Date of Award
Spring 4-28-2026
Document Type
Dissertation
Degree Name
Doctor of Philosophy (PhD)
Department
Computer Science
First Advisor
Debbie Perouli
Second Advisor
Alex Nicoll
Third Advisor
Dennis Brylow
Abstract
The convergence of Information Technology (IT) and Operational Technology (OT) in Industry 4.0 environments has greatly expanded the attack surface of critical infrastructure systems. Legacy industrial protocols originally intended for use only in isolated networks are now exposed across interconnected systems. This interconnectivity enables adversaries to target power grids, manufacturing plants, and other critical systems with increasing sophistication. Although vendors have retroactively introduced security extensions to industrial protocols such as EtherNet/IP and OPC Unified Architecture (OPC UA), the adequacy and practical feasibility of these security measures remain understudied. This dissertation advances the security of industrial protocols through three main contributions. First, we introduce an extendable attack-defense tree methodology for threat modeling industrial protocols. We show its practicality by applying it to both EtherNet/IP and OPC UA. Our analysis reveals that the two protocols take fundamentally different security approaches. EtherNet/IP leverages standardized technologies such as Transport Layer Security (TLS), while OPC UA employs custom protocol-specific solutions. This highlights each protocol's strengths and weaknesses in terms of security. Although both protocols mitigate common threats, both protocols depend on accurate system time for their security guarantees. Second, we examine the security of time protocols in industrial environments. Both EtherNet/IP and OPC UA rely on accurate time to verify certificates, authenticate users, and maintain system logs. We chose to focus our efforts on securing the Precision Time Protocol (PTP), as it is widely used in the industrial environment and lacks robust security measures. We empirically evaluate the use of Ed25519 digital signatures to add source authentication to PTP. We deployed a modified version of LinuxPTP to support Ed25519 across all four PTP clock types on Raspberry Pi 5 hardware, to gauge its impact on PTP. Our measurements demonstrate that Ed25519 introduces no degradation to clock synchronization accuracy. Although we saw modest increases in residence time, memory consumption, and CPU utilization. Third, we propose and evaluate two key management architectures for distributing Ed25519 keys in PTP networks: a centralized scheme aligned with ongoing IEEE 1588 working group standardization efforts, and a decentralized peer-to-peer scheme. Both architectures are validated through threat modeling and formal verification. Additionally, we implemented the decentralized approach and open-sourced it as an extension to LinuxPTP. Together, these contributions advance research on the security of industrial time-synchronization and control protocols in resource-constrained, real-time environments.