Department of Computer Science, Centre for Industrial Analytics (CIndA), School of Computing and Engineering, University of Huddersfield, Queensgate, Huddersfield HD1 3DH, UK.
Department of Engineering and Technology, Centre for Planning, Autonomy and Representation of Knowledge (PARK), School of Computing and Engineering, University of Huddersfield, Queensgate, Huddersfield HD1 3DH, UK.
Sensors (Basel). 2020 Mar 31;20(7):1963. doi: 10.3390/s20071963.
The introduction of 5G communication capabilities presents additional challenges for the development of products and services that can fully exploit the opportunities offered by high bandwidth, low latency networking. This is particularly relevant to an emerging interest in the Industrial Internet of Things (IIoT), which is a foundation stone of recent technological revolutions such as Digital Manufacturing. A crucial aspect of this is to securely authenticate complex transactions between IIoT devices, whilst marshalling adversarial requests for system authorisation, without the need for a centralised authentication mechanism which cannot scale to the size needed. In this article we combine Physically Unclonable Function (PUF) hardware (using Field Programmable Gate Arrays-FPGAs), together with a multi-layer approach to cloud computing from the National Institute of Standards and Technology (NIST). Through this, we demonstrate an approach to facilitate the development of improved multi-layer authentication mechanisms. We extend prior work to utilise hardware security primitives for adversarial trojan detection, which is inspired by a biological approach to parameter analysis. This approach is an effective demonstration of attack prevention, both from internal and external adversaries. The security is further hardened through observation of the device parameters of connected IIoT equipment. We demonstrate that the proposed architecture can service a significantly high load of device authentication requests using a multi-layer architecture in an arbitrarily acceptable time of less than 1 second.
5G 通信功能的引入为开发能够充分利用高带宽、低延迟网络所带来的机会的产品和服务带来了额外的挑战。这对于工业物联网(IIoT)的新兴兴趣尤为重要,它是数字制造等最近技术革命的基石。其中一个关键方面是安全地验证 IIoT 设备之间的复杂事务,同时应对系统授权的敌对请求,而无需使用无法扩展到所需规模的集中式身份验证机制。在本文中,我们结合了物理不可克隆函数(PUF)硬件(使用现场可编程门阵列-FPGA),以及来自国家标准与技术研究院(NIST)的多层云计算方法。通过这种方式,我们展示了一种促进改进的多层身份验证机制开发的方法。我们扩展了先前的工作,利用硬件安全基元进行对抗性木马检测,这是受生物参数分析方法的启发。这种方法有效地展示了来自内部和外部攻击者的攻击预防。通过观察连接的 IIoT 设备的设备参数,进一步加强了安全性。我们证明,所提出的架构可以使用多层体系结构在任意可接受的 1 秒内服务于大量设备身份验证请求。
