Formal Security Evaluation and Improvement of Wireless HART Protocol in Industrial Wireless Network

With the rapid development of wireless communication technology in the field of industrial control systems, Wireless HART is an international wireless standard, because of its low cost and strong scalability, as well as its wide range of applications in the industrial control field. However, it is more open communication so that the possibility of increased attacks by external. At present, there are many types of research on wireless protocol security at home and abroad, but they all focus on the realization of the security function of the protocol itself, which has certain limitations for the formal modeling of the protocol security assessment. Taking into account the aforementioned research status, this paper takes the Wireless HART protocol as the research object and adopts the model detection method combining eCK model theory and colored Petri net theory to evaluate and improve the security of the protocol. First, the colored Petri net theory and CPN Tools modeling tool were introduced to verify the consistency of the original model of the protocol. And the eCK model was used to evaluate the security of the original protocol model. It was found that the protocol has two types of man-in-the-middle attack vulnerabilities: tampering and deception. Aiming at the attack loopholes of the protocol, an improvement plan was proposed. After improving the original protocol, CPN Tools modeling tool was used for security verification. It was found that the new scheme improvement can effectively prevent the existing attacks and reasonably improve the security of the protocol.

Automated summary

This paper evaluates and improves the security of the Wireless HART protocol using a model detection method combining eCK model theory and colored Petri net theory. The original protocol model was found to have vulnerabilities to man-in-the-middle attacks, which were then addressed through an improvement plan. After implementing the improvements, the security of the protocol was effectively enhanced.