A Secure IIoT Gateway Architecture based on Trusted Execution Environments

Industrial Internet of Things (IIoT) gateways are affected by many cybersecurity threats, compromising their security and dependability. These gateways usually represent single points of failure on the IIoT infrastructure. When compromised, they can disrupt the entire system, including the security of the IIoT devices and the confidentiality and privacy of the data. This paper introduces a Secure IIoT Gateway Architecture that encompasses Trusted Execution Environment concepts and consolidated security algorithms to achieve a secure IIoT environment. Sensitive procedures of the IIoT, like device admission, bootstrapping, key management, authentication, and data exchange among operational technology (OT) and information technology (IT) are handled by the gateway inside the secure execution domain. The bootstrapping does not require devices to have any pre-stored secret or a pre-established secure channel to any trusted third party. Moreover, our architecture includes mechanisms for IIoT devices to safely interact with the Cloud without assuming the integrity of the gateways between them, enabling continuous verification of gateway integrity. A formal proof of the proposed solution security is provided. Finally, the security of the proposed architecture is discussed according to the specified requirements.

Automated summary

Industrial Internet of Things (IIoT) gateways are vulnerable to cybersecurity threats, posing risks to the security and reliability of the IIoT system. This paper presents a Secure IIoT Gateway Architecture that utilizes Trusted Execution Environment and consolidated security algorithms to establish a secure IIoT environment. The gateway handles critical IIoT procedures, such as device admission, bootstrapping, key management, authentication, and data exchange between operational technology (OT) and information technology (IT), within a secure execution domain. The architecture also includes measures for IIoT devices to safely communicate with the Cloud without relying on the integrity of the gateways, allowing continuous verification of gateway integrity. The security of the proposed solution is formally proven, and the architecture's security is evaluated based on defined requirements.