Toward a Multi-Layer ML-Based Security Framework for Industrial IoT

TL;DR

This paper proposes a lightweight, ML-based multi-layer security framework for IIoT that improves trust convergence and deploys on affordable hardware, addressing physical and cyber threats.

Contribution

It introduces the Trust Convergence Acceleration (TCA) method and a real-world deployment architecture for IIoT security, extending to multi-layer attack detection.

Findings

TCA reduces trust convergence time by up to 28.6%.

Framework is designed for resource-constrained IIoT devices.

Deployment uses open-source hardware for practical implementation.

Abstract

The Industrial Internet of Things (IIoT) introduces significant security challenges as resource-constrained devices become increasingly integrated into critical industrial processes. Existing security approaches typically address threats at a single network layer, often relying on expensive hardware and remaining confined to simulation environments. In this paper, we present the research framework and contributions of our doctoral thesis, which aims to develop a lightweight, Machine Learning (ML)-based security framework for IIoT environments. We first describe our adoption of the Tm-IIoT trust model and the Hybrid IIoT (H-IIoT) architecture as foundational baselines, then introduce the Trust Convergence Acceleration (TCA) approach, our primary contribution that integrates ML to predict and mitigate the impact of degraded network conditions on trust convergence, achieving up to a 28.6% reduction in convergence time while maintaining robustness against adversarial behaviors. We then propose a real-world deployment architecture based on affordable, open-source hardware, designed to implement and extend the security framework. Finally, we outline our ongoing research toward multi-layer attack detection, including physical-layer threat identification and considerations for robustness against adversarial ML attacks.