Security, Management and Ownership of Data and Networks in the Industrial Internet
Research project funded by the Centrum för Industriell Informationsteknologi (CENIIT), project no. 17.01, 2017-2022
Project leader: Andrei Gurtov
Abstract: This 6-year project aims to investigate new technologies such Software Defined Networking, 5G and long-range wireless sensor networks for Industrial Internet. Moreover, in the context of this project, the applicant will establish a research group that specializes in topics related to cybersecurity.
The steam engine, electricity and digital economy all have made revolutional changes in the world economy. Nowadays, utilizing sensor data from machinery can make similar impact in manufacturing, transportation, energy and health sectors. Performing big data analysis, switching to preventive maintenance and service-oriented production can boost efficiency, and even 1% reduction in costs in major sectors of economy could provide dramatic results. The Industrial Internet brings together the advances of two transformative revolutions: the myriad of machines, facilities, fleets and networks that arose from the Industrial Revolution, and the more recent powerful advances in computing, information and communication systems brought to the fore by the Internet Revolution.
Moreover, Internet-of-things (IoT) is making a rapid progress in the Internet by providing connectivity to consumer devices such as SmartTVs to enable their remote monitoring and integrated smart-home solutions. On the industrial side, such approach is referred to as Machine-to-machine or Machine-type Communication, with support in latest ETSI standards. The Internet economics presently revolves around mining user data and providing targeted advertisement by giant companies including Google and Facebook. Thus, the best minds in network applications are focusing on creating best algorithms to overcome ad blocking software and to sell something to the users. Industrial Internet aims at changing the state to focus the talents on data science application of machine sensor output to design algorithms to predict machine maintenance needs and streamline operations.
However, the popularity of new cyber-physical systems such as the Industrial Internet in new applications is creating new requirements such as high security, enhanced scalability, and optimal utilization of network resources, efficient energy management and low operational cost. Specifically, the increasing number of connected devices and new services will result in the increasing capacity requirements for the cyber-physical systems. Thus, accommodating the secure connectivity for this expected traffic growth is an imminent requirement of future cyber-physical systems. Although the existing secure communication architectures are able to provide some level of security, they are suffering from limitations such as limited scalability, poor utilization of network resources and high operational cost, mainly due to the complex and static security management procedures.
In order to keep with these new requirements, cyber-physical systems have not only to go through architecture processes to optimize the current resources but also to add new components/technologies which increase the capacity. On these grounds, Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are promising technologies which are expected to solve the limitations in current communication networks. SDN provides the required improvements in flexibility, scalability and performance to adapt the mobile network to keep up with the expected growth. NFV offers a new way to design, deploy and manage networking services. NFV allows decoupling the network functions from proprietary hardware appliances, so they can run in software.
The adaptation of SDN and NFV concepts is expected to solve many limitations in current cyber-physical systems. In SDN enables networks, each operator has the flexibility to develop new networking concepts, optimize their network and address specific needs of subscribers. Furthermore, software-programmable network switches in SDN networks use modern agile programming methodologies. These software methodologies can be developed, enhanced, and upgraded at much shorter cycles than the development of today’s state-of-the-art network devices. However, added SDN features such as centralized controlling, network programmability and network function virtualization introduce new security challenges to cyber-physical systems. Therefore, the security of SDN based cyber-physical systems is still an open issue and it is a timely research topic to discuss before the wide scale deployment.
Attaining the vision set forth for the Industrial Internet will require an effective internet security regime. Cyber security should be considered in terms of both data security (a defense strategy specific to the cloud) and the security of machinery equipped with sensor devices that are connected to the network. Maintaining a protected IT infrastructure is a vital requirement. Security processes and controls should be designed to have multiple layers of defense. Defense strategies need to span every layer, starting from the network down to the user. The pursuit of a cohesive cyber security strategy will minimize the risks and enable society to take advantage of the opportunities associated with the Industrial Internet. In this project we will consider the Secure Connectivity of Future Cyber-Physical Systems under four main topics.
Present industrial environments are largely based on vendor-specific communication protocols that suffer from a lack of interoperability. Visibility of operations over an entire factory is difficult while updating machines is cumbersome and requires expensive downtime in operations. Thus, deploying integrated and open communication architecture in Industrial Internet will increase productivity, increase lifespan of machines through their upgradability, and reduce operational costs. In the consumer Internet infrastructure, the use of Software Defined Networks (SDN) is quickly changing the landscape of network operations and management. SDN places the intelligence in a (logically) centralized controller that connects to switches and routers using a standardized protocol, such as OpenFlow.
Network Functions Virtualization (NFV) takes a forward step from SDN by implementing entire network segments in software running on Virtual Machines. That can include middleboxes such as firewalls, NATs, load balancers, web caches as well as entire switches and routers. In the latest revision of OpenFlow specifications, 1.5 the use of TLS to secure the communication between switches and the controller is made optional. The reason for this are configuration difficulties that operators face to configure the certificates correctly. This is a worrisome trend especially if same technology will be applied in the industrial environment to control the machines. Therefore, it is important to study how current protocols used in industrial automation could be integrated with IP-based OpenFlow standard especially with industrial real-time and security requirements in mind.
We propose to design and prototype secure communication architecture based on Virtual Private LAN Service (VPLS) to secure controller connectivity and provide advanced networking capabilities such as multihoming for resilience, mobility for network-on-the-move scenarios, resilience to DoS and other attacks.
Fifth generation (5G) telecommunication networks are in active research now, with soon starting standardization process and first deployments around 2018-20. The core part of 5G networks is expected to be based on SDN standards such as OpenFlow and provide direct interfaces to massive data storage and processing capabilities in CarrierClouds. Many network functions can be also virtualized in NFV approach and run on the cloud as well, without the need to employ expensive and inflexible custom hardware. It is expected that 5G will increase network capacity 1000 fold due to tighter cells, higher spectrum efficiency, and higher data rates. Advanced radio interfaces in Terahertz microwaves are being proposed, which offer extremely high data rates at the cost of low penetration and focusing requirements.
All these topics offer exciting research opportunities, especially in the context of Industrial Internet where data needs to be collected from thousands of sensors monitoring the production process or devices such as gas turbines. Utilizing commercial public 5G networks for that in addition to custom networking is likely to increase robustness and availability of service although it brings up additional security challenges. Furthermore, developing a network architecture which can create a logically centralized control point for core network and cognitive radio network appears important. Joint resource allocation, traffic shaping and prioritization would enable smooth service experience for a mobile user for possible WiFi-Cognitive network integration in 5G networks.
In this project, we aim to develop real-time integration architecture that can combine a variety of existing and new access technologies such as LTE-Radio access, WiFi and VLC communications. We have already implemented integration of different radio access technologies with an SDN core. Using the Floodlight OpenFlow controller, we integrated SDN core, OpenFlow WiFi and cognitive radio cells. From a security perspective the best assessed SDN architecture so far is OpenFlow for which already a number of security issues has been identified and categorized and proper countermeasures planned. Our study will move from these and validate which will be applicable to our hybrid context and which will require ad-hoc actions.
The ownership of data produced by sensors imbedded to products is an important aspect of Industrial Internet architecture that needs addressing. From the customer’s point of view, they should be in full control of the equipment they purchased for their production environment. However, the equipment supplier may want to retain data ownership produced by machines to be able to sell additional services, such as maintenance, and prevent the customer to purchase third party services. This is especially likely if the machines are not sold but leased according to a service contract. In healthcare, we often observe examples that the patients are not considered owners of their medical records and in some cases are even denied access to data, for instance from Implanted Cardio Defibrillators.
When multiple entities have access to the same set of sensor data, questions of liability and non-disclosure to third parties arise. Such production sensor data can be sensitive and could be disclosed to competitors deliberately or as a result of hacking attacks. Therefore, it is important to attribute the sensor data to a particular user. Digital water marking had been proposed as a way to mark sensor data individually for each user. Such marking should not affect decisions made by data analytical algorithms but should be retainable even when data is aggregated, samples or transformed during processing. Therefore, developing such watermarking algorithms and their evaluation on industrial data sets appears a promising research area.
Ethernet based VPLS networks gained enormous popularity in industrial enterprise networks as an ideal, high speed and lost cost virtualization techniques. Initially, VPLS interconnects the premises-wide SCADA (Supervisory Control and Data Acquisition) and process control devices by using the shared networks such as Wi-Fi networks. However, VPLS are now used to interconnect geographically distributed customer sites over wide area networks such as Internet. VPLS is a transparent, protocol-independent, multipoint solution to interconnect remote locations over IP (Internet Protocol) or MPLS (Multiprotocol Label Switching) based provider networks. In operation, VPLS offers the same connectivity experienced for all the customer devices as they are attached to the same Ethernet switch regardless of their locations. Moreover, VPLS auto-discovery and service provisioning functions simplify the addition of new sites without interrupting the connectivity for existing sites. Therefore, VPLS is becoming attractive for many Enterprise applications such as DCI (data center interconnect), voice over IP (VoIP) and videoconferencing services.
The popularity of VPLS networks in new applications is creating new requirements such as high security, enhanced scalability, optimal utilization of network resources and low operational cost. Although the existing secure VPLS architectures are able to provide a sufﬁcient level of security, they are suffering from limitations such as limited scalability, over utilization of network resources and high operational cost, mainly due to the complex and static tunnel establishment procedures. Secure VPLS architectures require to establish a full mesh of IPsec tunnels between the connected customer sites. As a result, the number of IPsec tunnels is exponentially increasing with the number of Provider Edges (PEs). This is called “N-square scalability problem”. It increases the tunnel management overhead and the cost of service providers. On the other hand, every PE has to establish and maintain at least N − 1 IPsec tunnels to securely communicate with other PEs in the network (N is the number of PEs in VPLS network).
In this project, we propose a novel SDN based VPLS architecture to overcome tunnel management limitations in legacy secure VPLS architectures. It utilizes OpenFlow switches as PEs and OpenFlow protocol to install ﬂow rules in each PE. VPLS tunnel management functions are managed by a centralized controller. We propose a dynamic tunnel management mechanism which estimates the tunnel duration based on real time network statistics provided by PEs. Therefore, the network controller can dynamically change the tunnel duration based on real-time network statistics.
The research is carried out within Division for Database and Information Techniques (ADIT), The Security and Networks Group, at Linköping University. Cooperation is performed with Associate professor Niklas Carlsson and with LiU/ITN researchers Valentin and Tatiana Polishchuk.
Industrial collaboration on Security of Data Communication in Aviation was performed with Swedish Civil Aviation Authority (LFV), Billy Josefsson, Manager Automation & Human Performance, Research & Innovation. The study resulted in a joint paper of Pilot Data Link Security and industrial PhD project application.
Another industrial connection is Ericsson Kista in Sweden and NomadicLab in Finland. Contact persons include head of standardization Gonzalo Comarillo (Kista), researchers Mika Komu, Jan Melen, Jouni Mäenpää (NomadicLab Jorvas). The PI collaborated for over a decade with Ericsson in the past.
The project was accepted by the CENIIT board and started in January 2017. Research assistant Nikita Korzhitskii worked in the project in summer 2017, now employed by WASP. The project poster was presented at the CENIIT seminar in May 2017.
During summer 2018, student Jonathan Branting worked as an assistant in the project, helping with security labs development. A research infrastructure for networking experiments has been created with help of own IPv4 and IPv6 subnets, and a powerful VMware server for computational and network capabilities.
The main results are so far obtained in the following areas:
5G security development. Analyzing threat landscape and design options for 5G security architecture [2,8,9].
Identifying Internet-exposed vulnerable Industrial IoT devices. Using Shodan tool to find SCADA and IoT devices . Developing mitigation techniques for increased resilience [1,5,6].
Virtual Private LANs Services. P2P protocols for scalability and resilience . A case study for industrial partner LFV .
Development of HIP and SDN protocols. Collaborative HIP , deployment strategies , resilience to man-in-the-middle attacks , smart metering security , mobile IoT relay .
The project contributed to the following publications:
1. Hasan, D. Lagutin, A. Lukyanenko, A. Gurtov, A. Yla-Jaaski, CIDOR: Content Distribution and Retrieval in Disaster Networks for Public Protection, in Proc. of the Fourth International Workshop on Emergency Networks for Public Protection and Disaster Relief, 2017
2. I. Ahmad, T. Kumar, M. Liyanage, J Okwuibe, M. Ylianttila, A. Gurtov, 5G Security: Analysis of Threats and Solutions, in Proc. of IEEE CSCN'17, September 2017.
3. P. Porambage, A. Braeken, P. Kumar, A. Gurtov and M. Ylianttila, CHIP: Collaborative Host Identity Protocol with Efficient Key Establishment for Constrained Devices in Internet of Things, Wireless Personal Communications, 2017.
4. I. Ahmad, M. Liyanage, M. Ylianttila, A. Gurtov, Analysis of Deployment Challenges of Host Identity Protocol, in Proc. of EuCNC'2017, 2017.
5. A. Fuchs, A. Stulman, A. Gurtov, Hardening Opportunistic HIP, in ACM MSWiM'17, 2017.
6. P. Kumar, A. Gurtov, M. Sain, A. Martin, P. Hoai, Lightweight Authentication and Key Agreement for Smart Metering in Smart Energy Networks, to appear in IEEE Transactions on Smart Grids, 2018.
7. A. Gurtov, T. Polishchuk and M. Wernberg, Controller-Pilot Data Link Communication Security, MDPI Sensors 2018, 18(5), 1636.
8. M. Liyanage, I. Ahmad, A. Abro, A. Gurtov, M. Ylianttila (eds). A comprehensive Guide to 5G Security, Wiley&Sons, ISBN 9781119293040, March 2018.
9. I. Ahmad, T. Kumar, M. Liyanage, J. Okwuibe, M. Ylianttila, A. Gurtov, Overview of 5G Security Challenges and Solutions. IEEE Communications Standards Magazine 2(1): 36-43 (2018)
10. A. Gurtov, J. Koskela, D. Korzun. Cyclic ranking in single-resource peer-to-peer exchange. Peer-to-Peer Networking and Applications 11(3): 632-643 (2018)
11. M. Manzoor, P. Porambage, M. Liyanage, M. Yliantila, A. Gurtov, DEMO: Mobile Relay Architecture for Low-Power IoT Devices, in Proc. of IEEE WoWMoM, 2018.
12. A. Hansson, M. Khodari, A. Gurtov, Analyzing Internet-Connected Industrial Equipment, in Proc. of ICSigSys'18, IEEE, 2018.