Paper 2024/1386
Problems and New Approaches for Crypto-Agility in Operational Technology
Abstract
In recent years, cybersecurity has also become relevant for Operational Technology (OT). Critical systems like industrial automation systems or transportation systems are faced with new threats, and therefore require the implementation of thorough security measures. Regulations further mandate the deployment and regular verification of these security measures. However, OT systems differ from well-known systems of classic Information Technology (IT), such as mission times spanning decades, infrequent updates only during on-site maintenance, or diverse devices with varying support for security measures. The growing field of crypto-agility examines approaches to integrate security measures in an agile and flexible way, making updates easier and, therefore, encouraging a more frequent deployment of them. This paper contributes to this research field in the context of secure communication in two ways. We first examine the current state of crypto-agility by providing an overview of existing measures for OT systems. Then, we propose a new architecture concept with different deployment approaches to integrate security measures in a crypto-agile way. Based on a security library with a generic interface and a flexible proxy application, our architecture is capable of securing both new OT systems and existing ones via retrofit.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. 12th European Congress Embedded Real Time Systems - ERTS 2024
- Keywords
- SecurityCrypto-AgilityAutomationSCADAReal TimeCommunication SystemsProxyGatewayRetrofitICS
- Contact author(s)
-
tobias frauenschlaeger @ oth-regensburg de
juergen mottok @ oth-regensburg de - History
- 2024-09-06: revised
- 2024-09-04: received
- See all versions
- Short URL
- https://ia.cr/2024/1386
- License
-
CC0
BibTeX
@misc{cryptoeprint:2024/1386, author = {Tobias Frauenschläger and Jürgen Mottok}, title = {Problems and New Approaches for Crypto-Agility in Operational Technology}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1386}, year = {2024}, url = {https://eprint.iacr.org/2024/1386} }