Quality, Reliability, Security and Robustness in Heterogeneous Systems. 14th EAI International Conference, Qshine 2018, Ho Chi Minh City, Vietnam, December 3–4, 2018, Proceedings

Research Article

A Novel Security Framework for Industrial IoT Based on ISA 100.11a

  • @INPROCEEDINGS{10.1007/978-3-030-14413-5_5,
        author={Hyunjin Kim and Sungjin Kim and Sungmoon Kwon and Wooyeon Jo and Taeshik Shon},
        title={A Novel Security Framework for Industrial IoT Based on ISA 100.11a},
        proceedings={Quality, Reliability, Security and Robustness in Heterogeneous Systems. 14th EAI International Conference, Qshine 2018, Ho Chi Minh City, Vietnam, December 3--4, 2018, Proceedings},
        proceedings_a={QSHINE},
        year={2019},
        month={3},
        keywords={Industrial Control System (ICS) Industrial IoT (IIoT) ISA100.11a Security framework},
        doi={10.1007/978-3-030-14413-5_5}
    }
    
  • Hyunjin Kim
    Sungjin Kim
    Sungmoon Kwon
    Wooyeon Jo
    Taeshik Shon
    Year: 2019
    A Novel Security Framework for Industrial IoT Based on ISA 100.11a
    QSHINE
    Springer
    DOI: 10.1007/978-3-030-14413-5_5
Hyunjin Kim1,*, Sungjin Kim1,*, Sungmoon Kwon1,*, Wooyeon Jo1,*, Taeshik Shon1,*
  • 1: Ajou University
*Contact email: hyunjin.infosec@gmail.com, ksjskyblue@ajou.ac.kr, calmcombat@gmail.com, dndusdndus12@gmail.com, tsshon@ajou.ac.kr

Abstract

This paper proposes a security assurance technology of IoT devices using their relevant standard, focusing on ISA100.11a, one of the ICS wireless communication protocols. The proposed security assurance technology is divided broadly into communication test and security function assessment. In detail, the communication test is divided into baseline operation test, resource robustness testing, and packet manipulation testing. The security function assessment conducted with the devices that have passed communication testing is proposed differing the required items, divided by the components of ISA100.11a, such as a field device, backbone router, and host so that an assessment appropriate for the hardware specifications and roles of each component is achieved. In addition, the paper seeks to facilitate the implementation and application of the proposed security assurance technology by proposing concrete methods or criteria for communication testing and security function assessment. Finally, this paper attempts to verify the conformance of the proposed security assurance by testing the security assurance technology in a test-bed with a network environment where the standard ISA100.11a can work network environment.