Enhancing Security for Legacy Factory Machines: A Continuous Key Renewal Algorithm for Securing Group of Machines

作     者：Nicolas Ferry Paul-Eric Dossou Gabriel Ihowa Gaspard Laouenan Nicolas Ferry;Paul-Eric Dossou;Gabriel Ihowa;Gaspard Laouenan

作者机构：Icam Nantes Carquefou France Icam Grand Paris Sud Carré Sénart Lieusaint France IFSTTAR/AME/SPLOTT Université Gustave Eiffel Marne-la-Vallée France 

出 版 物：《Journal of Software Engineering and Applications》 (软件工程与应用（英文）)

年 卷 期：2023年第16卷第12期

页      面：714-743页

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Sustainable Industries Cybersecurity Networks Protocols Side-Channel Analysis 

摘      要：Companies are generally focused on how to improve their global performance. Concepts, methods and tools are regularly used to transform them. Key performance indicators are used to measure how performance is increased. Industry 4.0 concepts and sustainability expectations actually contribute to this performance improvement. Indeed, cybersecurity as one of these concepts is required to increase the company performance. Even if it is well-known and applied in companies through the protection of their information systems, progress is expected in research on how to ensure the security of data and factory processes in the manufacturing, as the number of cyberattacks towards industries is growing these last few years. This paper aims to increase the company performance and sustainability to enforce factory machines protection by creating private security network groups. But currently, most of the Programmable Logic Controller PLC protocols have not been securely designed. Thus, the creation of secure groups of machines by combining strong authentication, strong or lightweight ciphering, and data stream integrity is proposed. The security is enforced by a continuous key’s renewal algorithm. An experiment on an industry’s architecture has been led to validate the concepts of the proposition. The study is compared to existing OPC-UA and MACsec standards in terms of drawbacks and advantages. This work could be implemented in hardware for further performance improvement.