In the emerging industrial Internet of Things (IIoT) scenario, machine-to-machine communication is a key technology to set up environments, wherein sensors, actuators, and controllers can exchange information autonomously. However, many current communication frameworks do not provide enough dynamic interoperability and security. Hence, in this article, we propose a novel communication framework based on Message Queuing Telemetry Transport (MQTT) broker bridging, which, in an IIoT scenario, can foster dynamic interoperability across different production lines or industrial sites, guaranteeing, at the same time, a higher degree of isolation and control over the information flows, thereby increasing the overall security of the whole scenario. The solution we propose also supports dynamic authentication and authorization and has been practically implemented and evaluated in a proper small-scale IIoT testbed, encompassing PLCs, IIoT gateways, and MQTT brokers with novel and extended capabilities. The evaluation results demonstrate a linear time complexity for all the considered implementations and bridging modes of the extended brokers. Moreover, all considered access token encapsulation techniques demonstrate a minimum overhead in comparison with standard MQTT brokers.
A Scalable and Secure Publish/Subscribe-Based Framework for Industrial IoT
Pecori R.
;Veltri L.;
2021-01-01
Abstract
In the emerging industrial Internet of Things (IIoT) scenario, machine-to-machine communication is a key technology to set up environments, wherein sensors, actuators, and controllers can exchange information autonomously. However, many current communication frameworks do not provide enough dynamic interoperability and security. Hence, in this article, we propose a novel communication framework based on Message Queuing Telemetry Transport (MQTT) broker bridging, which, in an IIoT scenario, can foster dynamic interoperability across different production lines or industrial sites, guaranteeing, at the same time, a higher degree of isolation and control over the information flows, thereby increasing the overall security of the whole scenario. The solution we propose also supports dynamic authentication and authorization and has been practically implemented and evaluated in a proper small-scale IIoT testbed, encompassing PLCs, IIoT gateways, and MQTT brokers with novel and extended capabilities. The evaluation results demonstrate a linear time complexity for all the considered implementations and bridging modes of the extended brokers. Moreover, all considered access token encapsulation techniques demonstrate a minimum overhead in comparison with standard MQTT brokers.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
