当前位置: X-MOL 学术ACM Comput. Surv. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Survey of IIoT Protocols
ACM Computing Surveys ( IF 16.6 ) Pub Date : 2020-05-04 , DOI: 10.1145/3381038
Santiago Figueroa-Lorenzo 1 , Javier Añorga 1 , Saioa Arrizabalaga 1
Affiliation  

Industrial Internet of Things (IIoT) is present in many participants from the energy, health, manufacturing, transport, and public sectors. Many factors catalyze IIoT, such as robotics, artificial intelligence, and intelligent decentralized manufacturing. However, the convergence between IT, OT, and IoT environments involves the integration of heterogeneous technologies through protocols, standards, and buses. However, this integration brings with it security risks. To avoid the security risks, especially when systems in different environments interact, it is important and urgent to create an early consensus among the stakeholders on the IIoT security. The default Common Vulnerability Scoring System (CVSS) offers a mechanism to measure the severity of an asset's vulnerability and therefore a way to characterize the risk. However, CVSS by default has two drawbacks. On the one hand, to carry out a risk analysis, it is necessary to have additional metrics to the one established by CVSSv3.1. On the other hand, this index has been used mostly in IT environments and although there are numerous efforts to develop a model that suits industrial environments, there is no established proposal. Therefore, we first propose a survey of the main 33 protocols, standards, and buses used in an IIoT environment. This survey will focus on the security of each one. The second part of our study consists of the creation of a framework to characterize risk in industrial environments, i.e., to solve both problems of the CVSS index. To this end, we created the Vulnerability Analysis Framework (VAF), which is a methodology that allows the analysis of 1,363 vulnerabilities to establish a measure to describe the risk in IIoT environments.

中文翻译:

IIoT 协议概览

工业物联网 (IIoT) 存在于能源、健康、制造、运输和公共部门的许多参与者中。许多因素催化了 IIoT,例如机器人技术、人工智能和智能分散制造。然而,IT、OT 和 IoT 环境之间的融合涉及通过协议、标准和总线对异构技术的集成。但是,这种集成带来了安全风险。为了避免安全风险,特别是当不同环境中的系统交互时,在利益相关者之间就 IIoT 安全性达成早期共识非常重要且紧迫。默认的通用漏洞评分系统 (CVSS) 提供了一种衡量资产漏洞严重性的机制,从而提供了一种表征风险的方法。然而,默认情况下,CVSS 有两个缺点。一方面,为了进行风险分析,除了 CVSSv3.1 建立的指标之外,还需要额外的指标。另一方面,该指标主要用于 IT 环境,虽然为开发适合工业环境的模型付出了很多努力,但还没有确定的建议。因此,我们首先建议对 IIoT 环境中使用的主要 33 种协议、标准和总线进行调查。本次调查将重点关注每个人的安全性。我们研究的第二部分包括创建一个框架来描述工业环境中的风险,即解决 CVSS 指数的两个问题。为此,我们创建了漏洞分析框架 (VAF),这是一种允许分析 1、
更新日期:2020-05-04
down
wechat
bug