Abstract
The Industrial Internet of Things (IIoT) is transforming industrial and critical infrastructure sectors by enabling autonomous Machine-to-Machine communications through a variety of devices. However, securing these communications is challenging due to the coexistence of legacy and modern technology. Additionally, attacks against those systems have shown that secure communication protocols alone cannot fully counteract threats, as they commonly exploit vulnerabilities at the device software level. This work presents a model for the security of IIoT devices through the use of fuzzy extractors and electromagnetic signal-based monitoring. By addressing the resource constraints of legacy devices and the slow adoption of secure protocols, this approach aims to create a biometric authentication of IIoT devices that is completely external and non intrusive, contributing to the overall resilience of industrial systems. Through the integration of a tailored quantization approach and the reliance on time and frequency domain signal analysis, we show that our proposed scheme can achieve high key generation performance and efficiently detect malicious alterations. In combination with a transparent bump-in-the-wire appliance, our scheme can secure the endpoints both at the network and host levels.