On Lightweight Security Enforcement in Cyber-Physical Systems.

Cyber-physical systems CPS are a key component in industrial control systems ICS, which are widely used in the critical infrastructure sectors. The increasing reliance on CPS, however, affords exploitative opportunities for malicious actors targeting our critical infrastructure. The real-time requirement of control systems, coupled with the deployment of resource-constrained field devices, complicate efforts to secure our critical infrastructure. A key technical limitation for security solutions is that they should be lightweight. While lightweight cryptography is useful to some extent, enforcement of asymmetric key cryptographic primitives in control systems is known to be problematic. In this paper, we suggest investigating the enforcement of lightweight security solutions in ICS from a different perspective. Rather than focusing on designing lightweight individual cryptographic primitives, we propose taking a whole-of-system approach to 1 achieve system/collective lightweightness, 2 outsource expensive computations from resource-constrained field devices to neighboring devices and equipments that have more computational capacity, and 3 selectively protect critical data partial/selective protection of Data of Interest.