Continuous Field Sensor Authentication and Process Integrity Assurance Mechanisms in Critical National Infrastructures
The growing modernization of traditional Industrial Cyber-Physical Systems (ICPSs) has increased the probability and effectiveness of cyber attacks by integrating modern communication technologies that expose security vulnerabilities like lack of access control policies to adversaries. The exponential growth of cyber attacks has caught the attention of stakeholders that have proposed cybersecurity initiatives to protect ICPSs. ICPSs are part of the Critical National Infrastructures (CNIs) supporting the society's sustainability and national security. The cybersecurity initiatives aiming to address cyber attacks proposed by stakeholders must continuously authenticate constrained devices. Operational thresholds and process integrity assurance must also be maintained. A centralized ICPS consists of constrained devices and legacy communication protocols that lack robust state-of-art crypto solutions. The lack of robust security standards in an ICPS enables security vulnerabilities like broken authentication, lack of integrity checks, and single point of failure attacks that adversaries can exploit to compromise the operational hours through breaches of process data and prolonged outages. Therefore, a robust provenance platform that ensures continuous device authentication and system process integrity through overhead-aware, lightweight, and non-intrusive mechanisms is of highest need which is the primary focus in this dissertation. Standard cryptographic solutions, such as public-key cryptography and cryptographic hashing functions, are unsuitable for the resource-constrained field sensors in traditional ICPSs. Thus, a lightweight mechanism is needed to ensure continuous authentication while achieving system process integrity assurance. Considering the unique pull-push-based operational models of traditional ICPSs, this thesis integrates Physical Unclonable Functions (PUFs) into the ICPS ecosystem. PUFs are hardware security mechanisms providing resilient continuous authentication by deriving unique and unclonable fingerprints from the physical characteristics of integrated circuits. PUFs also address core security vulnerabilities, such as a lack of authentication and integrity assurance. This thesis also addresses the single point of failure risks commonly found at a centralized ICPS. Traditional ICPSs follow a hierarchical architecture that adversaries can exploit to impact the operational hours of ICPSs through Denial-of-Service (DoS) attacks. In general, DoS attacks impact the operational hours of single essential devices like the master controller. The collaboration of multiple ICPSs can reduce the probability of cyber attacks. Thus, this thesis integrates a large and multi-site decentralized platform for achieving access control and accountability, thus introducing state-of-art decentralized practice security monitoring solutions to ICPSs. We also implement a novel High-Fidelity Testbed (HFT) to provide prototyping capability to address the rapid growth of cyber attacks on traditional ICPSs. Stakeholders require experimental HFTs that can provide flexible, mobile, and scalable capabilities in a highly evolving ecosystem. The HFT's flexibility can also be leveraged to evaluate novel cyber attack solutions. Using state-of-art technologies, we develop automated plug-and-play capabilities that integrate next-gen hardware to assess and compare the operational performance of devices. We evaluate the efficiency of state-of-art devices and approaches for preventing standard cyber attacks, such as identity spoofing and false sequential attacks. This dissertation analyzes the performance, efficiency, and security attributes of integrating distributed ledger platforms and suitable lightweight crypto solutions in traditional ICPS ecosystems. In general, three essential research objectives are addressed: (1) robust sensor continuous identity management that eliminates rogue devices from ICPS networks, thus ensuring the trustworthiness of field devices; (2) scalable system process integrity assurance that prevents malicious runtime behaviors from adversaries; and (3) prototyping development and evaluation of decentralized ICPS architecture to provide detailed performance insights in high-fidelity scenarios.
Gomez Rivera, Abel Osvaldo, "Continuous Field Sensor Authentication and Process Integrity Assurance Mechanisms in Critical National Infrastructures" (2022). ETD Collection for University of Texas, El Paso. AAI29324744.