AGAINST OUTSIDE THREATS

Transcription

1 SECURING CONTROL NETWORKS AGAINST OUTSIDE THREATS MARK BUCKLAND MAY Echelon Corporation

2 IzoT PLATFORM PILLARS Full Monitoring and Control over IP Legacy Co-Existence and Evolution Industrial-strength Reliability Hardened Security

3 IzoT PLATFORM PILLARS Hardened Security

4 SECURITY FOR THE INDUSTRIAL INTERNET OF THINGS

5 KEY SECURITY CONCERNS Privacy Authentication/authorization Transport encryption Secure Web interface Cross-site scripting Poor session management Weak default credentials Secure firmware updates

6 KEY SECURITY GOALS End-to-end Transparent Integrated Balance Security and Convenience

7 360º SECURITY

8 LONTALK/IP PROTOCOL STACK SECURITY

9 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security

10 DUPLICATE TRANSACTION DETECTION Avoid double execution of commands Guarantee correct message acknowledgment For Repeated Acknowledged message service Receive transaction database msg content + source address + selector + service type + msg code + trans id LonTalk/IP Compatibility Mode and classic LON: 4- bit transaction ID LonTalk/IP Enhanced Mode: 16-bit transaction ID Integrated into LonTalk/IP protocol stack

11 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security

12 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security

13 AUTHENTICATION Necessary to avoid man-in-the-middle middle attacks Used to authenticate Control messages Most network management commands Firmware updates Integrated into ISO Protocol layers 4/5 Shared 48-bit or 96-bit authentication key 8-bytes random challenge Per-message authentication

14 AUTHENTICATION Sender ON Challenge Response ACK Receiver

15 IzoT SECURITY TODAY Authentication Duplicate Transaction Detection Security

16 IzoT SECURITY NEXT GENERATION LONTALK/IP ENHANCED SECURITY (ES) Authentication Duplicate Transaction Detection Encryption Security

17 ENCRYPTION LONTALK/IP ES Encryption for NV updates and application messages Network management messages Firmware uploads via the network End-end encryption Integrated into LonTalk/IP ES protocol stacks Application-specific BYOE (bring your own pp p ( g y encryption)

18 ENCRYPTION (AND AUTHENTICATION) LONTALK/IP ES NIST Suite B algorithms highest level for civilian use Interoperable with virtually all OS platforms ECC for asymmetric key encryption and authentication AES-GCM for symmetric encryption and authentication Record/playback attack resistance Multicast encryption and authentication Can be certified compliant to FIPS by NIST Can be verified by an independent security lab

19 THE SECURITY LIFE CYCLE 1/3 Step 1: LonTalk/IP ES chip or module is manufactured Manufacturer root key pair is used to sign each DAKP Each of 3 DAKPs are stored in the private OTP - Used for mutual authentication during the enrollment process which creates the DMAKP - Individual DAKPs can be deleted in the field if the DAKP itself or the root key pair are compromised. DAKP Device Asymmetric Key Pair OTP One Time Programmable memory DMAKP Domain Asymmetric Key Pair

20 THE SECURITY LIFE CYCLE 2/3 Step 2: LonTalk/IP ES chip or module is integrated into a product using one of 2 security policies Enrollment and DMAKP generation happens at system integration time - Device is vulnerable to tampering until system integration Enrollment and DMAKP generation happens at device manufacture time - Device is protected from the time it leaves the factory - System integrator will need the (private portion of the) DMAKP to use the device. This is communicated out of band

21 THE SECURITY LIFE CYCLE 3/3 Step 3: Devices get a common DSK for peer-to-peer secure communication from the TMC DAKP and DMAKP are used to generate a shared secret using the ECDH algorithm. The shared secret is used to authenticate and encrypt during the DSK propagation process. To meet the requirements of AES-GCM, the TMC will periodically need to change the DSK Same process as above is used to change the DSK DSK Device Symmetric Key TMC Trusted Management Console. The network manager for the security subsystem. Responsible for generation and management of the DMAKP, DSK and re-keying the DSK.

22 I ot INFRASTRUCTURE SECURITY IzoT INFRASTRUCTURE SECURITY NO MORE GATEWAYS

23 IP LEVEL SECURITY PAYLOAD System security is as week as its weakest link IP compression allows for encrypted payload to be untouched until destination End-end encryption from field device to remote server No gateways must be used IzoT platform natively supports IP wired and wireless links 6LowPAN for links IPv4 with compression for wired twisted pair links IPv4 for WiFi and Ethernett links Infrastructure devices must support secure WAN connectivity HTTPS and secure login Authenticated SOAP messages At least MD5 authentication

24 END-END ENCRYPTION IP over Ethernet IzoT Device on Eth /2/30 -/2/31 IzoT Device on Eth IzoT Router /1/23 -/1/25 IP over FT (compressed) -/2/30 -/2/31 IzoT Devices on FT

25 IzoT SECURITY SUMMARY Authentication and encryption engine Security primitives integrated in protocol stack End end encrypted End-end encrypted payload

26 Q&A

27 THANK YOU