End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT
The convergence of IT and OT networks has gained significant attention in recent years, facilitated by the increase in distributed computing capabilities, the widespread deployment of Internet of Things devices, and the adoption of Industrial Internet of Things. This convergence has led to a drastic...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-01-01
|
| Series: | Future Internet |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1999-5903/17/1/34 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832588425404874752 |
|---|---|
| author | Matthew Boeding Michael Hempel Hamid Sharif |
| author_facet | Matthew Boeding Michael Hempel Hamid Sharif |
| author_sort | Matthew Boeding |
| collection | DOAJ |
| description | The convergence of IT and OT networks has gained significant attention in recent years, facilitated by the increase in distributed computing capabilities, the widespread deployment of Internet of Things devices, and the adoption of Industrial Internet of Things. This convergence has led to a drastic increase in external access capabilities to previously air-gapped industrial systems for process control and monitoring. To meet the need for remote access to system information, protocols designed for the OT space were extended to allow IT networked communications. However, OT protocols often lack the rigor of cybersecurity capabilities that have become a critical characteristic of IT protocols. Furthermore, OT protocol implementations on individual devices can vary in performance, requiring the comprehensive evaluation of a device’s reliability and capabilities before installation into a critical infrastructure production network. In this paper, the authors define a framework for identifying vulnerabilities within these protocols and their on-device implementations, utilizing formal modeling, hardware in the loop-driven network emulation, and fully virtual network scenario simulation. Initially, protocol specifications are modeled to identify any vulnerable states within the protocol, leveraging the Construction and Analysis of Distributed Processes (CADP) software (version 2022-d “Kista”, which was created by Inria, the French Institute for Research in Computer Science and Automation, in France). Device characteristics are then extracted through automated real-time network emulation tests built on the OMNET++ framework, and all measured device characteristics are then used as a virtual device representation for network simulation tests within the OMNET++ software (version 6.0.1., a public-soucre, open-architecture software, initially developed by OpenSim Limited in Budapest, Hungary), to verify the presence of any potential vulnerabilities identified in the formal modeling stage. With this framework, the authors have thus defined an end-to-end process to identify and verify the presence and impact of potential vulnerabilities within a protocol, as shown by the presented results. Furthermore, this framework can test protocol compliance, performance, and security in a controlled environment before deploying devices in live production networks and addressing cybersecurity concerns. |
| format | Article |
| id | doaj-art-87ac60ef073d43ddb90faac68cfd1a81 |
| institution | Kabale University |
| issn | 1999-5903 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Future Internet |
| spelling | doaj-art-87ac60ef073d43ddb90faac68cfd1a812025-01-24T13:33:37ZengMDPI AGFuture Internet1999-59032025-01-011713410.3390/fi17010034End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoTMatthew Boeding0Michael Hempel1Hamid Sharif2Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USADepartment of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USADepartment of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USAThe convergence of IT and OT networks has gained significant attention in recent years, facilitated by the increase in distributed computing capabilities, the widespread deployment of Internet of Things devices, and the adoption of Industrial Internet of Things. This convergence has led to a drastic increase in external access capabilities to previously air-gapped industrial systems for process control and monitoring. To meet the need for remote access to system information, protocols designed for the OT space were extended to allow IT networked communications. However, OT protocols often lack the rigor of cybersecurity capabilities that have become a critical characteristic of IT protocols. Furthermore, OT protocol implementations on individual devices can vary in performance, requiring the comprehensive evaluation of a device’s reliability and capabilities before installation into a critical infrastructure production network. In this paper, the authors define a framework for identifying vulnerabilities within these protocols and their on-device implementations, utilizing formal modeling, hardware in the loop-driven network emulation, and fully virtual network scenario simulation. Initially, protocol specifications are modeled to identify any vulnerable states within the protocol, leveraging the Construction and Analysis of Distributed Processes (CADP) software (version 2022-d “Kista”, which was created by Inria, the French Institute for Research in Computer Science and Automation, in France). Device characteristics are then extracted through automated real-time network emulation tests built on the OMNET++ framework, and all measured device characteristics are then used as a virtual device representation for network simulation tests within the OMNET++ software (version 6.0.1., a public-soucre, open-architecture software, initially developed by OpenSim Limited in Budapest, Hungary), to verify the presence of any potential vulnerabilities identified in the formal modeling stage. With this framework, the authors have thus defined an end-to-end process to identify and verify the presence and impact of potential vulnerabilities within a protocol, as shown by the presented results. Furthermore, this framework can test protocol compliance, performance, and security in a controlled environment before deploying devices in live production networks and addressing cybersecurity concerns.https://www.mdpi.com/1999-5903/17/1/34IIoTvulnerability analysisformal verificationconstruction and analysis of distributed processesCADPcyber-physical systems |
| spellingShingle | Matthew Boeding Michael Hempel Hamid Sharif End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT Future Internet IIoT vulnerability analysis formal verification construction and analysis of distributed processes CADP cyber-physical systems |
| title | End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT |
| title_full | End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT |
| title_fullStr | End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT |
| title_full_unstemmed | End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT |
| title_short | End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT |
| title_sort | end to end framework for identifying vulnerabilities of operational technology protocols and their implementations in industrial iot |
| topic | IIoT vulnerability analysis formal verification construction and analysis of distributed processes CADP cyber-physical systems |
| url | https://www.mdpi.com/1999-5903/17/1/34 |
| work_keys_str_mv | AT matthewboeding endtoendframeworkforidentifyingvulnerabilitiesofoperationaltechnologyprotocolsandtheirimplementationsinindustrialiot AT michaelhempel endtoendframeworkforidentifyingvulnerabilitiesofoperationaltechnologyprotocolsandtheirimplementationsinindustrialiot AT hamidsharif endtoendframeworkforidentifyingvulnerabilitiesofoperationaltechnologyprotocolsandtheirimplementationsinindustrialiot |