At the network interface through which communications happen – depending on the device – there are often implementation of industrial protocols such as ModBus, IEC 61850, IEC 60870-5 104 protocol, OPC protocol – or general TCP/IP. Also, for processing elements in automotive CAN (Control Area Network), or Flexray, or in the UAV domain – UAV CAN. Some of these protocols have inherent vulnerabilities – especially industrial control protocols – as they are neither encrypted nor authenticated. These protocol shortcomings themselves expose us to MITM (Man-in-theMiddle) attacks, unauthenticated command execution, unauthenticated password recovery etc. Even those protocols which provide for encrypted payloads, and digital signatures, often either the protocol interaction has flaws in terms of security – for example – famous Needham Schroder protocol flaw. Also, timing signals for synchronization often plays important role in CPS system coordination, and alignment of sensor data per time point. GPS, Rigbee and other timing signal protocols often have vulnerabilities such as GPS spoofing, jamming, and other attacks. As a result, to secure CPS – one has to work towards better protocol definition, secure implementation, detection of on-going attempts to compromise, and response mechanisms – all are important component of secure and Resilient CPS design.
Major issues to tackle at this layer are:
i. Protocol Vulnerability Studies
ii. Light-weight cryptography for Real-Time Protocols
iii. Security of Industrial Protocol Implementations
iv. Vulnerability and Penetration Testing for Finding Protocol Implementation Vulnerabilities
v. Secure Network Architecture for CPS
vi. Surveillance of Network Traffic
vii. Timing and Location Signal Security – Spoofing, Jamming
viii. TCP/IP Security, DNS Security, BGP Security etc.
ix. Perimeter defence mechanism
x. Network based Intrusion Detection