Time-Sensitive Networking IEEE 802.1CB: Security and Reliability
A.D. de Vos (TU Delft - Electrical Engineering, Mathematics and Computer Science)
Alessandro Brighente – Mentor (Università degli Studi di Padova)
M. Conti – Graduation committee member (TU Delft - Cyber Security)
Apostolis Zarras – Graduation committee member (TU Delft - Cyber Security)
K.G. Langendoen – Coach (TU Delft - Embedded Systems)
More Info
expand_more
Source Code and Documentation
https://github.com/AdriaanDeVos/tsn-hardware-testbed-802.1CBOther than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
The upcoming IEEE 802.1CB standard aims to solve performance and reliability issues in Time-Sensitive Networking (TSN). Mission-critical systems often use these standards for communication in automotive, industrial, and avionic networks. However, researchers did not sufficiently investigate the security risks and possible mitigation solutions to this introduced standard. This limited knowledge is a problem as Cyber-Physical Systems (CPS) are mission-critical and time-sensitive, and any unexpected failure of these systems could endanger lives.
To attain a complete overview of the security risks of IEEE 802.1CB, we use an improved STRIDE model for Cyber-Physical Systems. We then design and create a hardware test-bed for Time-Sensitive Networking to prove the feasibility of the identified security risks. Finally, we implement attacks for the identified security risks in IEEE 802.1CB and analyze their impact by running experiments on the hardware test-bed. The results show that some of the identified security risks significantly impact the network’s reliability as we successfully execute a Replay attack and a Denial of Service attack. However, the hardware switches provide only limited functionality of the IEEE 802.1CB specification. Therefore, we could not verify the attacks against all identified security risks.
These results show that this networking standard is not ready to be used in Cyber-Physical Systems as the impact of the identified security risks is too significant. On this basis, we recommend additional research and improvements to the IEEE 802.1CB standard and mitigation solutions.