Mémoire
| Résumé : | Industrial Control Systems (ICS) are critical to the operation of critical infrastructure, such as power plants, nuclear side, water treatment facilities, and manufacturing plants. As these systems become increasingly connected to the Internet, they face growing security risks from cyberattacks. A significant example is the Stuxnet worm, which exploited vulnerabilities in supervisory control and data acquisition (SCADA) systems to cause physical damage while remaining undetected. A major weakness in ICS lies in the widespread use of insecure industrial communication protocols like Modbus/TCP, which lacks robust security features, particularly in authentication, making it susceptible to interception, manipulation, and spoofing. This research aims to enhance the security of Modbus/TCP communication in ICS byincorporating Physically Unclonable Functions (PUFs) and Message Authentication Codes (MACs). PUFs, utilizing SRAM technology, offer unique, non-replicable identifiers for devices, thereby strengthening authentication. MACs, implemented with the Chaskey-12 algorithm, ensure the integrity and authenticity of messages, protecting against unauthorized access and data tampering. The proposed security enhancements are integrated into the OpenPLC Platform, an open-source programmable logic controller system. By adding an authentication layer to Modbus/TCP, this approach significantly improves the protection of critical industrial processes and infrastructure. Additionally, the research evaluates thebackward compatibility of these enhancements to ensure they can be seamlessly adopted within existing Modbus/TCP implementations. |
