Abstract
Communication security is a major concern in industrial process management. Indeed, in addition to real-time requirements, it is very important to ensure that sensing data sent by field sensors are not altered or modified during their transmission. This is more true in Wireless Sensor Networks where communication can be hijacked and false data injected. Therefore wireless communication protocols include several security mechanisms to ensure data confidentiality and integrity. In this paper, we present an attack against WirelessHART, the leading wireless communication protocol in industrial environment. We show that an insider attacker can bypass security mechanisms and inject false commands in the network. Such attacks can have harmful economical consequences or even more can threaten human lives. We propose also some solutions that can be applied for detecting and mitigating this kind of attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Huang, Y.L., Cárdenas, A., Amin, S., Lin, Z.S., Tsai, H.Y., Sastry, S.: Understanding the physical and economic consequences of attacks on control systems. Int. J. Crit. Infrastruct. Prot. 2(3), 73–83 (2009)
HART Communication Foundation: WirelessHART. http://www.hartcomm.org
IEEE: IEEE 802.15.4-2006: Standard for Local and metropolitan area networks-Part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs). http://www.ieee.org
Bayou, L., Espes, D., Cuppens-Boulahia, N., Cuppens, F.: WirelessHART NetSIM: a WirelessHART SCADA-based wireless sensor networks simulator. In: Bécue, A., Cuppens-Boulahia, N., Cuppens, F., Katsikas, S., Lambrinoudakis, C. (eds.) CyberICS/WOS-CPS -2015. LNCS, vol. 9588, pp. 63–78. Springer, Heidelberg (2016). doi:10.1007/978-3-319-40385-4_5
Han, S., Zhu, X., Mok, A.K., Chen, D., Nixon, M.: Reliable and real-time communication in industrial wireless mesh networks. In: 17th IEEE RTAS, USA, pp. 3–12. IEEE Computer Society (2011)
Kim, A.N., Hekland, F., Petersen, S., Doyle, P.: When HART goes wireless: understanding and implementing the WirelessHART standard. In: Proceedings of 13th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, Hamburg, Germany, pp. 899–907. IEEE (2008)
Song, J., Han, S., Mok, A., Chen, D., Lucas, M., Nixon, M.: WirelessHART: applying wireless technology in real-time industrial process control. In: Real-Time and Embedded Technology and Applications Symposium, RTAS 2008, pp. 377–386. IEEE, April 2008
Raza, S., Slabbert, A., Voigt, T., Landernäs, K.: Security considerations for the WirelessHART protocol. In: Proceedings of 12th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, Spain, pp. 1–8. IEEE (2009)
Alcaraz, C., Lopez, J.: A security analysis for wireless sensor mesh networks in highly critical systems. IEEE Trans. Syst. Man Cybern. Part C 40(4), 419–428 (2010)
Bayou, L., Espes, D., Cuppens-Boulahia, N., Cuppens, F.: Security issue of WirelessHART based SCADA systems. In: Lambrinoudakis, C., Gabillon, A. (eds.) CRiSIS 2015. LNCS, vol. 9572, pp. 225–241. Springer, Heidelberg (2016). doi:10.1007/978-3-319-31811-0_14
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Bayou, L., Espes, D., Cuppens-Boulahia, N., Cuppens, F. (2017). Security Analysis of WirelessHART Communication Scheme. In: Cuppens, F., Wang, L., Cuppens-Boulahia, N., Tawbi, N., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2016. Lecture Notes in Computer Science(), vol 10128. Springer, Cham. https://doi.org/10.1007/978-3-319-51966-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-51966-1_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51965-4
Online ISBN: 978-3-319-51966-1
eBook Packages: Computer ScienceComputer Science (R0)