A key technology for the communication in the Industrial Internet of Things (IIoT) is the Open Platform Communications Unified Architecture (OPC UA). OPC UA is a standard that enables interoperable, secure, and reliable communication between industrial devices. To defend against cyber attacks, OPC UA has built-in security mechanisms that protect the authenticity, integrity, and confidentiality of data in transit. Before communicating securely, it is essential that OPC UA devices are set up in a secure manner. This process is referred to as secure provisioning. An improper provisioning can lead to weak or insecure OPC UA deployments that enable adversaries to eavesdrop or even manipulate communication between industrial devices. Such insecure deployments can also be maliciously provoked by adversaries who tamper with insecure provisioning solutions. Despite secure provisioning is essential for OPC UA security and usability, there is no overview or analysis on the patchwork of different provisioning solutions in industry and academia. This article presents the first investigation of secure device provisioning solutions for the OPC UA communication protocol. First, desired objectives and evaluation criteria for secure provisioning of OPC UA devices are defined. Next, existing and emerging OPC UA provisioning solutions are analyzed and compared based on the elaborated objectives and criteria. Additionally, an outlook into the future of OPC UA provisioning is given, based on solutions from the IoT domain. Finally, the analyzed OPC UA secure provisioning solutions are compared, recommendations are given, and research gaps are identified. It is shown that contemporary provisioning solutions offer an insufficient level of security. Emerging and future solutions provide much higher security guarantees but impose a tradeoff between usability and requirements on devices and infrastructures.
For several decades production systems were considered as closed and decoupled units, where information and network security has not been an issue. This is changing rapidly, since in the age of smart factories, production systems and office IT are growing together so as to transform entire value chains into interconnected distributed systems. By this means, production systems inherit the security challenges of office IT networks connected over the Internet. Therefore and as they tend to be operated for a much longer period of time, a prospective design of security mechanisms is mandatory. For some time, the design process of production systems gets modernised by the Automation Markup Language (AutomationML, IEC 62714). AutomationML incorporates formats of all engineering phases of production systems, thus allowing engineers to model production systems on various levels of abstraction. The language also provides building blocks for modelling the network infrastructure, which are presented in the AutomationML Communication whitepaper. However, the level of detail that can be captured is currently not sufficient for modelling most network protocols and therefore any network security concept. Therefore, we propose an extension to the AutomationML Communication whitepaper and its best practice recommendations, which allows us to model networks according to the established ISO/OSI model. Using this extension we show that concepts like network separation can be modelled and validated.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.