Time-Sensitive Networking IEEE 802.1CB: Security and Reliability

Master thesis (2022)

Authors

A.D. de Vos Electrical Engineering, Mathematics and Computer Science

Contributors

Alessandro Brighente Università degli Studi di Padova (supervisor 1)
M. Conti Cyber Security - EEMCS (supervisor 2)
A. Zarras Cyber Security - EEMCS (supervisor 2)
K.G. Langendoen Embedded Systems - EEMCS (coach)
Faculty
Electrical Engineering, Mathematics and Computer Science
Copyright: © 2022 Adriaan de Vos
Network Security Time-Sensitive Networking (TSN) IEEE 802.1CB (FRER) Mission-Critical Applications Hardware Test-Bed STRIDE Scapy
More Info
expand_more

Published Date

22-06-2022

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

The upcoming IEEE 802.1CB standard aims to solve performance and reliability issues in Time-Sensitive Networking (TSN). Mission-critical systems often use these standards for communication in automotive, industrial, and avionic networks. However, researchers did not sufficiently investigate the security risks and possible mitigation solutions to this introduced standard. This limited knowledge is a problem as Cyber-Physical Systems (CPS) are mission-critical and time-sensitive, and any unexpected failure of these systems could endanger lives.

To attain a complete overview of the security risks of IEEE 802.1CB, we use an improved STRIDE model for Cyber-Physical Systems. We then design and create a hardware test-bed for Time-Sensitive Networking to prove the feasibility of the identified security risks. Finally, we implement attacks for the identified security risks in IEEE 802.1CB and analyze their impact by running experiments on the hardware test-bed. The results show that some of the identified security risks significantly impact the network’s reliability as we successfully execute a Replay attack and a Denial of Service attack. However, the hardware switches provide only limited functionality of the IEEE 802.1CB specification. Therefore, we could not verify the attacks against all identified security risks.

These results show that this networking standard is not ready to be used in Cyber-Physical Systems as the impact of the identified security risks is too significant. On this basis, we recommend additional research and improvements to the IEEE 802.1CB standard and mitigation solutions.