Colloquium Details
Securing Network Access in Wireless Sensor Networks Supporting Industrial Control System
| Author: | Kun Sun Intelligent Automation, Inc. |
|---|---|
| Date: | January 14, 2010 |
| Time: | 15:30 |
| Location: | 220 Deschutes |
| Host: | Jun Li |
Abstract
Industrial control systems (ICSs) are crucial to the operation of the U.S. critical infrastructures, such as energy, water treatment, agriculture and food, and transportation systems. Recent advances in wireless sensor networks leverage the capabilities of the existing monitoring and control infrastructure in the ICSs. However, it is difficult to define and control boundaries and interactions between sensor nodes in wireless sensor networks. Threats to control systems can come from numerous sources, including hostile governments, terrorist groups, malicious intruders, complexities, accidents, natural disasters as well as malicious or accidental actions by insiders.
We developed and implemented a prototype secure network access system for wireless sensor networks that support ICSs. This system can provide node authentication, packet authentication, packet integrity, and packet confidentiality using standardized cryptosystems. The system consists of three stages. In the Network Admission Control stage, when new sensor nodes are added into an existing sensor network, they can generate a pairwise secret key with an admission controller using the self-certified Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol. We developed a polynomial-based weak authentication scheme to mitigate potential Denial of Service (DoS) attacks against the self-certified ECDH protocol. In the Network Access Control stage, we implemented symmetric key cryptography with hardware security support in the radio components on common sensor platforms. We enforced secure and efficient network access by employing a network-wide secret key, which is only known to eligible nodes, to authenticate all the packets transmitted in the network. In the Network Access Maintenance stage, to remove the compromised nodes from the network, we designed and implemented stateless group key update schemes to update the secret key shared by all the eligible nodes.
Biography
Dr. Kun Sun is a senior Research Scientist in Intelligent Automation Inc. at Rockville, Maryland. He leads the research on network and systems security. He has won a number of research awards (1.5 Million in total) from government agencies like DoD, DHS, and NIST. He serves as technical lead for projects including secure network access in industrial control system, security analysis using security metrics, secure database system in ad-hoc networks, trusted query and trusted routing in wireless sensor networks, and DoS mitigation in wireless networks.