Threat Sensitive Networking

None, None; None, None; None, None

Threat Sensitive Networking

On the Security of IEEE 802.1CB and (un)Effectiveness of Existing Security Solutions

Conference Paper (2023)

Author(s)

Adriaan de Vos (Student TU Delft)

Alessandro Brighente (Università degli Studi di Padova)

M. Conti (Università degli Studi di Padova, TU Delft - Cyber Security)

Research Group

Cyber Security

Copyright

DOI related publication

https://doi.org/10.1007/978-3-031-25460-4_4

Security Ethernet Time-Sensitive Networking (TSN) IEEE 802.1CB Replication and Elimination for Reliability (FRER)

To reference this document use:

https://resolver.tudelft.nl/uuid:866676fe-d9b1-4ac8-b29e-f39379c8b472

More Info

expand_more

Publication Year

2023

Language

English

Copyright

Research Group

Cyber Security

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.@en

Pages (from-to)

67-80

ISBN (print)

978-3-031-25459-8

ISBN (electronic)

978-3-031-25460-4

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

IEEE 802.1CB provides a standard for reliable packet delivery within Time-Sensitive Networking (TSN). As this standard is envisioned to be used in mission-critical networks in the near future, it has to be protected against security threats. The integrity of the network communication should be the biggest focus as guaranteed delivery is essential. However, IEEE 802.1CB does not come with security guarantees. Indeed, as we show in this paper, an attacker may be able to exploit different threat vectors to impair the correctness of communication, impacting on the safety of users. Due to TSN strict delay and reliability requirements, classical security solutions can not be easily applied without significant efforts. Therefore, researchers proposed multiple solutions to guarantee secure communication. However, the current state-of-the-art is not able to guarantee both security and timing guarantees. In this paper, we provide a detailed analysis of the security of IEEE 802.1CB exploiting the STRIDE methodology. Compared to the existing state-of-the art on the subject, we provide a deeper analysis of the possible threats and their effect. We then analyze available solutions for security in IEEE 802.1CB, and compare their performance in terms of time, reliability, and security guarantees. Based on our analysis, we show that, although there exist promising solutions trying to provide security to 802.1CB, there is still a gap to be filled both in terms of security and latency guarantees.

Files

978_3_031_25460_4_4.pdf

(pdf | 0.758 Mb)

- Embargo expired in 18-08-2023

License info not available