{"title":"Security Analysis and Enhancement of INTERBUS Protocol in ICS Based on Colored Petri Net","authors":"Tao Feng, Chengfan Liu, Xiang Gong, Ye Lu","doi":"10.3390/info14110589","DOIUrl":null,"url":null,"abstract":"The integration of buses in industrial control systems, fueled by advancements such as the Internet of Things (IoT), has led to their widespread adoption, significantly enhancing operational efficiency. However, with the increasing interconnection of systems, ensuring the security of bus communications and protocols has become an urgent priority. This paper focuses on addressing the specific security concerns associated with the widely adopted INTERBUS protocol—a fieldbus protocol. Our approach leverages the theory of colored Petri nets (CPN) for modeling, enabling a comprehensive analysis of the protocol’s security. Rigorous formal verification and analysis of the security protocol are conducted by employing the Dolev–Yao adversary model. Our investigation reveals the presence of three critical vulnerabilities: replay attacks, tampering, and impersonation. To fortify the security of the protocol, we propose the introduction of a key distribution center and the utilization of hash values. Through meticulous analysis and verification, our proposed enhancements effectively reinforce the security performance of the INTERBUS protocol.","PeriodicalId":38479,"journal":{"name":"Information (Switzerland)","volume":"35 5","pages":"0"},"PeriodicalIF":2.4000,"publicationDate":"2023-10-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information (Switzerland)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/info14110589","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 1
Abstract
The integration of buses in industrial control systems, fueled by advancements such as the Internet of Things (IoT), has led to their widespread adoption, significantly enhancing operational efficiency. However, with the increasing interconnection of systems, ensuring the security of bus communications and protocols has become an urgent priority. This paper focuses on addressing the specific security concerns associated with the widely adopted INTERBUS protocol—a fieldbus protocol. Our approach leverages the theory of colored Petri nets (CPN) for modeling, enabling a comprehensive analysis of the protocol’s security. Rigorous formal verification and analysis of the security protocol are conducted by employing the Dolev–Yao adversary model. Our investigation reveals the presence of three critical vulnerabilities: replay attacks, tampering, and impersonation. To fortify the security of the protocol, we propose the introduction of a key distribution center and the utilization of hash values. Through meticulous analysis and verification, our proposed enhancements effectively reinforce the security performance of the INTERBUS protocol.