Busca avançada
Ano de início
Entree


A Secure IIoT Gateway Architecture based on Trusted Execution Environments

Texto completo
Autor(es):
Froehlich, Antonio Augusto ; Horstmann, Leonardo Passig ; Hoffmann, Jose Luis Conradi
Número total de Autores: 3
Tipo de documento: Artigo Científico
Fonte: Journal of Network and Systems Management; v. 31, n. 2, p. 30-pg., 2023-04-01.
Resumo

Industrial Internet of Things (IIoT) gateways are affected by many cybersecurity threats, compromising their security and dependability. These gateways usually represent single points of failure on the IIoT infrastructure. When compromised, they can disrupt the entire system, including the security of the IIoT devices and the confidentiality and privacy of the data. This paper introduces a Secure IIoT Gateway Architecture that encompasses Trusted Execution Environment concepts and consolidated security algorithms to achieve a secure IIoT environment. Sensitive procedures of the IIoT, like device admission, bootstrapping, key management, authentication, and data exchange among operational technology (OT) and information technology (IT) are handled by the gateway inside the secure execution domain. The bootstrapping does not require devices to have any pre-stored secret or a pre-established secure channel to any trusted third party. Moreover, our architecture includes mechanisms for IIoT devices to safely interact with the Cloud without assuming the integrity of the gateways between them, enabling continuous verification of gateway integrity. A formal proof of the proposed solution security is provided. Finally, the security of the proposed architecture is discussed according to the specified requirements. (AU)

Processo FAPESP: 21/02384-7 - Desenvolvimento de um protocolo de verificação de integridade e implementação Gateway IIoT baseado em Ambiente de Execução Segura (TEE)
Beneficiário:José Luis Conradi Hoffmann
Modalidade de apoio: Bolsas no Brasil - Programa Capacitação - Treinamento Técnico
Processo FAPESP: 20/05142-1 - Gateway seguro para a internet das coisas industriais
Beneficiário:Antônio Augusto Medeiros Fröhlich
Modalidade de apoio: Auxílio à Pesquisa - Parceria para Inovação Tecnológica - PITE
Processo FAPESP: 21/02385-3 - Uso de Machine Learning e monitoramento de performance para verificação de integridade em Gateways IIoT
Beneficiário:Leonardo Passig Horstmann
Modalidade de apoio: Bolsas no Brasil - Programa Capacitação - Treinamento Técnico