Encryption in ICS networks: A blessing or a curse?


Nowadays, the internal network communication of Industrial Control Systems (ICS) usually takes place in unencrypted form. This, however, seems to be bound to change in the future: as we write, encryption of network traffic is seriously being considered as a standard for future ICS. In this paper we take a critical look at the pro’s and con’s of traffic encryption in ICS. We come to the conclusion that encrypting this kind of network traffic may actually result in a reduction of the security and overall safety. As such, sensible versus non-sensible use of encryption needs to be carefully considered both in developing ICS standards and systems.

In Proceedings of the 2017 IEEE International Conference on Smart Grid Communications
Emmanuele Zambon
Emmanuele Zambon
Assistant Professor

My research interests include Industrial Control System security and network intrusion detection.