Paper 2024/1386

Problems and New Approaches for Crypto-Agility in Operational Technology

Tobias Frauenschläger, OTH Regensburg
Jürgen Mottok, OTH Regensburg
Abstract

In recent years, cybersecurity has also become relevant for Operational Technology (OT). Critical systems like industrial automation systems or transportation systems are faced with new threats, and therefore require the implementation of thorough security measures. Regulations further mandate the deployment and regular verification of these security measures. However, OT systems differ from well-known systems of classic Information Technology (IT), such as mission times spanning decades, infrequent updates only during on-site maintenance, or diverse devices with varying support for security measures. The growing field of crypto-agility examines approaches to integrate security measures in an agile and flexible way, making updates easier and, therefore, encouraging a more frequent deployment of them. This paper contributes to this research field in the context of secure communication in two ways. We first examine the current state of crypto-agility by providing an overview of existing measures for OT systems. Then, we propose a new architecture concept with different deployment approaches to integrate security measures in a crypto-agile way. Based on a security library with a generic interface and a flexible proxy application, our architecture is capable of securing both new OT systems and existing ones via retrofit.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. 12th European Congress Embedded Real Time Systems - ERTS 2024
Keywords
SecurityCrypto-AgilityAutomationSCADAReal TimeCommunication SystemsProxyGatewayRetrofitICS
Contact author(s)
tobias frauenschlaeger @ oth-regensburg de
juergen mottok @ oth-regensburg de
History
2024-09-06: revised
2024-09-04: received
See all versions
Short URL
https://ia.cr/2024/1386
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2024/1386,
      author = {Tobias Frauenschläger and Jürgen Mottok},
      title = {Problems and New Approaches for Crypto-Agility in Operational Technology},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1386},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1386}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.