Research And Implementation Of Dynamic Remote Proof Technology For Industrial IoT Smart Devices

Industrial Internet of Things(IIoT)aims to promote traditional industry to a new stage of intelligence,through sharing industrial resource,data interworking and system interoperation.However,the security issues of terminal devices in IIoT has become a problem that restricts the development of the IIoT.Remote attestation technology is an effective solution to ensure the security of IIoT devices.It allows a trusted verifier to remotely assess the state of an untrusted IIoT devices,so as to discover the compromised devices timely.However,the mainstream remote attestation schemes are mainly used to detect the static attacks that destroy the software integrity of a device.Such schemes can only ensure the integrity of program code,while cannot resist dynamic attacks that only change the execution flow of a compromised device.Meanwhile,the existing defense that can resist dynamic attacks for IIoT devices often suffer from great consumption.Therefore,these defenses are impractical for IIoT devices that are limited in computing power and storage space.To this end,this paper investigates and analyzes the existing remote attestation schemes for IIoT devices,and makes the following specific research:(1)To mitigate the problems in existing remote attestation schemes that resist to,this paper proposes a new type of dynamic remote attestation scheme for IIoT devices—the program identifier-based dynamic remote attestation scheme(TDRA).Through the automatic insertion of program identifiers into the program of IIoT devices,this scheme reduces the complexity of segmentation in existing dynamic remote attestation.At the same time,this scheme not only can verify the correctness of device's execution flow but also can verify the rationality of it by inserting different type of program identifiers.In addition,this scheme also supports the code integrity verification for IIoT devices,so as to decide whether the device is under a static attack.The security and performance analysis results show that TDRA is secure and efficient.(2)In view of the lacking application in dynamic remote attestation,we use the C/S model to design a remote attestation system for IIoT devices based on the trusted computing environment provided by the Raspberry Pi.This system provides a comprehensive attack detection for IIoT devices through combining the improved dynamic remote attestation technology and software integrity verification.Users can easily discover the security status of each device in IIoT from a mobile phone or a computer in this system.(3)Utilizing the Raspberry Pi to simulate different IIoT devices and a server to act the role of verifier,this paper implements a real remote attestation system model.Through the display of this system's function,the ability of attack detection,and the simulation in IIoT scenario,this paper shows that this system can provide IIoT devices with secure and reliable security assurance services,and this system can be well applied in different IIoT scenarios.