Caching-based Multicast Message Authentication in Time-critical Industrial Control Systems

Utku Tefek, Ertem Esiner, Daisuke Mashima, Binbin Chen, Yih Chun Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Attacks against industrial control systems (ICSs) often exploit the insufficiency of authentication mechanisms. Verifying whether the received messages are intact and issued by legitimate sources can prevent malicious data/command injection by illegitimate or compromised devices. However, the key challenge is to introduce message authentication for various ICS communication models, including multicast or broadcast, with a messaging rate that can be as high as thousands of messages per second, within very stringent latency constraints. For example, certain commands for protection in smart grids must be delivered within 2 milliseconds, ruling out public-key cryptography. This paper proposes two lightweight message authentication schemes, named CMA and its multicast variant CMMA, that perform precomputation and caching to authenticate future messages. With minimal precomputation and communication overhead, C(M)MA eliminates all cryptographic operations for the source after the message is given, and all expensive cryptographic operations for the destinations after the message is received. C(M)MA considers the urgency profile (or likelihood) of a set of future messages for even faster verification of the most time-critical (or likely) messages. We demonstrate the feasibility of C(M)MA in an ICS setting based on a substation automation system in smart grids.

Original languageEnglish (US)
Title of host publicationINFOCOM 2022 - IEEE Conference on Computer Communications
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1039-1048
Number of pages10
ISBN (Electronic)9781665458221
DOIs
StatePublished - 2022
Event41st IEEE Conference on Computer Communications, INFOCOM 2022 - Virtual, Online, United Kingdom
Duration: May 2 2022May 5 2022

Publication series

NameProceedings - IEEE INFOCOM
Volume2022-May
ISSN (Print)0743-166X

Conference

Conference41st IEEE Conference on Computer Communications, INFOCOM 2022
Country/TerritoryUnited Kingdom
CityVirtual, Online
Period5/2/225/5/22

Keywords

  • IEC 61850
  • industrial control system
  • message authentication
  • multicast

ASJC Scopus subject areas

  • General Computer Science
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Caching-based Multicast Message Authentication in Time-critical Industrial Control Systems'. Together they form a unique fingerprint.

Cite this