Author: |
林靖倫 Jing-Lun Lin |
---|---|
Thesis Title: |
在工業控制系統環境下, 基於線性反饋移位暫存器之加密機制設計 On the Design of Linear Feedback Shift Register Based Encryption Scheme for Industrial Control System |
Advisor: |
羅乃維
Nai-Wei Lo |
Committee: |
賴源正
Yuan-Cheng Lai 林伯慎 Bor-Shen Lin |
Degree: |
碩士 Master |
Department: |
管理學院 - 資訊管理系 Department of Information Management |
Thesis Publication Year: | 2019 |
Graduation Academic Year: | 107 |
Language: | 英文 |
Pages: | 46 |
Keywords (in Chinese): | 網路實體系統 、工業控制系統 、對稱式加密 、線性反饋移位暫存器 、線性同餘法 |
Keywords (in other languages): | Cyber Physical Systems, Industrial Control Systems, Symmetric-Key Encryption, Linear Feedback Shift Register, Linear Congruential Generator |
Reference times: | Clicks: 709 Downloads: 7 |
Share: |
School Collection Retrieve National Library Collection Retrieve Error Report |
隨著工業4.0的蓬勃發展,為了能夠提升作業效率、改善產品品質與降低成本的考量,近年來製造業接二連三地從傳統製造轉型為智慧製造,將網路實體系統(Cyber-Physical System, CPS)導入工業控制系統(Industrial Control System),藉由CPS的資訊技術(IT)和操作技術(OT)來做到即時監控、互操作性和虛擬化等功能。然而,除了享受CPS所帶來的便利與利益,其潛在威脅和漏洞也帶入了工業控制系統,因為CPS的特性導致工業控制系統與外部網路或系統之間隔絕的程度愈來愈低,使其所面臨的網路安全風險迅速升高,如竊聽、竄改與病毒感染等攻擊。因此我們設計出了一種基於線性反饋移位暫存器之加密機制,透過動態產生對稱式金鑰來加密每一筆資料,以保護工業控制系統內部資料傳輸過程。經由模擬實驗結果,所提出的加密機制每秒約可加密2 MB大小的資料,因此能夠適用於工業控制系統的硬體設備。除此之外,我們針對提出的加密機制進行安全性分析,提出的加密機制是可防止駭客竊聽以及中間人攻擊。
With the rapid growth of Industry 4.0, the manufacturing industries apply cyber-physical systems (CPS) to their industrial control system (ICS) to improve the efficiency of operations, product quality and reduce costs. By the information technology and operational technology of CPS to achieve real-time monitoring, interoperability, and virtualization. However, unless the convenience and benefits of CPS, the characteristics of CPS lead to the isolation between the industrial control system and the external network or system be getting lower and lower, so the vulnerabilities and attacks are rising rapidly. Therefore, we propose a symmetric encryption scheme based on a linear feedback shift register to encrypt each data by dynamically generating the symmetric key to protect the internal data transmission of the industrial control system. Through the simulation result, the proposed encryption scheme could encrypt 2MB per second approximately so it is capable to execute on device and equipment of industrial control systems. Furthermore, we do the security analysis against the proposed encryption scheme, it could prevent hacker eavesdropping and man-in-the-middle attacks.
[1] W. Wolf, “The Good News and the Bad News,” in Computer, vol. 40, no. 11, pp. 104-105, Nov. 2007.
[2] C. K. Keerthi, M. A. Jabbar and B. Seetharamulu, “Cyber Physical Systems(CPS):Security Issues, Challenges and Solutions,” 2017 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Coimbatore, 2017, pp. 1-4. doi: 10.1109/ICCIC.2017.8524312
[3] J. Giraldo, E. Sarkar, A. A. Cardenas, M. Maniatakos and M. Kantarcioglu, “Security and Privacy in Cyber-Physical Systems: A Survey of Surveys,” in IEEE Design & Test, vol. 34, no. 4, pp. 7-17, Aug. 2017. doi: 10.1109/MDAT.2017.2709310
[4] A. Humayed, J. Lin, F. Li and B. Luo, “Cyber-Physical Systems Security—A Survey,” IEEE INTERNET OF THINGS JOURNAL, vol. 4, no. 6, pp. 1802-1831, 2017.
[5] Cyber Security for Industrial Control Systems: A New Approach. Darktrace, 2017.
[6] S. McLaughlin et al., “The Cybersecurity Landscape in Industrial Control Systems,” Proceedings of the IEEE, vol. 104, no. 5, pp. 1039-1057, May 2016.
[7] M. Sahithi, B. MuraliKrishna, M. Jyothi, K. Purnima, A. Jhansi Rani and N. Naga Sudha, “Implementation of Random Number Generator Using LFSR for High Secured Multi Purpose Applications,” International Journal of Computer Science and Information Technologies, vol. 3, pp. 3287-3290, 2012.
[8] C. Lin, S. Wu and M. Lee, “Cyber attack and defense on industry control systems,” 2017 IEEE Conference on Dependable and Secure Computing, Taipei, 2017, pp. 524-526. doi: 10.1109/DESEC.2017.8073874
[9] J. Giraldo, E. Sarkar, A. A. Cardenas, M. Maniatakos and M. Kantarcioglu, “Security and Privacy in Cyber-Physical Systems: A Survey of Surveys,” IEEE Design & Test, vol. 34, no. 4, pp. 7-17, Aug. 2017.
[10] D. J. Gaushell and H. T. Darlington, “Supervisory control and data acquisition,” Proceedings of the IEEE, vol. 75, no. 12, pp. 1645-1658, Dec. 1987.
[11] M. A. Laughton, D. J. Warne (ed), Electrical Engineer's Reference book, 16th edition,Newnes, 2003 Chapter 16 Programmable Controller
[12] R. D'Andrea and G. E. Dullerud, “Distributed control design for spatially interconnected systems,” IEEE Transactions on Automatic Control, vol. 48, no. 9, pp. 1478-1495, Sept. 2003. doi: 10.1109/TAC.2003.816954.
[13] H. Meyer, F. Fuchs and K. Thiel, Manufacturing Execution Systems (MES): Optimal Design, Planning, and Deployment. McGraw-Hill Education, 2009.
[14] “More than 40% of ICS computers were attacked in H1 2018”, Kaspersky, 2018. [Online]. Available:https://www.kaspersky.com/about/press-releases/2018_ics-computers-attacked-in-h1
[15] Antiy Labs, “Report on the Worm Stuxnet’s Attack,” Antiy CERT, October, 2010.
[16] Germany’s Federal Office for Information Security (BSI)”,The State of IT Security in Germany 2014,” [Online]. Accessed on June 2019 Available: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Securitysituation/IT-Security-Situation-in-Germany-2014.pdf?__blob=publicationFile&v=3
[17] “Repository of Industrial Security Incidents (RISI) Online Incident Database,” https://www.risidata.com/Database
[18] MODBUS Messaging on TCP/IP Implementation Guide, 1st ed. Modbus-IDA, 2006.
[19] S. Mazumdar and T. Som, “Data Encryption with Linear Feedback Shift Register,” International Journal of Scientific & Engineering Research, vol. 3, no. 6, 2012.
[20] H. Delfs and H. Knebl, Introduction to Cryptography:Principles and Applications, 2nd ed. Springer, 2007.
[21] P. Mahajan and A. Sachdeva, “A Study of Encryption Algorithms AES, DES and RSA for Security,” Global Journal of Computer Science and Technology Network, Web & Security, vol. 13, no. 15, 2013.
[22] “About NIST”, NIST, 2015. [Online]. Accessed on June 2019, Available: https://www.nist.gov/about-nist.
[23] Milind Mathur.and Ayush Kesarwani “Comparison Between DES , 3DES ,RC2 , RC6 , BLOWFISH And AES,” Proceedings of National Conference on New Horizons, university of Oklahoma, , ISBN 978-93-82338- 79-6,2013
[24] Joan Daemen , Vincent Rijmen “ADVANCED ENCRYPTION STANDARD (AES),” FIPS PUB November 26, 2001.
[25] K. Bhattacharjee, K. Maity and S. Dasa, “A Search for Good Pseudo-random Number Generators: Survey and Empirical Studies,” 2018. Available: https://arxiv.org/abs/1811.04035v1.
[26] D. Knuth, Art of Computer Programming, Volume 2: Seminumerical Algorithms, 3rd ed. Addison-Wesley Professional, 1997.
[27] C.-C Li and B. Sun, “Using Linear Congruential Generators for Cryptographic Purposes,” 20th International Conference on Computers and Their Applications, New Orleans, LA, March, 2005
[28] A. Partow, “Primitive Polynomial List”, Partow.net. [Online]. Accessed on June 2019 Available: https://www.partow.net/programming/polynomials/index.html.
[29] Rohner, P. (1996). Automation with Programmable Logic Controllers, UNSW Press
[30] O. Emmanuel, “Microcontroller vs PLC: A Detailed Comparison”, [Online]. Accessed on: January 2018, Available: https://circuitdigest.com/article/microcontroller-vs-plc-detailed-comparison-and-difference-between-plc-and-microcontroller
[31] A. Rongala, “Benefits of C / C++ over Other Programming Languages - Invensis Technologies”, Invensis Technologies, 2015. [Online]. Accessed on June 2019 Available:https://www.invensis.net/blog/it/benefits-of-c-c-plus-plus-over-other-programming-languages/
[32] E. Parr, Programmable Controllers: An Engineer's Guide. Elsevier, 2014, pp. 38-39.
[33] Jawahar Thakur and Nagesh Kumar, “DES, AES and Blowfish: Symmetric Key Cryptography Algorithms Simulation Based Performance Analysis,” International Journal of Emerging Technology and Advanced Engineering, ISSN 2250-2459, Volume 1, Issue 2, December 2011.