KIPS Transactions on Computer and Communication Systems (정보처리학회논문지:컴퓨터 및 통신 시스템)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on the Blockchain-Based Access Control Using Random-List in Industrial Control System

산업제어시스템에서 랜덤리스트를 이용한 블록체인 기반 접근제어 방식에 관한 연구

  • 강명조 (한경대학교 컴퓨터응용수학부) ;
  • 김미희 (한경대학교 컴퓨터응용수학부 컴퓨터시스템연구소)
  • Received : 2021.11.23
  • Accepted : 2022.03.02
  • Published : 2022.05.31
Download PDF
⟨ Previous Next ⟩

Abstract

Industrial control systems that manage and maintain various industries were mainly operated in closed environment without external connection, but with the recent development of the Internet and the introduction of ICT technology, the access to the industrial control system of external or attackers has become easier. Such incorrect approaches or attacks can undermine the availability, a major attribute of the industrial control system, and violation of availability can cause great damage. In this paper, when issuing commands in an industrial control system, a verification group is formed using a random list to verify and execute commands, and a trust score technique is introduced that applies feedback to the verification group that conducted verification using the command execution result. This technique can reduce overhead generated by random generation in the process of requesting command verification, give flexibility to the verification process, and ensure system availability. For the performance analysis of the system, we measured the time and gas usage when deploying a smart contract, gas usage when verifying a command. As a result, we confirmed that although the proposed system generates a random list compared to the legacy system, there was little difference in the time when it took to deploy smart contract and that the gas used to deploy smart contract increased by about 1.4 times in the process of generating a random list. However, the proposed system does not perform random operations even though the operation of command verification and confidence score technique is performed together during the command verification process, thus it uses about 9% less gas per verification, which ensures availability in the verification process.

다양한 산업을 관리하고 유지하는 산업제어시스템은 주로 외부와의 연결 없이 폐쇄적으로 운영됐지만 최근 인터넷의 발전과 ICT 기술의 도입으로 외부나 공격자의 산업제어시스템에 접근이 쉬워졌다. 잘못된 접근이나 공격은 산업제어시스템의 주요 속성인 가용성을 해칠 수 있으며, 가용성이 침해될 경우 큰 피해가 발생할 수 있다. 본 논문에서는 산업제어시스템에서 명령을 내릴 때 랜덤리스트를 생성해 검증그룹을 구성하여 명령을 검증 후 실행하며, 명령 실행 결과를 이용해 검증을 진행한 검증그룹에 피드백을 적용하는 신뢰 점수 기법을 도입한다. 이를 통해 명령 검증 요청과정에서 랜덤 생성에 발생하는 오버헤드를 줄일 수 있으며, 검증 과정에 유연성을 부여하고 시스템의 가용성을 보장할 수 있다. 시스템의 성능 분석을 위해 스마트 계약 배포 시 걸리는 시간과 가스 사용량, 명령 검증 시 가스 사용량을 측정했다. 그 결과, 기존시스템과 비교해 랜덤리스트를 생성하지만, 스마트 계약 배포에 걸리는 시간은 거의 차이가 없음을 확인했고 스마트 계약 배포에 사용되는 가스는 랜덤리스트 생성과정에서 약 1.4배 증가함을 확인했다. 하지만, 명령 검증 과정에서 명령 검증과 신뢰 점수 기법의 연산을 함께 진행함에도 랜덤 연산을 하지 않아 검증 1회당 약 9% 적은 가스를 사용해 검증 과정에 가용성을 보장한다.

Keywords

Acknowledgement

이 논문은 2018년도 정부(과학기술정보통신부)의 재원으로 한국연구재단의 지원을 받아 수행된 연구임(No.2018R1A2B6009620).

References

  1. J. H. Nah and J. C. Nah, "Standardization trend of industrial control system security," Review of Korea Institute of Information Security & Cryptology (KIISC), Vol.26, No.4, pp.28-35, 2016.
  2. J. H. Oh, Y. I. You, and K. H. Lee, "Infrastructure incident and control system standard trend," Review of Korea Institute of Information Security & Cryptology (KIISC), Vol.27, No.2, pp.5-11, 2017. https://doi.org/10.13089/JKIISC.2017.27.1.5
  3. S. Keith and P. Victoria, "Guide to industrial control systems (ICS) security," in NIST Special Publication, 800-82, 2015.
  4. K. H. Kim, "Industrial control system security," in Institute for Information & Communication Technology Planning & Evaluation(IITP) Weekly ICT Trends, pp.2-14, 2021.
  5. M. K. Kang, "CyberSecurity status by country for industrial control system," in Institute for Information & Communication Technology Planning & Evaluation(IITP) Weekly ICT Trends, pp.16-24, 2019.
  6. M. Mao and H. Xiao, "Blockchain-based technology for industrial control system cypersecurity," in International Conference on Network, Communication, Computer Engineering, pp.2-5, 2018.
  7. M. J. Cho and C. H. Lee, "Access control mechanism in industrial control system based on smart contract," Review of Korea Institute of Information Security & Cryptology (KIISC), Vol.29, No.3, pp.579-588, 2019.
  8. S. Nakamoto, "Bitcoin: A peer-to-peer electronic cash system," Decentralized Business Review, 2008.
  9. V. Buterin, "Ethereum white paper: A next-generation smart contract and decentralized application platform," White Paper, Vol.3, No.37, pp.1-36, 2014.
  10. M. S. Ferdous, M. J. M. Chowdhury, M. A. Hoque, and A. Colman, "Blockchain consensus algorithms: A survey," arXiv preprint arXiv:2001.07091, 2020.
  11. S. Nick, "Smart contracts: Building blocks for digital markets," EXTROPY: The Journal of Transhumanist Thought, Vol.18, No.2, pp.28, 1996.
  12. Solidity [Internet], https://docs.soliditylang.org/en/v0.8.2/, 2021.
  13. J. W. Kim, "Legal Issues of the 'Smart Contract'," Korea Lawyers Association Journal (KLAJ), Vol.67, No.1, pp.150-200, 2018. https://doi.org/10.17007/KLAJ.2018.67.1.004
  14. H. S. Kim, "Blockchain-based smart contract and legal issues," Dankook Law Review, Vol.44, pp.171-192, 2020.
  15. T. Sultana, A. Almogren, M. Akbar, M. Zuair, I. Ullah, and N. Javaid, "Data sharing system integrating access control mechanism using blockchain-based smart contracts for IoT Devices," Applied Sciences, Vol.10, No.2, pp.488-509, 2020. https://doi.org/10.3390/app10020488
  16. H. Albreiki, L. Alqassem, K. Salah, et. al. "Decentralized access control for IoT data using blockchain and trusted oracles," IEEE International Conference on Industrial Internet (ICII), pp.248-257, 2019.
  17. Geth [Internet], https://geth.ethereum.org/docs/.
  18. web3 [Internet], https://web3js.readthedocs.io/en/v1.3.4/.