Towards Formally Verified Key Management for Industrial Control Systems
Adoption of new digital technologies is impacting all aspects of the society. While these new technologies are accepted rapidly within the consumer segment, in the area of industrial control systems the pace of new aspects of computing and further distribution of control is moving slower. This is often due to the criticality and security constraints of such systems, since degraded or hijacked control could lead to injuries or competitive disadvantages. Nowadays a critical component of control systems is the key management protocol for protecting communication. This is specifically important as more and more devices become part of industrial control networks. The key management system must be reliable and robust in order to ensure stable operation of the system with minimum downtime. This often means that the system needs to be autonomous and dynamic, capable of periodically changing the keys automatically and authenticating the system components. Different techniques have been used to examine the reliability and robustness of the key management systems, one promising approach is by using formal methods. In this paper we present a formally verified key management system for use within distributed industrial control systems. We demonstrate that the key management system can reliably handle authentication/communication operations in real-time as well as joining/leaving of control units within the system. We use UPPAAL to analyse several security properties, showing that our models satisfy a collection of requirements defined by our industrial partner and are viable for dynamic key management applications.