• Journal of Platform Technology
• /
• v.11 no.3
• /
• pp.76-82
• /
• 2023

Starting from the 4th industrial revolution, core technologies were applied to industries to build various smart environments. Smart factories in the manufacturing industry produce high-quality products by applying IIoT as a core technology that can collect and control a wide range of data for customized production. However, the network environment of the smart factory converted to open through IIoT was exposed to various security risks. In accordance with security breaches, IIoT has shown degradation in the quality of manufactured products and production processes due to network disturbance, use and maintenance of forged IIoT, and can cause reliability problems in business. Accordingly, in this study, a method for safe connection and utilization of IIoT was studied during the initial establishment of a smart factory. Specifically, a study was conducted to check the IIoT connection situation so that the practicality of the IIoT connected to the smart factory could be confirmed and the harmless environment established.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.1
• /
• pp.97-119
• /
• 2023

The number of industrial Internet of Things (IoT) users is increasing rapidly. Lightweight block ciphers have started to be used to protect the privacy of users. Hardware-oriented security design should fully consider the use of fewer hardware devices when the function is fully realized. Thus, this paper designs a lightweight block cipher IIoTBC for industrial IoT security. IIoTBC system structure is variable and flexibly adapts to nodes with different security requirements. This paper proposes a 4×4 S-box that achieves a good balance between area overhead and cryptographic properties. In addition, this paper proposes a preprocessing method for 4×4 S-box logic gate expressions, which makes it easier to obtain better area, running time, and power data in ASIC implementation. Applying it to 14 classic lightweight block cipher S-boxes, the results show that is feasible. A series of performance tests and security evaluations were performed on the IIoTBC. As shown by experiments and data comparisons, IIoTBC is compact and secure in industrial IoT sensor nodes. Finally, IIoTBC has been implemented on a temperature state acquisition platform to simulate encrypted transmission of temperature in an industrial environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.392-394
• /
• 2024

OT와 IT가 접목된 스마트공장은 외부망과의 접점이 증가함에 따라 많은 공격자들의 타깃이 되고 있다. 특히, 스마트공장의 가장 많은 공격 경로인 IIoT 기기는 제조 설비에 대한 제어권을 가짐에 따라 작업자의 안전과 생산성에 직접적인 영향을 미쳐 보안 위협 발생 시에 위험도가 높다. 따라서, 스마트공장에서 IIoT를 안전하게 운용하기 위한 보안 표준 마련이 필요하다. 본 논문에서는 주요 국제표준화 기구 및 단체인 IEC, IIC, ITU-T의 표준 문서를 분석함으로써 IIoT 관점에서 스마트공장 보안을 위해 수행되고 있는 국제 표준화 동향을 분석한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.569-575
• /
• 2024

The 64-bit block cipher IIoTBC is an encryption algorithm designed for the security of industrial IoT devices and uses an 128-bit secret key. The IIoTBC's encryption algorithm varies depending on whether the MCU size used in IoT is 8-bit or 16-bit. This paper deals with a differential attack on IIoTBC when the MCU size is 8-bit. It attacks 15-round out of the entire 32-round using IIoTBC's 14-round differential characteristic. At this time, the number of required plaintexts and encryption are 2⁵⁷ and 2^122.4, respectively. The differential characteristic presented in this paper has a longer round than the existing 13-round impossible differential characteristic, and the attack using this is the result of the first key recovery attack on IIoTBC.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.231-234
• /
• 2020

In the past few years, the industrial internet of things (IIoT) has received great attention in various industrial sectors which have potentially increased a high level of integrity, availability, and scalability. The increasing of IIoT is expected to create new smart industrial enterprises and build the next generation smart system. However existing IIoT systems rely on centralized servers that are vulnerable to a single point of failure and malicious attack, which exposes the data to security risks and storage. To address the above issues, blockchain is widely considered as a promising solution, which can build a secure and efficient environment for data storing, processing and sharing in IIoT. In this paper, we propose a decentralized, peer-to-peer platform for secure data storing in industrial IoT base on the ethereum blockchain. We exploit ethereum to ensure data security and reliability when smart devices store the data.

• Review of KIISC
• /
• v.33 no.6
• /
• pp.65-77
• /
• 2023

산업용 사물 인터넷(IIoT)은 자원 관리 및 최적화, 신속성, 지속가능한 생산, 자동화 등의 특징으로 인해 다양한 산업분 야에서 활발하게 사용되고 있다. 수많은 IIoT 기기에서 발생된 데이터를 처리하는 것은 기존 중앙 처리 시스템에 큰 부담을 주게 된다. 이러한 데이터들의 효과적인 관리를 위해 데이터가 발생한 엣지 기기, 엣지 서버 등 로컬위치에서 실시간으로 프로세스를 실행하여 네트워크 대역폭 절약, 낮은 지연 시간 등 특징을 가진 엣지 컴퓨팅 기술을 사용한다. 하지만, 엣지 컴퓨팅 적용 시, 인터넷과 연결된 IIoT 기기 수 증가, 취약한 IIoT 기기, 분산된 환경으로 인해 공격 표면 확장되어 엣지 컴퓨팅 환경에서의 새로운 보안 위협이 발생할 수 있다. 이에 본 논문에서는 IIoT 및 엣지 컴퓨팅 정의, 아키텍처, 각 산업분야별 적용한 사례에 대해 살펴보고, 엣지 컴퓨팅에서 발생 가능한 보안 위협을 분석하였다. 또한, 엣지 컴퓨팅 기반 IIoT에 대한 각 산업 분야별 보안 연구 동향에 대해서 분석하였다.

• Review of KIISC
• /
• v.25 no.5
• /
• pp.12-17
• /
• 2015

산업사물인터넷(IIoT)은 사물인터넷(IoT)과 같이 기존의 여러 ICT 기술들과 무선센서네트워크 및 다양한 통신 기술들이 산업제어시스템에 적용된 것을 의미한다. IIoT는 일반적인 상용 IoT와 많은 부분 공통점과 그 기반 기술에 있어서의 동일한 성격을 가지지만 적용 대상 환경에 있어 차이를 가지고 있기 때문에 산업제어영역에서 IoT기술을 도입하기 위해서는 추가적으로 고려해야할 사항들이 존재한다. 본 논문에서는 IoT와 IIoT에 대하여 간단히 설명하고 IIoT 환경의 특수성에 대해서 다룬다. 그 후 상용 IoT에서 발생한 보안 사고관련 사례들을 살펴보고 산업제어영역에서 사이버보안 사고 발생시 그 피해 규모를 살펴본다. 그리고 IIoT를 도입하면서 보안관점에서 필요한 사항들에 대해 서술하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.449-451
• /
• 2021

Cyber-attacks targeting endpoints have developed sophisticatedly into targeted and intelligent attacks, Advanced Persistent Threat (APT) targeting the Industrial Internet of Things (IIoT) has increased accordingly. Machine learning-based Endpoint Detection and Response (EDR) solutions combine and complement rule-based conventional security tools to effectively defend against APT attacks are gaining attention. However, universal EDR solutions have a high false positive rate, and needs high-level analysts to monitor and analyze a tremendous amount of alerts. Therefore, the process of optimizing machine learning-based EDR solutions that consider the characteristics and vulnerabilities of IIoT environment is essential. In this study, we analyze the flow and impact of IIoT targeted APT cases and compare the method of machine learning-based APT detection EDR solutions.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2221-2235
• /
• 2020

Compared to the past infrastructure networks, the current smart grid network can improve productivity and management efficiency. However, as the Industrial Internet of Things (IIoT) and Internet-based standard communication protocol is used, external network contacts are created, which is accompanied by security vulnerabilities from various perspectives. Accordingly, it is necessary to develop an appropriate cybersecurity guideline that enables effective reactions to cybersecurity threats caused by the abuse of such defects. Unfortunately, it is not easy for each organization to develop an adequate cybersecurity guideline. Thus, the cybersecurity checklist proposed by a government organization is used. The checklist does not fully reflect the characteristics of each infrastructure network. In this study, we proposed a cybersecurity framework that reflects the characteristics of a microgrid network in the IIoT environment, and performed an analysis to validate the proposed framework.

• Journal of Information Processing Systems
• /
• v.19 no.2
• /
• pp.240-257
• /
• 2023

The industrial Internet of Things (IIoT) is characterized by intelligent connection, real-time data processing, collaborative monitoring, and automatic information processing. The heterogeneous IIoT devices require a high data rate, high reliability, high coverage, and low delay, thus posing a significant challenge to information security. High-performance edge and cloud servers are a good backup solution for IIoT devices with limited capabilities. However, privacy leakage and network attack cases may occur in heterogeneous IIoT environments. Cloud-based multi-party computing is a reliable privacy-protecting technology that encourages multiparty participation in joint computing without privacy disclosure. However, the default cloud selection method does not meet the heterogeneous IIoT requirements. The server can be dishonest, significantly increasing the probability of multi-party computation failure or inefficiency. This paper proposes a blockchain and smart contract-based optimized cloud node selection framework. Different participants choose the best server that meets their performance demands, considering the communication delay. Smart contracts provide a progressive request mechanism to increase participation. The simulation results show that our framework improves overall multi-party computing efficiency by up to 44.73%.