Definition, Implementation and Verification of a FPGA-Based Design for Secure PROFINET RTC Communication
- The status quo of PROFINET, a commonly used industrial Ethernet standard, provides no inherent security in its communication protocols. In this thesis an approach for protecting real-time PROFINET RTC messages against spoofing, tampering and optionally information disclosure is specified and implemented into a real-world prototype setup. Therefor authenticated encryption is used, which relies onThe status quo of PROFINET, a commonly used industrial Ethernet standard, provides no inherent security in its communication protocols. In this thesis an approach for protecting real-time PROFINET RTC messages against spoofing, tampering and optionally information disclosure is specified and implemented into a real-world prototype setup. Therefor authenticated encryption is used, which relies on symmetric cipher schemes. In addition a procedure to update the used symmetric encryption key in a bumpless manner, e.g. without interrupting the real-time communication, is introduced and realized. The concept for protecting the PROFINET RTC messages was developed in collaboration with a task group within the security working group of PROFINET International. The author of this thesis has also been part of that task group. This thesis contributes by proofing the practicability of the concept in a real-world prototype setup, which consists of three FPGA-based development boards that communicate with each other to showcase bumpless key updates. To enable a bumpless key update without disturbing the deterministic real-time traffic by dedicated messages, the key update annunciation and status is embedded into the header. By provisioning two key slots, of which only one is in used, while the other is being prepared, a well-synchronized coordinated switch between the receiver and the sender performs the key update. The developed prototype setup allows to test the concept and builds the foundation for further research and implementation activities, e.g. the impact of cryptographic operations onto the processing time.…
Document Type: | Master's Thesis |
---|---|
Zitierlink: | https://opus.hs-offenburg.de/4201 | Bibliografische Angaben |
Title (English): | Definition, Implementation and Verification of a FPGA-Based Design for Secure PROFINET RTC Communication |
Author: | Heiko Bühler |
Advisor: | Axel Sikora, Andreas Walz |
Year of Publication: | 2020 |
Date of final exam: | 2020/10/01 |
Publishing Institution: | Hochschule Offenburg |
Granting Institution: | Hochschule Offenburg |
Place of publication: | Offenburg |
Page Number: | xii, 96 |
Language: | English | Inhaltliche Informationen |
Institutes: | Forschung / ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik |
Fakultät Elektrotechnik, Medizintechnik und Informatik (EMI) (ab 04/2019) | |
Institutes: | Abschlussarbeiten / Master-Studiengänge / EIM |
DDC classes: | 600 Technik, Medizin, angewandte Wissenschaften / 620 Ingenieurwissenschaften und Maschinenbau / 621.3 Elektrotechnik, Elektronik |
Tag: | PROFINET; industrial communication; security | Formale Angaben |
Open Access: | Closed Access |
Licence (German): | Urheberrechtlich geschützt |
SWB-ID: | 1839265345 |