Essential Site Maintenance: Authorea-powered sites will be updated circa 15:00-17:00 Eastern on Tuesday 5 November.
There should be no interruption to normal services, but please contact us at [email protected] in case you face any issues.

loading page

Enhanced Authentication and Device Integrity Protection for GDOI using Blockchain
  • +1
  • Munkenyi Mukhandi,
  • Eduardo Andrade,
  • Jorge Granjal,
  • João P. Vilela
Munkenyi Mukhandi
Universidade de Coimbra

Corresponding Author:[email protected]

Author Profile
Eduardo Andrade
Universidade de Coimbra
Author Profile
Jorge Granjal
Universidade de Coimbra
Author Profile
João P. Vilela
Universidade do Porto Departamento de Ciencia de Computadores
Author Profile

Abstract

The new wave of device-level cyber-attacks has targeted IoT critical applications, such as in power distribution systems integrated with the Internet communications infrastructure. These systems utilise Group Domain of Interpretation (GDOI) as designated by International Electrotechnical Commission (IEC) power utility standards IEC 61850 and IEC 62351. However, GDOI cannot protect against novel threats, such as IoT device-level attacks that can modify device firmware and configuration files to create command and control malicious communication. As a consequence, the attacks can compromise substations with potentially catastrophic consequences. With this in mind, this article proposes a permissioned/private blockchain-based authentication framework that provides a solution to current security threats such as the IoT device-level attacks. Our work improves the GDOI protocol applied in critical IoT applications by achieving decentralized and distributed device authentication. The security of our proposal is demonstrated against against known attacks as well as through formal mechanisms via the joint use of the AVISPA and SPAN tools. The proposed approach adds negligible authentication latency, thus ensuring appropriate scalability as the number of nodes increases.
21 Aug 2023Submitted to Transactions on Emerging Telecommunications Technologies
21 Aug 2023Submission Checks Completed
21 Aug 2023Assigned to Editor
21 Aug 2023Review(s) Completed, Editorial Evaluation Pending
03 Sep 2023Reviewer(s) Assigned
14 Oct 2023Editorial Decision: Revise Minor
30 Oct 20231st Revision Received
30 Oct 2023Submission Checks Completed
30 Oct 2023Assigned to Editor
30 Oct 2023Review(s) Completed, Editorial Evaluation Pending
30 Oct 2023Reviewer(s) Assigned
17 Feb 2024Editorial Decision: Revise Major
28 Mar 2024Submission Checks Completed
28 Mar 2024Assigned to Editor
28 Mar 2024Review(s) Completed, Editorial Evaluation Pending
23 Apr 2024Editorial Decision: Accept