In the emerging Industrial Internet of Things (IIoT) scenario machine-to-machine communication is a key technology to set up environments wherein sensors, actuators, and controllers can exchange information autonomously. However, many current communication frameworks do not provide enough dynamic interoperability and security. Therefore, we propose a novel communication framework, based on MQTT broker bridging, which, in an Industrial IoT scenario, can foster dynamic inter-operability across different production lines or industrial sites, guaranteeing, at the same time, a higher degree of isolation and control over the information flows, thereby increasing the overall security of the whole scenario. The solution we propose does also support dynamic authentication and authorization and has been practically implemented and evaluated in a proper small-scale IIoT testbed, encompassing PLCs, IIoT gateways, as well as MQTT brokers with novel and extended capabilities.The evaluation results demonstrate a linear time complexity for all the considered implementations and bridging modes of the extended brokers. Moreover, all considered access token encapsulation techniques demonstrate a minimum overhead in comparison with standard MQTT brokers.
A Scalable and Secure Publish/Subscribe-based Framework for Industrial IoT
Pecori, Riccardo
;
2021-01-01
Abstract
In the emerging Industrial Internet of Things (IIoT) scenario machine-to-machine communication is a key technology to set up environments wherein sensors, actuators, and controllers can exchange information autonomously. However, many current communication frameworks do not provide enough dynamic interoperability and security. Therefore, we propose a novel communication framework, based on MQTT broker bridging, which, in an Industrial IoT scenario, can foster dynamic inter-operability across different production lines or industrial sites, guaranteeing, at the same time, a higher degree of isolation and control over the information flows, thereby increasing the overall security of the whole scenario. The solution we propose does also support dynamic authentication and authorization and has been practically implemented and evaluated in a proper small-scale IIoT testbed, encompassing PLCs, IIoT gateways, as well as MQTT brokers with novel and extended capabilities.The evaluation results demonstrate a linear time complexity for all the considered implementations and bridging modes of the extended brokers. Moreover, all considered access token encapsulation techniques demonstrate a minimum overhead in comparison with standard MQTT brokers.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.