Visible to the public Concept of Smart Building Cyber-physical Systems Including Tamper Resistant Endpoints

TitleConcept of Smart Building Cyber-physical Systems Including Tamper Resistant Endpoints
Publication TypeConference Paper
Year of Publication2018
AuthorsPuesche, A., Bothe, D., Niemeyer, M., Sachweh, S., Pohlmann, N., Kunold, I.
Conference Name2018 International IEEE Conference and Workshop in Óbuda on Electrical and Power Engineering (CANDO-EPE)
Date Publishednov
Keywordscomposability, Computer science, Containers, CPS devices, critical infrastructure, critical infrastructures, cryptography, Cyber-physical systems, data integrity, firmware, Hardware, hardware-based security, integrity measurement mechanisms, Internet of Things, IoT, IT-security, oAuth2.0, pubcrawl, Resiliency, secure communication channels, security of data, smart building cyber-physical systems, Smart buildings, Software, tamper resistant endpoints, TLS 1.3, Trusted Computing, Trusted Platform Module, trusted platform modules, Trusted Platfrom Modules, update mechanisms, verification mechanism

Cyber-physical systems (CPS) and their Internet of Things (IoT) components are repeatedly subject to various attacks targeting weaknesses in their firmware. For that reason emerges an imminent demand for secure update mechanisms that not only include specific systems but cover all parts of the critical infrastructure. In this paper we introduce a theoretical concept for a secure CPS device update and verification mechanism and provide information on handling hardware-based security incorporating trusted platform modules (TPM) on those CPS devices. We will describe secure communication channels by state of the art technology and also integrity measurement mechanisms to ensure the system is in a known state. In addition, a multi-level fail-over concept is presented, ensuring continuous patching to minimize the necessity of restarting those systems.

Citation Keypuesche_concept_2018