TL;DR

This paper analyzes security strategies for Industry 4.0, emphasizing Defence-in-Depth, and proposes an integrated approach combining DiD, Attribute-Based-Encryption, and OSCORE for end-to-end security in IIoT networks.

Contribution

It introduces a novel combination of security layers and encryption methods tailored for lightweight, end-to-end protection in Industry 4.0 environments.

Findings

Analysis of current security strategies in Industry 4.0

Proposal of an integrated security framework combining DiD, ABE, and OSCORE

Foundation for developing lightweight, end-to-end security solutions

Abstract

Industry 4.0 uses a subset of the IoT, named Industrial IoT (IIoT), to achieve connectivity, interoperability, and decentralization. The deployment of industrial networks rarely considers security by design, but this becomes imperative in smart manufacturing as connectivity increases. The combination of OT and IT infrastructures in Industry 4.0 adds new security threats beyond those of traditional industrial networks. Defence-in-Depth (DiD) strategies tackle the complexity of this problem by providing multiple defense layers, each of these focusing on a particular set of threats. Additionally, the strict requirements of IIoT networks demand lightweight encryption algorithms. Nevertheless, these ciphers must provide E2E (End-to-End) security, as data passes through intermediate entities or middleboxes before reaching their destination. If compromised, middleboxes could expose vulnerable information to potential attackers if it is not encrypted throughout this path. This paper presents an analysis of the most relevant security strategies in Industry 4.0, focusing primarily on DiD. With these in mind, it proposes a combination of DiD, an encryption algorithm called Attribute-Based-Encryption (ABE), and object security (i.e., OSCORE) to get an E2E security approach. This analysis is a critical first step to developing more complex and lightweight security frameworks suitable for Industry 4.0.