On Pre-deployment Assessment and Security Bootstrapping of Industrial Communication Networks

Abstract: The severity of cyber threats towards existing and future industrial systems has resulted in an increase of security awareness in the industrial automation domain. Compared to traditional information systems, industrial communication systems have different performance and reliability requirements. The safety and availability requirements can also sometimes conflict with the system security design of plants. For instance, it is not acceptable to create a secure system that may take up additional time to establish security and as a consequence disrupt the production in plants. Similarly, a system that requires authentication and authorization procedures before an emergency action may not be suitable in industrial plants. On the other hand, lack of security can hamper safety of a plant. Therefore, there is a need for improvement of the security workflow in industrial plants, so that the practical realization of security can be achieved. This includes secure device deployment and secure data communication inside the industrial plants. Furthermore, the industrial plant networks are heterogeneous in terms of hardware, software, and protocols. This complicates security assessment of industrial networks. In this thesis, the focus is on achieving a secured communication infrastructure for heterogeneous industrial networks. The initial trust establishment is the starting point for enabling a secure communication infrastructure. A framework for the initial trust establishment for industrial devices that can support key management using the existing trust of employees in a plant is proposed. With the help of a proof-of-concept implementation and security analysis, it is shown that the proposed framework is feasible to implement and satisfies the security objectives. After establishing initial trust within industrial devices, assessing heterogeneous security properties based on the network architecture is another focus of this thesis. A model to estimate the security assurance of nodes in a heterogeneous network, where all devices are not having the same level of security mechanisms, is given. Along with cyber security requirements of industrial plants, it is also necessary to consider other important requirements of plants in terms of network performance. In this thesis, identification of an optimized path between two systems in a heterogeneous network in terms of the network performance and the network security is explored. The applicability of this balancing approach has been demonstrated in a specific case of smart grid application where security, network capacity and reachability need to be optimal for successful network operation.