Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Introducing remote attestation and hardware-based cryptography to OPC UA

: Birnstill, Pascal; Haas, Christian; Hassler, D.; Beyerer, Jürgen

Fulltext urn:nbn:de:0011-n-4817021 (700 KByte PDF)
MD5 Fingerprint: 26e0676adf9a22ecc2ce90ef7d35da8c
© IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Created on: 1.2.2018

Institute of Electrical and Electronics Engineers -IEEE-:
ETFA 2017, 22nd IEEE International Conference on Emerging Technologies and Factory Automation : 12-15 September 2017, Limassol, Cyprus
Piscataway, NJ: IEEE, 2017
ISBN: 978-1-5090-6505-9
ISBN: 978-1-5090-6504-2
ISBN: 978-1-5090-6506-6
8 pp.
International Conference on Emerging Technologies and Factory Automation (ETFA) <22, 2017, Limassol/Cyprus>
Conference Paper, Electronic Publication
Fraunhofer IOSB ()

In this paper we investigate whether and how hardware-based roots of trust, namely Trusted Platform Modules (TPMs) can improve the security of the communication protocol OPC UA (Open Platform Communications Unified Architecture) under reasonable assumptions, i.e. the Dolev-Yao attacker model. Our analysis shows that TPMs may serve for generating (RNG) and securely storing cryptographic keys, as cryptocoprocessors for weak systems, as well as for remote attestation. We propose to include these TPM functions into OPC UA via so-called ConformanceUnits, which can serve as building blocks of profiles that are used by clients and servers for negotiating the parameters of a session. Eventually, we present first results regarding the performance of a client-server communication including an additional OPC UA server providing remote attestation of other OPC UA servers.