Monitoring Encrypted Communication with OPC UA
Cyber-attacks on critical infrastructure have been on the rise. Therefore, cyber-security has become very important for Industrial Control Systems. For communication protocol in Industrial Control Systems networks, the Open Platform Communications Unified Archi-tecture communication protocol, which enables secure and platform-independent commu-nications, is expected to be widely used. An important property of Open Platform Commu-nications Unified Architecture is encryption. It is effective in protecting communication data from tampering and eavesdropping but also makes it impossible to monitor communications. In Industrial Control Systems, inappropriate commands to controllers can cause dangerous situations. Even a secure communication protocol cannot guarantee that the data being communicated are safe. There are many types of machines, such as operating support sys-tems and engineering workstations, that can send commands to controllers. They are im-plemented in common operating systems and may fall victim to a cyber-attack. Therefore, the commands to controllers should be monitored. We monitor the communication by de-crypting the encrypted data. In addition, we propose a method of monitoring without communication loads by making the decryption mechanism independent and using the de-crypted data to enable flexible integration with other systems such as Security Information and Event Management.
Wataru Machii, Isao Kato, Masahito Koike, Masafumi Matta, Tomomi Aoyama, Hide-masa Naruoka et al., “Dynamic zoning based on situational activitie for ICS security” 10th Asian Control Conference (ASCC), May 2015.
OPC Foundation, “OPC Unified Architecture Part 1: Overview and Concepts Release 1.04”, November 2017.
Hermann Haskamp, Michael Meyer, Romina Möllmann, Florian Orth, Armando Walter Colombo, “Benchmarking of existing OPC UA implementations for Industrie 4.0-compliant digitalization solutions” 2017 IEEE 15th International Conference on In-dustrial Informatics (INDIN), July 2017.
Haoyu Yu, Dong Yu, Yi Hu, Chuting Wang, “Research on CNC Machine Tool Monitoring System Based on OPC UA” 2019 Chinese Control And Decision Conference (CCDC), June 2019.
Hsien-I Lin, Yu-Che Hwang, “Integration of Robot and IIoT over the OPC Unified Ar-chitecture” 2019 International Automatic Control Conference (CACS), November 2019.
Anna Volkova, Michael Niedermeier, Robert Basmadjian, Hermann de Meer, “Security Challenges in Control Network Protocols: A Survey” IEEE Communications Surveys & Tutorials, Vol. 21, pp. 619-639.
Shingo Abe, Mariko Fujimoto, Shinichi Horata, Yukako Uchida, Takuho Mitsunaga, “Security threats of Internet-reachable ICS” 2016 55th Annual Conference of the Society of Instrument and Control Engineers of Japan (SICE), September 2016
Yaodong Tao, Wei Xu, Hongbin Li, Shenglong Ji, “Experience and Lessons in Building an ICS Security Testbed” 2019 1st International Conference on Industrial Artificial In-telligence (IAI), July 2019.
Akira Yamada, Yutaka Miyake, Masahiro Terabe, Kazuo Hashimoto, “Experience and Lessons in Building an ICS Security Testbed” IPSJ Journal, Vol. 49, No. 3, pp. 1144-1154, Mar 2008.
M. H. Schwarz, J. Börcsök, “A survey on OPC and OPC-UA: About the standard, de-velopments and investigations” 2013 XXIV International Conference on Information, Communication and Automation Technologies (ICAT), November 2013.
OPC Foundation, “OPC Unified Architecture Part 8: Data Access Release 1.04”, No-vember 2017.
OPC Foundation, “OPC Unified Architecture Part 9: Alarms and Conditions Release 1.04”, November 2017.
OPC Foundation, “OPC Unified Architecture Part 11: Historical Access Release 1.04”, January 2018.
D.P.Zegzhda, M.O.Kalinin, M.V.Levykin, “Actual Vulnerabilities of Industrial Auto-mation Protocols of an Open Platform Communications Series” Automatic Control and Computer Sciences Vol. 53, pp. 972–979.
OPC Foundation, “OPC Unified Architecture Part 2: Security Model Release 1.04”, August 2017.
OPC Foundation, “OPC UA Roadmap (2021)”, Available: https://opcfoundation.org/about/opc-technologies/opc-ua/opcua-roadmap/, June 2021.
Internet Engineering Task Force, “RFC1738 Uniform Resource Locators (URL) “, Available: https://datatracker.ietf.org/doc/html/rfc1738, December 1994.
Internet Engineering Task Force, “RFC2818 HTTP Over TLS”, Available: https://datatracker.ietf.org/doc/html/rfc2818, May 2000.
Internet Engineering Task Force, “RFC2396 Uniform Resource Identifiers (URI): Ge-neric Syntax”, Available: https://datatracker.ietf.org/doc/html/rfc2396, August 1998.
OPC Foundation, “OPC Unified Architecture Part 4: Services Release 1.04”, November 2017.
Toshiaki Honda, Takashi Hamaguchi, Yoshihiro Hashimoto, “OPC UA information transfer via unidirectional data diode for ICS cyber security”, PSE2021+, June 2022.