Cybersecurity

Overview

The industrial Internet of Things (IIoT) has played a crucial role as a key enabler for advanced smart manufacturing, where industrial devices can communicate and interact in real time. Despite these advancements, security, especially network security, remains a major challenge in developing and deploying smart manufacturing technologies. The current cybersecurity threats largely stem from the widespread use of industrial protocols that were not originally designed with security as a priority.

These protocols often lack essential features such as authentication mechanisms, data confidentiality safeguards, and data integrity checks. Among these threats, poor authentication is a primary concern for IIoT. With poor authentication practices, a skilled adversary could send false commands to the endpoints controlling manufacturing processes and cause critical failures leading to significant downtime and supply chain disruption, or even injury or loss of lives.

Currently, most lightweight authentication methods proposed in the literature rely on hardware-based device fingerprints and are limited to use on dedicated devices. Furthermore, as attacks evolve over time, these protocols become increasingly vulnerable and fail to ensure authentication.

Goal

To address these shortcomings, the goal of this research is to develop a lightweight mutual authentication protocol between a low-cost resource-constrained device and a resource-rich server that is resistant to various security attacks.

To effectively accomplish this goal:

1. The protocol must be lightweight and universal because devices involved are usually resource-constrained and diverse.
2. The protocols must defend against the latest but common attacks, i.e., fingerprint reuse attacks and fingerprint mimic attacks, which are not considered in prior authentication schemes.

Outcome

The outcomes from this subproject will pave the way for submitting additional collaborative proposals to funding agencies such as the National Science Foundation, the Department of Energy, the Department of Defense, and the National Institute of Standards and Technology. Furthermore, the expertise developed through this work will position us to pursue industry partnerships and contracts with leading companies in sectors such as manufacturing, energy, transportation, and healthcare, where robust cybersecurity solutions are critical. These collaborations can facilitate technology transfer, support the development of real-world applications, and create pathways for impactful interdisciplinary research that addresses the evolving cybersecurity challenges of modern manufacturing systems.