Technical ReportPDF Available


Content may be subject to copyright.
Durch das Internet der Dinge werden immer mehr Geräte
aus dem Automatisierungsbereich mit dem Internet ver-
bunden. Das sind hauptsächlich leistungsschwache Sen-
soren und Aktoren, die physikalische Prozesse steuern.
Dies führt zu Sicherheitsrisiken in industriellen Kontroll-
systemen, die in diesem Bericht beschrieben werden.
Die Herausforderungen, die durch das Absichern dieser
Geräte entstehen, werden skizziert. Physical Unclonable
Functions, die eine vielversprechende Gegenmaßnahme
sind, werden kurz vorgestellt.
Through the Internet of Things, more devices from the
automation sector are connected to the Internet. These
are mainly low-power sensors and actuators that con-
trol physical processes. This results in security risks in
industrial control systems, which will be described in this
paper. The challenges involved in securing these devices
are outlined. Physical Unclonable Functions, which are a
promising countermeasure, will be briefly presented.
1 Introduction
The industry has recognized the benets of the Internet
of Things (IoT) and is already adapting them, for instance
to increase productivity or optimize energy consumption.
By integrating the Industrial Internet of Things (IIoT),
Industrial Control Systems (ICSs) are now also connected
to cloud services via the Internet. As a result, the previ-
ously isolated Operational Technology (OT) is exposed to
increased risks.
The term OT is used to emphasize the dierence to IT.
Not only the eld of application diers but also the
devices and communication protocols used. OT includes
Programmable Logic Controllers (PLCs), sensors, and
actuators. The low-power embedded devices are usually
specialized for a specic application, which considerably
limits their flexibility. Security measures have not been
widely implemented due to cost and time pressure. Their
task within an ICS is to control and monitor physical pro-
cesses. Based on sensor values, such as temperatures
or positions, decisions are made on how actuators, like
conveyor belts or robots, must react.
Safety is the highest priority for employees and machines.
However, the internet connection of IIoT devices results in
additional threats that could jeopardize safety by mak-
ing it easier for attackers to take control and manipulate
them. Malfunction of OT devices can have considerable
consequences because people can be injured or machines
destroyed. If these devices are used in critical infrastruc-
tures, even worse scenarios are conceivable. Each gov-
ernment itself determines which processes and sectors
are particularly worth protecting and therefore count as
critical infrastructure. Germany, for example, species nine
sectors including energy supply, information technology
and communication, and water among others [1]. Cyber-
attacks have already been carried out on these sectors. In
December 2015, the Ukrainian power grid was attacked,
for example. Attackers compromised the computers and
Supervisory Control and Data Acquisition (SCADA) systems
of a regional power distribution company leaving 225,000
people without power for several hours [2].
In our research project “Intelligent Security for Electrical
Actuators and Converters in Critical Infrastructures (iSEC)”
with two industrial partners, we want to jointly develop
Simon Liebl, M�Eng�
Leah Lathrop, B�Eng�
Prof� Dr� Andreas Aßmuth
Prof� Matthias Söllner
Securing Low-Power
Industrial Devices
in Critical
solutions to prevent such incidents. The Franconian com-
panies Grass Power Electronics GmbH and SIPOS Aktorik
GmbH produce battery storage combined with electric ve-
hicle chargers and electrical actuators that are both used
in critical infrastructures. As the rst step in this project,
the threats to IIoT devices have been analyzed. The
analysis must take into account that especially in critical
infrastructures the complexity of attacks is not limited. As
already described, embedded devices are not compara-
ble to conventional IT devices. Therefore, the character-
istics of these devices must be analyzed and considered
during the development of threat mitigation measures to
design applicable solutions. Physical Unclonable Func-
tions (PUFs) are a promising solution to prevent hardware
and soware attacks. In this project, we will examine the
possible applications and their feasibility.
2 Threats to and from IIoT Devices
Attacks such as those that happened in Ukraine are not
singular cases. Recently, attackers attempted to poison
Israel's drinking water system by increasing the chlorine lev-
el [3]. Therefore, it is essential to understand which threats
exist and how attackers could proceed. In the following
section, various attack vectors will be presented based on
the life cycle of an IIoT device, as shown in Figure 1.
Figure 1: Life cycle of an IIoT device
The life cycle of an IIoT device starts with its design. The
design complexity steadily increases among other reasons
because both automation and internet protocols must
be supported. Third-party soware libraries are usually
utilized to keep the development eort low. Vulnerabil-
ities in these oen widespread libraries can subsequently
result in threats. In June 2020, numerous vulnerabilities
were found in Treck's TCP/IP stack that is used in many ICS
components [4]. These vulnerabilities enable remote code
execution, enabling full control of the device.
An attack on the supply chain is also possible. During
manufacturing, cryptographic keys are generated that are
later required for secure updates or encrypted communi-
cation with the cloud. However, the database of devices
and associated keys must obviously also be known to the
cloud. These keys could be compromised by vulnerabil-
ities in the cloud. As a result, unauthorized access can
be gained to production data and rmware updates. The
latter implies a the of intellectual property.
Another step in the supply chain is the distribution. Not
only on the way from manufacturer to customer, but also
from supplier to manufacturer, devices or parts can be ma-
nipulated. Such an attack was demonstrated on the Chaos
Communication Congress in late 2019 [5]. The attackers
were able to reroute orders from a Microcontroller Unit
(MCU) distributer. Aer the installation of a backdoor, the
MCUs could be shipped to the actual customers without
them noticing.
During the commissioning of large production plants, there
are oen many dierent companies and their subcontrac-
tors. This leads to the loss of ability to supervise the de-
vices. Attackers could, in principle, redirect the connection
to the manufacturer’s cloud service via a computer con-
trolled by them as a starting point for a man in the middle
attack. There would also be enough time to overwrite the
rmware via hardware interfaces like JTAG or to conduct a
Side-channel Attack (SCA) to extract cryptographic keys.
The most serious damage can be caused during op-
eration. A malfunction can stop production, destroy a
machine or injure people resulting in a safety violation.
Attackers can achieve this through various ways:
design flaws or bugs (in libraries),
physical manipulation of sensors or actuators,
communication manipulation,
miscongurations, e.g., default password, or
web-based vulnerabilities, such as cross-site scripting.
Attackers can also have other intentions. Botnet op-
erators could use the devices for Distributed Denial of
Service (DDoS) attacks or the mining of cryptocurrencies.
In the former, the attacks could be against other devices,
SCADA systems or the cloud, which could limit the real-
time capability of the systems. There is already ransom-
ware that is specialized in OT. For instance, an attack on a
pipeline operator was reconstructed just recently [6]. The
attackers rst gained access to the IT and then pivoted
to the OT. In addition to encrypted data, this caused a
production stop for two days.
Aer the device has reached its end of life, the device
should be properly decommissioned. All data must be
overwritten to prevent the the of condential data. This
also needs to be communicated to the manufacturer's
cloud so that the identity of the original device cannot
be taken over by a cloned one that tries to get rmware
3 The Challenges of Threat Mitigations
This section describes the measures required to miti-
gate the threats. Prior to this, the characteristics of IIoT
devices are outlined in order to identify the challenges in
implementing the measures.
Embedded devices are typically based on a low-cost MCU;
the clock rate is usually in the double-digit MHz range. The
size of the flash memory varies from a few kilobytes up
to a few megabytes. MCUs are selected very specically
depending on the application, to ensure that they support
sucient features such as interfaces or timers. Security
mechanisms are rarely integrated, and if they are, there is
oen a lack of the other just mentioned features. The con-
trollers run a proprietary real-time operating system that
must react to changes in sensor values in time to ensure
safety. Controllers oen run for years without being pow-
ered down because a shut down of production is associat-
ed with monetary loss. Therefore, these devices oen use
old soware versions without any security patches.
A security level comparable to IT is only possible through
high eort and costs, which is not always possible for eco-
nomic reasons. Ultimately, customers must also accept se-
curity measures. In large plants there are oen thousands
of sensors and actuators. The time and eort required to
install and operate them must not be too high.
The authentication of users is an example of this chal-
lenge. The measure is necessary to allow only author-
ized personnel to access the device. However, the input
capabilities of these devices are oen limited to buttons
that complicate the entry of user names or passwords.
It is also oen not possible to verify the authenticity of
other devices, such as PLCs, since this is not supported
by the protocols. Event logging is important for detecting
or reconstructing a security breach. Changes to the user
management, critical states, and logins should be logged,
but no sensitive personal data must be included. The data
should preferably be stored on a separate, tamper-
resistant memory with restricted access. This is not easy
to implement on an embedded device with very limited
memory capacity. Solutions are required to eciently store
the data and back it up on external resources, such as a
cloud. The use of cryptography is inevitable. It is required
for securely storing data, performing encrypted and signed
rmware updates, and encrypted and authenticated com-
munication. However, many algorithms are not applicable
for embedded devices regarding their speed, RAM, and
flash size. This requires so-called “lightweight cryptogra-
phy.” However, the search for suitable algorithms and their
standardization is not completed yet [7]. The hardware
must also be protected. This includes, for instance, the
USB interfaces, which must be protected from bad USB de-
vices, such as Hak5's USB Rubber Ducky or Kill USB sticks.
Cryptographic keys should also be stored securely, e.g.,
in Trusted Platform Modules (TPMs) or with PUF. However,
their integration into proprietary operating systems causes
considerable eort.
4 Physical Unclonable Functions
Hardware security may not be what rst comes to mind
when considering cybersecurity. However, it is a prevalent
issue. A recent study showed that hardware attacks are
becoming a reality for many companies. 63% of decision
makers from 307 dierent companies reported data loss or
breach due to an exploited vulnerability in hardware or sili-
con level security within the last 12 months [8]. An example
of an invasive hardware attack is the probing attack. The
casing of an integrated circuit is removed and small probes
are used to extract the contents of non-volatile memory.
Non-volatile memory frequently contains sensitive informa-
tion such as cryptographic keys. The retrieval of the infor-
mation could aid an attacker in compromising the integrity
and condentiality of data sent to and from the device.
PUFs make probing attacks more laborious. Analogous to
biometrics such as ngerprint detection or retinal scan, a
probabilistic characteristic of a physical object is used to
derive a unique cryptographic secret. Semiconductor com-
ponents in electrical devices contain production tolerances
which are usually unwanted and cannot be controlled.
Although they are only visible at a microscopic level they
manifest themselves in small dierences in physical sizes,
e.g., the same voltage may vary slightly between two devices.
This enables the individualization of dierent devices
which are otherwise constructed in exactly the same way.
A wide variety of dierent PUFs have emerged including the
arbiter PUF as introduced by Lim [9]. Figure 2 shows how
a single bit can be derived to illustrate the principle of the
arbiter PUF. The principle of the arbiter PUF can be used to
derive all 128 or 256 bits needed for strong cryptographic
keys. A chain of electrical components, each having two in-
puts and two outputs is formed resulting in two race tracks
for electrical signals. When applying an electrical signal to
both inputs at exactly the same time, the signals should
theoretically arrive synchronously. Contrary to what might
be expected, the arrival times of the electrical signals are
minutely dierent, due to the tolerances from the semi-
conductor production process. The outputs are encoded
as “0” or “1” and the bit is derived based on which output
the signal arrived at rst. The output of a PUF is called the
response. A third input allows for the conguration of the
paths; each electrical component can be congured as ei-
ther straight or switched. Dierent congurations for PUFs
are called challenges. Pairs of challenges and responses
are called challenge-response pairs.
Figure 2: Arbiter PUF
A cryptographic secret can be derived from a PUF and
used directly to substitute one which was stored in
non-volatile memory. The PUF response can alternatively
be used as a Key Encryption Key (KEK) to encrypt sensi-
tive information stored in non-volatile memory including
cryptographic keys. In this case, the complexity of the
attack will increase because the PUF key is needed to de-
crypt the information. Depending on the design and im-
plementation of the PUF, attackers may not even be able
to retrieve the KEK. The PUF key is only used when the
device is on and cannot be found anywhere on the device
when it is powered o. Traditional security protocols can
then be used. Several designated security protocols have
been designed for PUFs. These allow the devices to prot
from additional advantages oered by PUFs.
5 Conclusion and Further Work
IIoT devices oer many advantages but increase the risks
for ICSs. The safety of personnel and machines could
be endangered by a malfunction caused by a malicious
attacker, among many other threats. Throughout the life-
cycle of a device, attackers may be able to compromise it.
Many IIoT devices lack security mechanisms so far. How-
ever, due to their special characteristics, it is not easy to
implement these mechanisms. PUFs oer an attainable
countermeasure to certain hardware attacks.
In this project, a comprehensive threat and vulnerability
analysis was conducted for the devices of both industrial
partners. In the further course of the project, we aim to
develop mitigation measures that can be implemented
on their low-power devices. The results of the eorts of
securing the devices in this research project are de-
scribed in two publications. One publication focuses on
the threat analysis of IIoT devices [10]. The other focuses
on the integration of PUFs to increase security [11].
[1] Federal Ministry of the Interior, Building and Community, Ed., “Nationale Strategie zum Schutz Kritischer
Infrastrukturen” (National Strategy for the Protection of Critical Infrastructures), 2009.
[2] R. Lee, M. Assante and T. Conway, “Analysis of the Cyber Attack on the Ukrainian Power Grid”, E-ISAC, 2016,
URL: [accessed: 2020-12-08]
[3] The Times of Israel, “Cyber attacks again hit Israel’s water system, shutting agricultural pumps”, July 17th, 2020,
URL: https://www.timeso
[accessed: 2020-12-08]
[4] M. Kol and S. Oberman, “Ripple20”, JSOF, White Paper, 2020, URL:
loads/2020/06/JSOF_Ripple20_Technical_Whitepaper_June20.pdf [accessed: 2020-12-08]
[5] T. Roth, “36C3 – TrustZone-M(eh): Breaking ARMv8-M’s security”, Dec. 28, 2019, URL: [accessed: 2020-12-08]
[6] Cybersecurity and Infrastructure Security Agency (CISA), “Ransomware Impacting Pipeline Operations”,
February 18th, 2020, URL: [accessed: 2020-12-08]
[7] National Institute of Standards and Technology, Ed., “Lightweight Cryptography”, 2019,
URL: [accessed: 2020-12-08]
[8] “BIOS Security The Next Frontier for Endpoint Protection”, 2019, URL:
[accessed: 2020-12-08]
[9] D. Lim, “Extracting secret keys from integrated circuits”, Master’s thesis, Massachusetts Institute of Technology,
May 2004
[10] S. Liebl, L. Lathrop, U. Raithel, M. Söllner, and A. Aßmuth, “Threat Analysis of Industrial Internet of Things
Devices.” The Eleventh International Conference on Cloud Computing, GRIDs, and Virtualization, Proceedings,
Nice, France, 25th to 29th October 2020, URL:
leid=cloud_computing_2020_2_30_28007 [accessed: 2020-12-08]
[11] L. Lathrop, S. Liebl, U. Raithel, M. Söllner, and A. Aßmuth, “Securing the Internet of Things from the Bottom Up
Using Physical Unclonable Functions.” The Eleventh International Conference on Cloud Computing, GRIDs, and
Virtualization, Proceedings, Nice, France, 25th to 29th October 2020, URL:
php?view=article&articleid=cloud_computing_2020_2_50_28009 [accessed: 2020-12-08]
SIPOS Aktorik GmbH, Altdorf
Grass Power Electronics GmbH, Nürnberg
Simon Liebl, M�Eng�
Ostbayerische Technische
Hochschule (OTH) Amberg-Weiden
Fakultät Elektrotechnik,
Medien und Informatik
Kaiser-Wilhelm-Ring 23
92224 Amberg
Prof� Dr� Andreas Aßmuth
Ostbayerische Technische
Hochschule (OTH) Amberg-Weiden
Fakultät Elektrotechnik,
Medien und Informatik
Wissenschalicher Leiter
des Rechenzentrums
Kaiser-Wilhelm-Ring 23
92224 Amberg
Prof� Matthias Söllner
Ostbayerische Technische
Hochschule (OTH) Amberg-Weiden
Fakultät Elektrotechnik,
Medien und Informatik
Kaiser-Wilhelm-Ring 23
92224 Amberg
Leah Lathrop, B�Eng�
Ostbayerische Technische
Hochschule (OTH) Amberg-Weiden
Fakultät Elektrotechnik,
Medien und Informatik
Kaiser-Wilhelm-Ring 23
92224 Amberg
ResearchGate has not been able to resolve any citations for this publication.
Conference Paper
Full-text available
As part of the Internet of Things, industrial devices are now also connected to cloud services. However, the connection to the Internet increases the risks for Industrial Control Systems. Therefore, a threat analysis is essential for these devices. In this paper, we examine Industrial Internet of Things devices, identify and rank different sources of threats and describe common threats and vulnerabilities. Finally, we recommend a procedure to carry out a threat analysis on these devices.
Conference Paper
Full-text available
Cyberattacks that target hardware are becoming increasingly prevalent. These include probing attacks that aim at physically extracting sensitive information including cryptographic keys from non-volatile memory. Internet of Things devices that communicate with the Cloud are susceptible to such attacks. Therefore, the integrity of data and ability to authenticate devices are threatened. Physical Unclonable Functions (PUFs) offer a countermeasure to such attacks. A market analysis of products containing PUFs was carried out. An extract of the market analysis and the inferences that were drawn from it is provided. The analysis showed that although many different types of PUFs have been integrated into a variety of devices, most of them are still used in very rudimentary ways.
Modern cryptographic protocols are based on the premise that only authorized participants can obtain secret keys and access to information systems. However, various kinds of tampering methods have been devised to extract secret keys from conditional access systems such as smartcards and ATMs. Arbiter-based physical unclonable functions (PUFs) exploit the statistical delay variation of wires and transistors across integrated circuits (ICs) in manufacturing processes to build unclonable secret keys. We fabricated arbiter-based PUFs in custom silicon and investigated the identification capability, reliability, and security of this scheme. Experimental results and theoretical studies show that a sufficient amount of inter-chip variation exists to enable each IC to be identified securely and reliably over a practical range of environmental variations such as temperature and power supply voltage. We show that arbiter-based PUFs are realizable and well suited to build, for example, key-cards that need to be resistant to physical attacks.