Investigation of a Novel Approach to Securing Data Exchanges Within Industrial Environments
The paper examines a novel and robust approach for safeguarding Industrial Control Systems (ICSs) from cyberattacks. The derived method, named the Symmetric Analog Licence Transfer (SALT) Method, combines analog, on-the-wire signal transfer with symmetric key data encryption. Analog exchanges, commo...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10942375/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The paper examines a novel and robust approach for safeguarding Industrial Control Systems (ICSs) from cyberattacks. The derived method, named the Symmetric Analog Licence Transfer (SALT) Method, combines analog, on-the-wire signal transfer with symmetric key data encryption. Analog exchanges, commonly used in the industry among various types of Programmable Logic Controllers (PLCs) and other equipment, are difficult to intercept and interpret, both over the Internet and on-site, hence are suitable for periodic and secure randomly generated key transfers. Once exchanged securely, the keys can be used for symmetric data encryption. The method has been built to address some of the key challenges the OT community faces in ICS cybersecurity. These challenges, which often hinder the implementation of effective cyber defences, include the inherent complexity of ICSs, financial constraints, and a general reluctance within OT to adopt new technologies in operational environments. Moreover, existing solutions often require complex modifications to communication protocols and costly external protection mechanisms or devices, causing even highly effective cyber defence solutions to be easily overlooked by the OT community. As a result, vulnerabilities in data exchange protocols can expose unencrypted process data to malicious cyber activities. The proposed method is designed to be affordable, scalable, adaptable, backward compatible, and straightforward to maintain. It can be implemented alongside existing process codes and functionalities across various ICS devices, requiring no major protocol modifications or specific ICS equipment. Deployment, modification, and maintenance operations are carried out within the ICS software tools (simple drag-and-drop action), making the method highly accessible and intuitive for OT engineers. The ease of use, robustness, and, as demonstrated through experiments, high effectiveness against plaintext-altering cyberattacks make the SALT method an interesting and viable novel approach for ICS protection against cyber threats. |
|---|---|
| ISSN: | 2169-3536 |