| Industrial Wireless Network (IWN) is a kind of Wireless Sensor Network (WSN) applied in factory automation control. Compared with traditional WSN, IWN required higher stability, higher reliability, higher real-time performance and higher security. However, for the special requirements of transmission mechanism and high real-time, traditional security mechanisms with expensive time consumption and expensive energy consumption for WSNs are not suitable for IWNs. In this regard, this paper first proposes a consumption model for security mechanisms, and based on the proposed model, presents a low-cost security mechanism for IWN.1) According to the problem of consumption prediction for security mechanism, a fast and flexible security mechanism consumption model is proposed. The consumption model is divided into two levels:the algorithm-level consumption model and the system-level consumption model. The algorithm-level consumption model constructs the consumption model by mapping the target algorithms into arithmetic instructions and memory access instructions, and expressing the amount of instructions with a two-dimensional vector independent of the processor. The system-level consumption model constructs the model with the statistics of security algorithms in the target security mechanisms. The verification results from the CCM*and TinySec models show that the similarity rates of the consumption models proposed both before and after correction are very stable with various payload length, and the variances of their similarity rates are much lower than the reference mentioned.2) According to the problems of traditional AES implementations, an AES implementation based on a512-Byte lookup table with optimized structure is proposed. Named as1-T, this implementation improves the access-driven cache attack resistant ability. Furthermore, the round function of1-T is optimized as well to eliminate the speed influence from the shrunken lookup table. The experiment result shows that, at the security aspect,1-T’s attack resistant ability is at least100times as4-T’s under the same cache setting; and at the consumption aspect,1-T’s encryption time is43.5%and106.3%higher than4-T’s on the ARM and the x86platform respectively, but1-T’s storage overhead is only28%of4-T’s. Compared with the hardware-based implementation,1-T’s time consumption and energy consumption are both much lower.3) According to the problem of broadcast authentication in IWN, a Hash-chain based secure broadcast mechanism TuTESLA is proposed. TuTESLA utilizes the high-reliability broadcast mechanism based on multi-transmission to provide authentication for broadcast, ensuring that the authentication can be realized as long as at least two broadcast frames having been received, and securing broadcast frame with two crossing security chains. TuTESLA also eliminates the dependency between the length of hash chain and the supported number of broadcasts, avoiding the problem of the high storage required for the long-time and continued broadcast. The comparison shows that TuTESLA has comparable security as other methods, and the invoking count of Hash algorithms is2-n times of uTESLA at the sender side, and only2more than uTESLA at the receiver side.4) Targeting the high real-time and high reliability IWN for factory automation (IWN-FA), a light-weight security architecture FA-Sec is proposed. FA-Sec defines hierarchical key architecture, supplying different keys for different security operations and improving the efficiency of key management. FA-Sec supports secure joining based on Access Control List and Join Key, preventing the invalid nodes joining network. FA-Sec supports two security modes with different security. The security and consumption analyses show that FA-Sec supplies high security for IWN-FA, without high affection on network performance and energy consumption. |
PDF Full Text Request