Trustworthy loT for Cyber-Physical-Systems

Digitalization over the entire product lifecycle accelerates the development, validation, instrumentation and deployment of complex industrial products while increasing product quality but also leads to new safety & security related requirements in the design, testing, production and operation of these systems.

Realising in a cost-effective way, the full potential of trustworthy and secure cyber-physical systems and applications in Automated Driving and Industry 4.0, requires a holistic approach that combines operational aspects as well as  technology. The objective is to integrate security levels across all dimensions. IoT4CPS developed guidelines, methods and tools to enable safe and secure IoT-based applications for automated driving and for smart production in Industry 4.0. The project addressed safety and security aspects in a holistic approach both along the specific value chains and the product life cycles. IoT4CPS addressed the entire technology stack from semi-conductors (sub-component level), via control systems (component level), to applications (system level).

Within this project DUK developed a watermarked-based security architecture and implemented a proof-of-concept implementation of watermark-based security measures on a LORA platform demonstrating the applicability for protecting highly distributed industrial application with extremely low-power and low-bandwidth wireless connectivity

For industrial data a special focus lies on the authentication and data provenance of data delivered from field level (sensor) networks. These data and the respective networks are characterized by small data volume and strong constraints in terms of available bandwidth and computational resources and might also have the necessity of data aggregation and sensor data fusion. Conventional cryptography might suffer from limited computational resources in field devices and from limited bandwidth, packet size and resulting energy constraint in wireless networks. Watermarks are an alternative lightweight security measure ensuring authenticity and data ownership. In particular, no additional data volume as required by message authentication codes or digital signatures are added in limited channels.

The advantage of using watermarks is that it is integrated in the data, i.e., 1) it does not require additional storage, bandwidth or resources,  2) it is inherently attached to the data and 3) the watermark is (to a certain extent) preserved during legitimate operation. Nevertheless, when using watermarks with non-media data invisibility, robustness and capacity have to be reconsidered due to the different type of data. The architecture developed by DUK provides concepts to authenticate data streams, encode data provenance in the stream and protect message integrity.

We also demonstrated this security measure by embedding digital watermarks in LoRaWAN based sensor systems. Within the presented approach, the transmitted messages themselves do not need to be modified. Rather, the inter-packet interval
between individual packets is used as a side-channel to carry the security-relevant information.

By enriching data with hidden watermarks the level of trustworthiness has been successfully increased.

AIT Austrian Institute of Technology GmbH

AVL List GmbH

Donau Universität Krems

Infineon Technologies AG

JKU Johannes Kepler Universität Linz

Joanneum Research Forschungsgesellschaft mbH

Nokia Solutions And Networks Österreich GmbH

NXP Semiconductors Austria GmbH

Salzburg Research Forschungsgesellschaft mbH

SBA-Research GmbH

SIEMENS AG Österreich

Software Competence Center Hagenberg GmbH

TTTech Computertechnik AG

Technische Universität Graz

Technische Universität Wien

Universität Linz Institut für Pervasive Computing

X-Net Services GmbH