Industry 4.0 is a new strategic industrial development that is changing the way business develop communication and management protocols on their networks. Software-Defined Networking (SDN) can help this revolutionary process but to make the most of its potential, more abstract and customizable development paradigms are needed. In this work we present a toolkit whose scope is to allow a system network administrator to implement and verify in a formal way security policies, in the context of an industrial network. The prototype of our tool suite is based on four application plug-ins of the ONOS controller. Our SDN-based toolkit is able to detect compromised network boxes as a result of bogus injected flow-rules, inner loops and black-holes (notoriously difficult to detect via normal network scans), flow-rule replacements or removal and other SDN controller exploitations that may compromise the forwarding activities. We argue that our set of tools is already effective despite being at its development infancy, and its design easily extensible to other use cases.

A Policy Checker Approach for Secure Industrial SDN

Berardi, Davide;
2018-01-01

Abstract

Industry 4.0 is a new strategic industrial development that is changing the way business develop communication and management protocols on their networks. Software-Defined Networking (SDN) can help this revolutionary process but to make the most of its potential, more abstract and customizable development paradigms are needed. In this work we present a toolkit whose scope is to allow a system network administrator to implement and verify in a formal way security policies, in the context of an industrial network. The prototype of our tool suite is based on four application plug-ins of the ONOS controller. Our SDN-based toolkit is able to detect compromised network boxes as a result of bogus injected flow-rules, inner loops and black-holes (notoriously difficult to detect via normal network scans), flow-rule replacements or removal and other SDN controller exploitations that may compromise the forwarding activities. We argue that our set of tools is already effective despite being at its development infancy, and its design easily extensible to other use cases.
2018
9781538670453
industry 4.0
model checking
SDN
security
Computer Networks and Communications
Safety
Risk
Reliability and Quality
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12606/10313
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 13
social impact