DOI QR코드

DOI QR Code

A Survey on Security Issues of M2M Communications in Cyber-Physical Systems

  • Chen, Dong (School of Information Science and Engineering, Northeastern University) ;
  • Chang, Guiran (Computing Center, Northeastern University)
  • Received : 2011.08.31
  • Accepted : 2012.01.12
  • Published : 2012.01.30

Abstract

In this paper, we present a survey of security and privacy preserving issues in M2M communications in Cyber-Physical Systems. First, we discuss the security challenges in M2M communications in wireless networks of Cyber-Physical Systems and outline the constraints, attack issues, and a set of challenges that need to be addressed for building secure Cyber-Physical Systems. Then, a secure architecture suitable for Cyber-Physical Systems is proposed to cope with these security issues. Eventually, the corresponding countermeasures to the security issues are discussed from four aspects: access control, intrusion detection, authentication and privacy preserving, respectively. Along the way we highlight the advantages and disadvantages of various existing security schemes and further compare and evaluate these schemes from each of these four aspects. We also point out the open research issues in each subarea and conclude with possible future research directions on security in Cyber-Physical Systems. It is believed that once these challenges are surmounted, applications with intrinsic security considerations will become immediately realizable.

Keywords

References

  1. W. Wolf, "Cyber-physical system," Computer, vol. 42, no. 43, pp. 88-89, 2009.
  2. R. Poovendran., "Cyber-physical systems close encounters between two parallel worlds," Procedding of the IEEE, vol. 98, no. 8, pp. 1363-1366, 2010.
  3. W. Yong, G. Atteburyn and B. Ramamurthy, "A survey of security issues in wireless sensor networks", Communications Surveys & Tutorials, IEEE, vol. 8, no. 2, pp. 2-23, 2006.
  4. D. Djenouri, L. Khelladi and A. N. Badache, "A survey of security issues in mobile ad hoc and sensor networks," Communications Surveys & Tutorials, IEEE, vol. 7, no. 4, pp. 2-28, 2005. https://doi.org/10.1109/COMST.2005.1593277
  5. E. K. Wang, Y. M. Ye, X. F. Xu, et al., "Security issues and challenges for cyber physical system," in Proc. of 2010 IEEE/ACM Int'l Conference on & Int'l Conference on Cyber-Physical and Social Computing (CPSCom), pp. 733-738, Dec. 2010.
  6. M. Anand, E. Cronin, M. Sherr, et al., "Security challenges in next generation cyber physical systems," in Proc. of Green Computing and Communications (GreenCom), 2010 IEEE/ACM Int'l Conference on & Int'l Conference on Cyber, Physical and, Nov. 2006.
  7. E. A. Lee, "Cyber physical systems: design challenges," in Proc. IEEE International Symposium on Object Oriented Real-Time Distributed Computing (ISORC), 2008.
  8. C. Medaglia and A. Serbanati, "An overview of privacy and security issues in the internet of things," in Proc. of 20th Tyrrhenian International Work-shop on Digital Communications, pp. 389-395, Sep.2009.
  9. R. Weber, "Internet of things-new security and privacy challenges," Computer Law & Security Review, vol. 26, pp. 23-30, 2010. https://doi.org/10.1016/j.clsr.2009.11.008
  10. C. Inhyok, Y. Shah, A. U. Schmidt, et al., "Security and trust for M2M Communications," Vehicular Technology Magazine, IEEE, vol. 4, no. 3, pp. 69-75, Sep. 2009.
  11. A. A. Cardenas, S. Amin and S. Sastry, "Secure control: Towards survivable cyber-physical systems," in Proc. of the 28th International Conference on Distributed Computing Systems Workshops (ICDCS2008), pp. 495-500, Jun. 2008.
  12. M. Saedy and V. Mojtahed, "Ad Hoc M2M Communications and security based on 4G cellular system," Wireless Telecommunications Symposium (WTS), pp. 1-5, Apr.2011.
  13. C. Inhyok, Y. Shah, A. U. Schmidt, et al., "Trust in M2M communication," Vehicular Technology Magazine, IEEE, vol. 4, no. 3, pp. 69-75, Sep. 2009.
  14. R. Indrakshi and R. Indrajit, "Access Control Challenges for Cyber-Physical Systems".
  15. S. Chakraborty and I. Ray, "Trust BAC-integrating trust relationships into the RBAC model for access control in open systems," in Proc. of the 11th ACM Symp. on Access Control Models And Technologies, New York: ACM Press, pp. 49-58, 2006.
  16. I. Ray and M. Toahchoodee, "A spatio-yemporal access control model supporting delegation for pervasive computing applications," in Proc. of the 5th International Conference on Trust, Privacy and Security in Digital Business, pp. 48-58, Sep. 2008.
  17. I. Ray and M. Toahchoodee. "A spatio-temporal role-based access control model," in Proc. of the 21stAnnual IFIP TC-11 WG 11.3 Working Conference on Data and Applications Security, pp. 211-226, Jul. 2007.
  18. C. M. Jonker and J. Treur, "Formal analysis of models for the dynamics of trust based on experience," in Proc. of the 9th European Workshop on Modeling Autonomous Agents in a Multi-Agent System Engineering, pp. 221-232, Jul. 1999.
  19. E. Helms and L. Williams, "Evaluating access control of open source electronic health record systems," in Proc. of the 3rd workshop on Software engineering in health care, pp. 63-70, 2011.
  20. S. Yu, K. Ren and W. Lou, "FDAC: Toward Fine-grained Distributed Data Access Control in wireless sensor networks," in Proc. of IEEE INFOCOM 2009, pp. 963-971, 2009.
  21. S. Misra and A. Vaish, "Reputation-based role assignment for role-based access control in wireless sensor networks," Journal of Computer Communications of Elsevier, vol. 34, no. 3, pp. 281-294, 2010.
  22. S. K. S. Gupta, T. Mukherjee and K. Venkatasubramanian, "Criticality aware access controlModel for pervasive applications," in Proc. of the 4th IEEE Conference on Pervasive Computing and Communications, pp. 251-257, 2006.
  23. G. W. Wu, D. Z. Lu, F. Xia, et al., "A fault-tolerant emergency-aware access controls scheme for cyber-physical systems", in Proc. of Information Technology and, vol. 40, no. 1, pp. 29-39, 2011.
  24. H. Alzaid, E. Foo and J. G. Nieto, "Secure data aggregation in wireless sensor network: a survey," in Proc. of the 6th Australasian Information Security Conference, ACSC2008, pp. 93-105, Jan. 2008.
  25. B. Parno, E. Gaustad, M. Luk, et al., "Secure sensor network routing: a clean-slate approach", in Proc. of CoNEXT 2006, pp. 1-13, 2006.
  26. R. Shorey, A. Ananda, M. C. Chan, et al., "Mobile, wireless, and sensor networks: technology, applications, and future directions", John Wiley & Sons. Hoboken, 2006.
  27. I. Balepin, S. Maltsev, J. Rowe, and K. Levitt, "Using specification-based intrusion detection for automated response," in Proc. of 6th International Symposium Recent Advances in Intrusion Detection, pp. 136-154, 2003.
  28. R. Roman, J. Zhou and J. Lopez, "Applying intrusion detection systems to wireless sensor networks," in Proc. of the 3rd IEEE Consumer Communications and Networking Conference, pp. 640-644, 2006.
  29. W. R. Pires Jr., T. H. P. Figueiredo, H. C. Wong, et al., "Malicious node detection in wireless sensor networks," in Proc. of the 8th International Parallel & Distributed Processing Symposium (IPDP'04), pp. 24-27, 2004.
  30. G. R. Li, J. S. He and Y. F. Fu, "A distributed intrusion detection scheme for wireless sensor networks," in Proc. of the 28th International Conference on Distributed Computing Systems Workshops, vol. 0, no. 0, pp. 309-314, 2008.
  31. A. P. R. Silva, M. H. T. Martins, B. P. S. Rocha, et al., "Decentralized intrusion detection in wireless sensor networks," in Proc. of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks, pp. 16-23, 2005.
  32. Y. Wang, X. Wang, B. Xie, et al, "Intrusion detection in homogeneous and heterogeneous wireless sensor networks," IEEE Transactions on Mobile Computing, vol. 7, no. 6, pp. 698-711, Jun. 2008.
  33. S. Banerjee, C. Grosan, A. Abraham, et al., "Intrusion detection on sensor networks using emotional ants," International Journal of Applied Science and Computations, vol. 12, no. 3, pp. 152-173, 2005.
  34. M. Kodialam and T. V. Lakshman, "Detecting network intrusion via sampling: a game theoretic approach," in Proc. of IEEE INFOCOM 2003, vol. 3, pp. 1880-1889, 2003.
  35. O. D. Mohatar, A. F. Sabater and J. M. Sierra, "A lightweight authentication scheme for wireless sensor networks," Ad Hoc Networks, vol. 9, no. 5, pp. 727-735, 2010.
  36. Y. T. Zhang, J. Yang, W. J. Li, et al., "An authentication scheme for locating compromised sensor nodes in WSNs", Journal of Network and Computer Applications, vol. 33, no. 1, pp.50-62, Jan. 2010. https://doi.org/10.1016/j.jnca.2009.06.003
  37. R. D. Pietro, L. V. Mancini, A. Mei, et al., "Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks", ACM/Kluwer Wireless Networks, vol. 12, no. 6, pp. 709-721, 2005
  38. S. Chang, S. Shieh, W. W. Lin, et al., "An efficient broadcast authentication scheme in wireless sensor networks", in Proc. of ACM Symposium on Information, Computer and Communications Security, pp. 311-320, 2006.
  39. D. Liu et al., "Practical broadcast authentication sensor networks," in Proc. of 2nd Annual Int'l. Conf. Mobile and Ubiquitous Systems: Networking and Services, pp. 118-29, Jul. 2005.
  40. K. Ren, W. Lou and Y. Zhang, "Multi-user broadcast authentication in wireless sensor networks," in Proc. of 4th Annual IEEE Communications Society Conference on Sensor, Meshand Ad Hoc Communications and Networks, pp. 223-232, 2007.
  41. Z. Benenson, N. Gedicke and O. Raivio, "Realizing robust user authentication in sensor networks," in Proc. of Workshop on Real-World Wireless Sensor Networks, 2005.
  42. K. Wong et al., "A dynamic user authentication scheme for wireless sensor networks," in Proc. of IEEE Int. Conf. Sensor Network, Ubiquitous, Trustworthy Computing, pp. 244-251, 2006.
  43. H. R. Tseng, R. H. Jan and W. Yang, "An improved dynamic user authentication scheme for wireless sensor networks," in Proc. of IEEE Global Telecommun. Conf., pp. 986-990, 2007.
  44. N. Li, N. Zhang, S. Das, et al., "Privacy preservation in wireless sensor networks: A state-of-the-art survey," Journal of Ad Hoc Networks, vol. 7, no. 8, pp. 1501-1514, Nov. 2009. https://doi.org/10.1016/j.adhoc.2009.04.009
  45. W. B. He, X. Liu, H. Nguyen, et al., "PDA: Privacy-preserving Data Aggregation in wireless sensor networks," in Proc. of INFOCOM 2007, 26th IEEE International Conference on Computer Communications, pp. 2045-2053, 2007.
  46. W. Zhang, C. Wang and T. Feng, "GP2S: generic privacy-preservation solutions for approximate aggregation of sensor data," in Proc. of 6th IEEE International Conference on Pervasive Computing and Communications (PerCom), pp. 179-184, 2008.
  47. B. Carbunar, Y. Yu, W. Shi, et al., "Query privacy in wireless sensor networks," ACM Transactions on Sensor Networks, vol. 6, no. 2, pp. 1-34, 2010.
  48. R. Zhang, Y. Zhang and K. Ren, "DP2AC: Distributed privacy-preserving access control in sensor networks," in Proc. of INFOCOM 2009, pp. 1251-1259, 2009.
  49. P. Kamat et al., "Enhancing source location privacy in sensor network routing," in Proc. Int'l Conf. Distributed Computing Systems, pp. 559-608, 2005.
  50. Y. Xi, L. Schwiebert and W. Shi, "Preserving source location privacy in monitoring-based wireless sensor networks," in Proc. of the 20th International Parallel and Distributed Processing Symposium, pp. 8-18, 2006.
  51. M. Shao, Y. Yang, S. Zhu, et al., "Towards statistically strong source anonymity for sensor networks," in Proc. of the 27th IEEE Conference on Computer Communications (INFOCOM 2008), pp. 51-55, 2008.
  52. Y. Yang, M. Shao, S. Zhu, et al., "Towards event source unobservability with minimum network traffic in sensor networks," in Proc. of the first ACM conference on Wireless network security, pp. 77-88, 2008.
  53. K. Mehta, D. Liu and M. Wright, "Location privacy in sensor networks against a global eavesdropper," in Proc. of IEEE International Conference on Network Protocols, pp. 1536-1233, 2007.
  54. S. Mishra J. Deng and R. Han, "Countermeasures against traffic analysis attacks in wireless sensor networks," Technical Report CU-CS-987-04, Dec. 2004.
  55. J. Deng, R. Han and S. Mishra, "Decorrelating wireless sensor network traffic to inhibit traffic analysis attacks," Journal of Pervasive and Mobile Computing on Security in Wireless Mobile Computing Systems, vol. 2, no. 2, pp. 159-186, 2006.
  56. P. Kamat, W. Xu, W. Trappe, et al., "Temporal privacy in wireless sensor networks". ICDCS '07: in Proc. of the 27th International Conference on Distributed Computing Systems, pp. 23-24, 2007.
  57. J. F. Wan, H. H. Yan, H. Suo, et al., "Advances in Cyber-Physical Systems Research," KSII Transactions on Internet and Information Systems, vol. 5, no. 11, pp. 1891-1908, Nov.2011.

Cited by

  1. Interference Cancellation for Relay-Assisted D2D Communication vol.9, pp.9, 2012, https://doi.org/10.3837/tiis.2015.09.001
  2. Applications of Cyber-Physical System: A Literature Review vol.2, pp.3, 2012, https://doi.org/10.1142/s2424862217500129
  3. Cyber Physical System (CPS)-Based Industry 4.0: A Survey vol.2, pp.3, 2017, https://doi.org/10.1142/s2424862217500142
  4. M2M Security Technology of CPS Based on Blockchains vol.9, pp.9, 2012, https://doi.org/10.3390/sym9090193
  5. The application of CPS in library management: a survey vol.38, pp.1, 2020, https://doi.org/10.1108/lht-11-2017-0234