Journal of Information Security Reserach ›› 2023, Vol. 9 ›› Issue (6): 580-.

Previous Articles     Next Articles

A Method of Active Defense for Intelligent Manufacturing  Device Swarms Based on Remote Attestation

  

  • Online:2023-06-04 Published:2023-06-03

一种基于远程证明的智能制造设备群的主动防御方案

孔维一1李昕2宋永立2况博裕3付安民1   

  1. 1(南京理工大学计算机科学与工程学院南京210094)
    2(北京计算机技术及应用研究所北京100854)
    3(南京理工大学网络空间安全学院南京210094)
  • 通讯作者: 孔维一 硕士研究生.主要研究方向为物联网安全. koweiyi@njust.edu.cn
  • 作者简介:孔维一 硕士研究生.主要研究方向为物联网安全. koweiyi@njust.edu.cn 李昕 硕士,高级工程师.主要研究方向为工业信息安全. lx83@live.cn 宋永立 硕士,高级工程师.主要研究方向为工业信息安全. songyongli2006@126.com 况博裕 博士.主要研究方向为工业互联网安全. kuang@njust.edu.cn 付安民 博士,教授,博士生导师.主要研究方向为工业互联网安全、智能系统与软件安全. fuam@njust.edu.cn

Abstract: With the development of artificial intelligence technology, intelligent manufacturing has become an inevitable choice for enterprise production. However, a compromised device not only causes issues such as confidentiality leaks and production chain errors, but also serves as a springboard for attackers and thus affects the security of the entire swarm. In this paper, we propose a proactive defense solution for intelligent manufacturing swarms based on remote attestation (SecRA). SecRA generates independent challenges for each device, enabling pointtopoint communication between gateways and devices. By extending the functionality of gateways, SecRA utilizes asynchronous communication to adapt to the existing network structure. In addition, based on the challengequery attestation protocol, communication and computation costs are transferred to resourcerich gateways, greatly reducing the burden of devices. Finally, the efficiency and feasibility of the SecRA are experimentally verified.

Key words: artificial intelligence, intelligent manufacturing, remote attestation, swarm attestation, proactive defense

摘要: 随着人工智能技术的发展,智能制造已成为目前企业生产的必然选择.然而与此同时,智能制造设备群面临的安全风险也不断上升,一个被入侵的智能制造设备不仅会造成机密泄露、生产链错误等问题,还会成为攻击者的跳板进而影响整个设备群的安全.设计了一种基于远程证明的智能制造系统设备群的主动防御方案SecRA,以验证设备群的安全状态.SecRA对每个智能制造设备都生成独立的证明挑战,实现了网关和设备间点到点通信,保证了该主动防御方法的安全性.SecRA通过对智能制造系统中网关设备的功能扩展,完成验证者和设备之间的异步通信,以匹配现有智能制造系统网络结构.此外,SecRA基于挑战质询的证明协议,将通信和计算开销都转移到资源丰富的网关设备,极大节省了设备端的开销.最后,仿真实验证明了SecRA主动防御方法的高效性和可行性.


关键词: 人工智能, 智能制造, 远程证明, 群证明, 主动防御