Key Management and Secure Software Updates in Wireless Process Control Environments
Paper i proceeding, 2008

Process control systems using wireless sensor nodes are large and complex environments built to last for a long time. Cryptographic keys are typically preloaded in the wireless nodes prior to deployment and used for the rest of their lifetime. To reduce the risk of successful cryptanalysis, new keys must be established (rekeying). We have designed a rekeying scheme that provides both backward and forward secrecy. Furthermore, since these nodes are used for extensive periods of time, there is a need to update the software on the nodes. Different types of sensors run different types and versions of software. We therefore establish group keys to update the software on groups of nodes. The software binary is split into fragments to construct a hash chain that is then signed by the network manager. The nodes can thus verify the authenticity and the integrity of the new software binary. We extend this protocol by encrypting the packets with the group key such that only the intended receivers can access the new software binary.

Process control systems

wireless sensor nodes


software updates

key management


Dennis Nilsson

Chalmers, Data- och informationsteknik, Datorteknik

Tanya Roosta

Ulf Lindqvist

Alfonso Valdes

Proceedings of the First ACM Conference on Wireless Network Security (WiSec), March 31 - April 2, 2008, Alexandria, VA, USA

978-1-59593-814-5 (ISBN)





Mer information