DOI QR코드

DOI QR Code

Access Control Mechanism for Industrial Control System Based Smart Contract

스마트 컨트랙트 기반의 산업제어시스템 접근 제어 메커니즘

  • Received : 2019.02.12
  • Accepted : 2019.05.21
  • Published : 2019.06.30

Abstract

Industrial control systems consist of various physical devices such as sensors, actuators. Security Infringement such as waterworks facilities Remote Access Infringement and power control systems Infection have been occured by vulnerability of Access Control. Access control to physical devices must be fulfilled with a reliable system. However, Having a single access control system inside company can not guarantee reliability. In addition, when single access control is struggled with error or infringement, access control system is totally unavailable. so system requires a additional access control method or system. In this paper, we proposed access control mechanism for reliable and stable operation using blockchain and smart contract. Proposed Mechanism using trust score to consider resources to be consumed depending on each industrial environment in consideration of the industrial control system where availability is more important than integrity and confidentiality. Unlike other blockchain-based access control system, proposed system is designed for the currently operating industrial control system.

Keywords

Blockchain;Smart Contract;Industrial Control System(ICS);Access Control;Availability

JBBHCB_2019_v29n3_579_f0001.png 이미지

Fig. 1. Configuration of Industrial Control System

JBBHCB_2019_v29n3_579_f0002.png 이미지

Fig. 2. Concept of Blockchain

JBBHCB_2019_v29n3_579_f0003.png 이미지

Fig. 3. Proposed System

JBBHCB_2019_v29n3_579_f0004.png 이미지

Fig. 4. Sequence Diagram of Human Resource System

JBBHCB_2019_v29n3_579_f0005.png 이미지

Fig. 5. Sequence Diagram of operation log system

JBBHCB_2019_v29n3_579_f0006.png 이미지

Fig. 6. Sequence Diagram of verify system

Table 1. Grade Access Algorithm

JBBHCB_2019_v29n3_579_t0001.png 이미지

Table 2. Comparison with other systems

JBBHCB_2019_v29n3_579_t0002.png 이미지

References

  1. Jae Hoon Nah and Jung Chan Nah, "Standardization Trend of Industrial Control System Security", Review of KIISC, 26(4), pp.28-35, Aug., 2016
  2. Jun Hyoung Oh, Young in You and Kyungho Lee, "Infrastructure Incident and Control System Standard Trend", Review of KIISC, 27(2), pp.5-11, Apr., 2017
  3. IT World, "infrasturcture Hacking Damage Security Incident", 'The most important "facts", numerical value and statistics related to security in 2018', http://www.itworld.co.kr/news/111098, 2019.02.11.
  4. Kaspersky Lab, "The State of Industiral Cybersecurity 2017", 2017
  5. "Security Requirements for Industrial Control System - Part 1: Concepts and Reference Model", TTAK.KO-12.0307-Part1, June, 2017
  6. NCCIC, "ICS-CERT Monitor November-December 2017 US-CERT ", 2017
  7. Fireeye, "2016 ICS Vulnerability Trend Report". 2016
  8. ZDNet Korea, "industirl control system security", http://www.zdnet.co.kr/view/?no=20171124160854, 2019.02.08
  9. Stouffer, K., Falco, J., and Scarfone, K. "Guide to industrial control systems (ICS) security". NIST special publication, 800(82), 2011.
  10. Nakamoto, S. "Bitcoin: A peer-to-peer electronic cash system.", Oct. 2008.
  11. Wood, G. "Ethereum: A secure decentralised generalised transaction ledger." Ethereum project yellow paper, 2014.
  12. Stallings, William. Cryptography and network security: principles and practice. Practice (6th Edition), Pearson, 2008.
  13. Sungbum Lee, Boohyung Lee, Sein Myung and Jong-Hyouk Lee, "Security Analysis of Blockchain Systems: Case Study of Cryptocurrencies." Journal of The Korea Institute of Information Security & Cryptology, 28(1), pp5-14, Feb, 2018. https://doi.org/10.13089/JKIISC.2018.28.1.5
  14. Daehwa Rayer Lee and Hyoungshick Kim, "Block Chain Research Trend Analysis: focusing on the consensus algorithm." Review of KIISC, 28(3), pp5-10, 2018
  15. Zheng, Z., Xie, S., Dai, H. N., Chen, X., and Wang, H. "Blockchain challenges and opportunities: A survey." International Journal of Web and Grid Services, 14(4), pp352-375, 2018. https://doi.org/10.1504/IJWGS.2018.095647
  16. Szabo, Nick. "Smart contracts: building blocks for digital markets." EXTROPY: The Journal of Transhumanist Thought, 1996.
  17. Chanyoung Lee, Manhyun Chung and Byung-gil Min, "Industrial control system control command integrity protection scheme using OTP(One-Time Password)", Review of KIISC, 27(2), pp.34-40, Apr., 2017.
  18. Zhang, Y., Kasahara, S., Shen, Y., Jiang, X., and Wan, J. "Smart Contract-Based Access Control for the Internet of Things.",6(2), pp1594-1605, Apri., 2019 https://doi.org/10.1109/JIOT.2018.2847705
  19. Pinno, O. J. A., Gregio, A. R. A., & De Bona, L. C. "ControlChain: Blockchain as a Central Enabler for Access Control Authorizations in the IoT." In: GLOBECOM 2017-2017 IEEE Global Communications Conference. IEEE, pp. 1-6, 2017.
  20. Ouaddah, A., Abou Elkalam, A., & A it Ouahman, A. , "FairAccess: a new Blockchain-based access control framework for the Internet of Things.", Security and Communication Networks, 9(18), pp5943-5964 , Feb., 2017.
  21. "Security Requirements for Industrial Control System - Part 3: Control Layer", TTAK.KO-12.0307-Part3, Jun., 2017

Acknowledgement

Grant : 원전 비안전등급 제어기기(DCS) 사이버침해 예방 및 탐지 기술 개발

Supported by : 한국에너지기술평가원 (KETEP)