工業物聯網 (IIoT) 或工業 4.0 是新一波的工業革命，它利用物聯網 (IoT) 技術和數據分析來提高生產效率、最大限度地減少開支並創新新的商業模式和服務流程。物聯網（IoT）利用智能設備和即時數據分析來有效利用過去工業機器產生的數據。工業物聯網可應用於智能城市、自動化製造設施、自動駕駛汽車等不同新興領域。不同的應用場景需要不同的通信平台。有的需要高頻寬、高可靠、低時延的傳輸，有的則需要高密度、高效率、低成本的連接。工業物聯網的通信平台需要具備靈活性、安全性和智能性，以滿足廣泛的需求。
工業物聯網的快速發展增強了下一代工業自動化和控制系統的連接能力。 工業控制系統 (ICS) 在 IIoT 通信網絡中發揮著至關重要的作用，因為它負責監控和管理工業設備和流程。ICS通常由監控和數據採集（SCADA）系統以及可編程邏輯控制器（PLC）組成，它們負責收集和分析來自各種設備的數據並發出控制指令。工業控制系統對於促進技術進步和維護國家安全至關重要。
SCADA網絡轉變為開放的、廣泛連接的網絡，將工業電子設備的連接與使用Modbus協議的SCADA系統結合起來。由於 SCADA 和 Modbus 在控制和監控任務中易於使用，SCADA 和 Modbus 的使用極大地增強了系統之間的連接性和操作效率。然而，當系統連接時，它很容易受到各種網絡安全風險的影響，並且SCADA網絡系統存在弱點。在工業物聯網 (IIoT) 時代，如果工業系統存在安全缺陷，可能會導致重大的財務損失。由於ICS需要與其他系統和服務器進行通信，因此它必須利用無線網絡作為傳輸數據的手段。與有線網絡相比，無線網絡更容易遭受惡意攻擊。這些攻擊包括竊聽、攔截、篡改等，可能導致數據洩露、錯誤、丟失，甚至設備損壞或完全停機。然而，由於需要處理大量數據，工業物聯網需要利用雲計算和邊緣計算來存儲和計算資源。雲計算實現了數據的集中管理和分析，但也導致數據傳輸的距離更長、延遲更大。另一方面，邊緣計算可以對靠近設備的數據進行處理和反應，但它在去中心化數據管理和安全保護方面也帶來了挑戰。
因此，確保物聯網通信平台中數據的安全性、可靠性和及時性是一個至關重要且複雜的問題。 本研究將從三個不同的角度來分析這個問題。(1)實現無線網絡的安全傳輸和平等競爭可以在物理層和媒體訪問控制(MAC)層完成。（2）確保云計算和邊緣計算能夠實現協調和平衡。(3)實現ICS數據的認證和加密可以在應用層實現。本研究提出了一種通過實施安全令牌身份驗證服務和傳輸層安全（TLS）協議來防範物理攻擊的方法，從而增強加密和驗證措施。本研究涉及該系統在能源管理領域的實際實施和測試。 實驗結果表明，本研究提出的安全防禦結構能夠顯著增強安全性，並且也適用於現實生活中的現場系統。

The Industrial Internet of Things (IIoT) or Industry 4.0 is a fresh wave of industrial revolution that employs Internet of Things (IoT) technology and data analysis to enhance the efficiency of production, minimize expenses, and innovate new business models and service procedures. The Internet of Things (IoT) takes advantage of intelligent devices and immediate data analysis to effectively utilize the data generated by industrial machines in the past. The IIoT can be applied in different emerging sectors like intelligent urban areas, automated manufacturing facilities, self-driving vehicles, and more. Different communication platforms are necessary for various application scenarios. While some necessitate transmission with high bandwidth, high reliability, and low latency, others demand connections with high density, high efficiency, and low cost. The communication platform of the IIoT needs to possess flexibility, security, and intelligence features in order to cater to a wide range of requirements.
The rapid progress of the IIoT has resulted in the enhanced connectivity capability of the next-generation industrial automation and control systems. The Industrial Control System (ICS) plays a critical role in the communication network of IIoT as it is responsible for monitoring and managing industrial equipment and processes. An ICS commonly consists of a Supervisory Control and Data Acquisition (SCADA) system and a Programmable Logic Controller (PLC) which are in charge of gathering and analyzing data from various devices and issuing instructions for their control. Industrial control systems are crucial in facilitating technological advancements and safeguarding national security. An instance is observed in oil field control systems, which empower the ability to remotely supervise and regulate oil wells.
The SCADA network is transformed into a network that is open and extensively connected, combining the connections of industrial electronic devices with a SCADA system using the Modbus protocol. The utilization of SCADA and Modbus greatly enhances the connectivity and operational effectiveness between systems due to their ease of use in control and monitoring tasks. Nevertheless, when the system is connected, it becomes vulnerable to various network security risks and weaknesses in SCADA network systems are present. In the age of the Industrial Internet of Things (IIoT), if there is a security flaw in an industrial system, it can lead to significant financial damages. Because an ICS requires communication with other systems and servers, it must utilize a wireless network as the means of transmitting data. Wireless networks are prone to a greater risk of malicious attacks compared to wired networks. These attacks, including eavesdropping, interception, tampering, and more, can result in data leakage, errors, loss, and even equipment damage or a complete shutdown. However, due to the necessity of handling vast volumes of data, IIoT necessitates the utilization of cloud computing and edge computing for storage and computational resources. Cloud computing enables the central management and analysis of data, but it also results in longer distances and delays during data transmission. On the other hand, edge computing can handle and react to data in close proximity to the device, but it also poses challenges in terms of decentralized data management and security protection.
As a result, ensuring the security, dependability, and promptness of data in the IoT communication platform is a crucial and intricate matter. This study will analyze this problem considering three different perspectives. (1) Achieving secure transmission and equal competition in wireless networks can be accomplished in the physical layer and media access control (MAC) layer. (2) Ensuring coordination and equilibrium between cloud computing and edge computing can be achieved. (3) Implementing authentication and encryption of ICS data can be realized in the application layer. This study suggests a method for safeguarding against physical attacks by implementing a secure token authentication service and Transport Layer Security (TLS) protocol, thereby enhancing encryption and verification measures. This study involves practical implementation and testing of the system in the field of energy management. The results from the experiment indicate that the security defense structure suggested in this study has the capability to significantly enhance security and is also suitable for real-life field systems.

[1] Sisinni, E., Saifullah, A., Han, S., Jennehag, U., & Gidlund, M. (2018). Industrial internet of things: Challenges, opportunities, and directions. IEEE transactions on industrial informatics, 14(11), 4724-4734.
[2] Malik, P. K., Sharma, R., Singh, R., Gehlot, A., Satapathy, S. C., Alnumay, W. S., ... & Nayak, J. (2021). Industrial Internet of Things and its applications in industry 4.0: State of the art. Computer Communications, 166, 125-139.
[3] Santos, N., Morais, F., Rodrigues, H., & Machado, R. J. (2019). Systems development for the industrial IoT: challenges from Industry R&D projects. The Internet of Things in the Industrial Sector: Security and Device Connectivity, Smart Environments, and Industry 4.0, 55-78.
[4] Nayyar, A., & Kumar, A. (Eds.). (2020). A roadmap to industry 4.0: Smart production, sharp business and sustainable development (pp. 1-21). Berlin: Springer.
[5] Santos, N., Morais, F., Rodrigues, H., & Machado, R. J. (2019). Systems development for the industrial IoT: challenges from Industry R&D projects. The Internet of Things in the Industrial Sector: Security and Device Connectivity, Smart Environments, and Industry 4.0, 55-78.
[6] Ahmed, S. F., Alam, M. S. B., Hoque, M., Lameesa, A., Afrin, S., Farah, T., ... & Muyeen, S. M. (2023). Industrial Internet of Things enabled technologies, challenges, and future directions. Computers and Electrical Engineering, 110, 108847.
[7] Bhamare, D., Zolanvari, M., Erbad, A., Jain, R., Khan, K., & Meskin, N. (2020). Cybersecurity for industrial control systems: A survey. Computers & Security, 89, 101677.
[8] Sisinni, E., Saifullah, A., Han, S., Jennehag, U., & Gidlund, M. (2018). Industrial internet of things: Challenges, opportunities, and directions. IEEE transactions on industrial informatics, 14(11), 4724-4734.
[9] Chalapathi, G. S. S., Chamola, V., Vaish, A., & Buyya, R. (2021). Industrial internet of things (iiot) applications of edge and fog computing: A review and future directions. Fog/edge computing for security, privacy, and applications, 293-325.
[10] Schmitt, R., & Borck, C. (2022). Industrial Internet of Things (IIoT). In The Future of Smart Production for SMEs: A Methodological and Practical Approach Towards Digitalization in SMEs (pp. 309-314). Cham: Springer International Publishing.
[11] Fovino, I. N., Carcano, A., Masera, M., & Trombetta, A. (2009). Design and implementation of a secure modbus protocol. In Critical Infrastructure Protection III: Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, New Hampshire, USA, March 23-25, 2009, Revised Selected Papers 3 (pp. 83-96). Springer Berlin Heidelberg.
[12] Rescorla, E. (2018). The transport layer security (TLS) protocol version 1.3 (No. rfc8446).
[13] Koblitz, N., Menezes, A., & Vanstone, S. (2000). The state of elliptic curve cryptography. Designs, codes and cryptography, 19, 173-193.
[14] Jones, M., Bradley, J., & Sakimura, N. (2015). Json web token (jwt) (No. rfc7519).
[15] Milanov, E. The RSA algorithm. RSA laboratories, 2009, 1–11. 489
[16] Upadhyay, D., & Sampalli, S. (2020). SCADA (Supervisory Control and Data Acquisition) systems: Vulnerability assessment and security recommendations. Computers & Security, 89, 101666.
[17] Radoglou Grammatikis, P., Sarigiannidis, P., Efstathopoulos, G., & Panaousis, E. (2020). ARIES: A novel multivariate intrusion detection system for smart grid. Sensors, 20(18), 5305.
[18] González, I., Calderón, A. J., & Portalo, J. M. (2021). Innovative multi-layered architecture for heterogeneous automation and monitoring systems: Application case of a photovoltaic smart microgrid. Sustainability, 13(4), 2234.
[19] Wollschlaeger, M.; Sauter, T.; Jasperneite, J. The Future of Industrial Communication: Automation Networks in the Era of the Internet of Things and Industry 4.0. IEEE Ind. Electron. Mag. 2017, 11, 17–27.
[20] Jeschke, S.; Brecher, C.; Meisen, T.; Özdemir, D.; Eschert, T. Industrial internet of things and cyber manufacturing systems. In Industrial Internet of Things; Springer: Cham, Switzerland, 2017; pp. 3–19.
[21] Schwab, K. The Fourth Industrial Revolution; Crown Business: New York, NY, USA, 2017.
[22] Stouffer, K.; Pillitteri, V.; Lightman, S.; Abrams, M.; Hahn, A. Guide to Industrial Control Systems (ICS) Security; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2014.
[23] Boyer, S.A. Supervisory Control and Data Acquisition, 4th ed.; International Society of Automation: Research Triangle Park, NC, USA, 2009.
[24] Webb, J.W.; Reis, R.A. Programmable Logic Controllers Principles and Applications, 5th ed.; Phi Learning Private Limited: Delhi, India, 2002.
[25] Bobat, A.; Gezgin, T.; Aslan, H. The SCADA system applications in management of Yuvacik Dam and Reservoir. Desalin. Water Treat. 2015, 54, 2108–2119.
[26] Adnan, S.; Zheng, S.; Rouse, M.D.; Lu, W.; Opel, K.C. Distributed Control System. U.S. Patent US6968905B2, 18 March 2003.
[27] Patel, N. R., Risbeck, M. J., Rawlings, J. B., Wenzel, M. J., & Turney, R. D. (2016, July). Distributed economic model predictive control for large-scale building temperature regulation. In 2016 American Control Conference (ACC) (pp. 895-900). IEEE.
[28] Clarke, G., Reynders, D., & Wright, E. (2004). Practical modern SCADA protocols: DNP3, 60870.5 and related systems. Newnes.
[29] Tidrea, A., Korodi, A., & Silea, I. (2019). Cryptographic considerations for automation and SCADA systems using trusted platform modules. Sensors, 19(19), 4191.
[30] MQTT 5 Specification. Available online: (accessed on 1 April 2021).
[31] Francino, P.N.; Huff, C. Energy Management System. U.S. Patent 9,335,748, 2016.
[32] Boobalan, P., Ramu, S. P., Pham, Q. V., Dev, K., Pandya, S., Maddikunta, P. K. R., ... & Huynh-The, T. (2022). Fusion of federated learning and industrial Internet of Things: A survey. Computer Networks, 212, 109048.
[33] Sadhu, P. K.; Venkata P. Y.; Ahmed A. Internet of Things: Security and Solutions Survey. Sensors 22.19 ,2022, 7433.
[34] Ahanger, T. A., Aljumah, A., & Atiquzzaman, M. (2022). State-of-the-art survey of artificial intelligent techniques for IoT security. Computer Networks, 206, 108771.
[35] Job, D., & Paul, V. (2022). Challenges, security mechanisms, and research areas in iot and iiot. Internet of Things and Its Applications, 523-538.
[36] Boyer, S. A. (2009). Scada: Supervisory Control And Data Acquisition.
[37] Ferrag, M. A., Friha, O., Hamouda, D., Maglaras, L., & Janicke, H. (2022). Edge-IIoTset: A new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning. IEEE Access, 10, 40281-40306.
[38] Atutxa, A., Astorga, J., Barcelo, M., Urbieta, A., & Jacob, E. (2023). Improving efficiency and security of IIoT communications using in-network validation of server certificate. Computers in Industry, 144, 103802.
[39] Zhou, L., Guo, H., & Deng, G. (2019). A fog computing based approach to DDoS mitigation in IIoT systems. Computers & Security, 85, 51-62.
[40] Mariano-Hernández, D., Hernández-Callejo, L., Zorita-Lamadrid, A., Duque-Pérez, O., & García, F. S. (2021). A review of strategies for building energy management system: Model predictive control, demand side management, optimization, and fault detect & diagnosis. Journal of Building Engineering, 33, 101692.
[41] Saleem, M. U., Usman, M. R., Usman, M. A., & Politis, C. (2022). Design, deployment and performance evaluation of an IoT based smart energy management system for demand side management in smart grid. IEEE Access, 10, 15261-15278.
[42] LaMarche, J., Cheney, K., Christian, S., & Roth, K. (2022). Home energy management: products & trends (pp. 165-175). eScholarship, University of California.
[43] Al-Ali, A. R., Zualkernan, I. A., Rashid, M., Gupta, R., & AliKarar, M. (2017). A smart home energy management system using IoT and big data analytics approach. IEEE Transactions on Consumer Electronics, 63(4), 426-434.
[44] Liang, W., Li, K. C., Long, J., Kui, X., & Zomaya, A. Y. (2019). An industrial network intrusion detection algorithm based on multifeature data clustering optimization model. IEEE Transactions on Industrial Informatics, 16(3), 2063-2071.
[45] Aras, E., Ramachandran, G. S., Lawrence, P., & Hughes, D. (2017, June). Exploring the security vulnerabilities of LoRa. In 2017 3rd IEEE International Conference on Cybernetics (CYBCONF) (pp. 1-6). IEEE.
[46] Dowling, S., Schukat, M., & Melvin, H. (2017, June). A ZigBee honeypot to assess IoT cyberattack behaviour. In 2017 28th Irish signals and systems conference (ISSC) (pp. 1-6). IEEE.
[47] Ghosh, S., & Sampalli, S. (2019). A survey of security in SCADA networks: Current issues and future challenges. IEEE Access, 7, 135812-135831.
[48] Lyu, C., Zhang, X., Liu, Z., & Chi, C. H. (2019). Selective authentication based geographic opportunistic routing in wireless sensor networks for Internet of Things against DoS attacks. IEEE Access, 7, 31068-31082.
[49] Ghahramani, M., Javidan, R., Shojafar, M., Taheri, R., Alazab, M., & Tafazolli, R. (2020). RSS: An energy-efficient approach for securing IoT service protocols against the DoS attack. IEEE Internet of Things Journal, 8(5), 3619-3635.
[50] Ferst, M. K., de Figueiredo, H. F., Denardin, G., & Lopes, J. (2018, November). Implementation of secure communication with modbus and transport layer security protocols. In 2018 13th IEEE International Conference on Industry Applications (INDUSCON) (pp. 155-162). IEEE.
[51] Figueroa-Lorenzo, S., Añorga, J., & Arrizabalaga, S. (2019). A role-based access control model in Modbus SCADA systems. A centralized model approach. Sensors, 19(20), 4455.
[52] Pricop, E., Fattahi, J., Parashiv, N., Zamfir, F., & Ghayoula, E. (2017, April). Method for authentication of sensors connected on modbus tcp. In 2017 4th International Conference on Control, Decision and Information Technologies (CoDIT) (pp. 0679-0683). IEEE.
[53] El-Hajj, M., Fadlallah, A., Chamoun, M., & Serhrouchni, A. (2019). A survey of internet of things (IoT) authentication schemes. Sensors, 19(5), 1141.
[54] Aman, M. N., Chua, K. C., & Sikdar, B. (2017). Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet of Things Journal, 4(5), 1327-1340.
[55] Choudhary, K., Gaba, G. S., Butun, I., & Kumar, P. (2020). Make-it—A lightweight mutual authentication and key exchange protocol for industrial internet of things. Sensors, 20(18), 5166.
[56] Esfahani, A., Mantas, G., Matischek, R., Saghezchi, F. B., Rodriguez, J., Bicaku, A., ... & Bastos, J. (2017). A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet of Things Journal, 6(1), 288-296.
[57] Qureshi, M. A., & Munir, A. (2020, January). PUF-IPA: A PUF-based identity preserving protocol for Internet of Things authentication. In 2020 IEEE 17th annual consumer communications & networking conference (CCNC) (pp. 1-7). IEEE.
[58] Zhang, J., & Qu, G. (2019). Physical unclonable function-based key sharing via machine learning for IoT security. IEEE Transactions on Industrial Electronics, 67(8), 7025-7033.
[59] Dammak, M., Boudia, O. R. M., Messous, M. A., Senouci, S. M., & Gransart, C. (2019, January). Token-based lightweight authentication to secure IoT networks. In 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1-4). IEEE.
[60] Esfahani, A., Mantas, G., Matischek, R., Saghezchi, F. B., Rodriguez, J., Bicaku, A., ... & Bastos, J. (2017). A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet of Things Journal, 6(1), 288-296.
[61] Watson, D. S., Piette, M. A., Sezgen, O., & Motegi, N. (2020). Machine to machine (M2M) technology in demand responsive commercial buildings. In Handbook of Web Based Energy Information and Control Systems (pp. 429-446). River Publishers.
[62] Vyas, D., & Pandya, H. (2012). Advance metering infrastructure and DLMS/COSEM standards for smart grid. International Journal of Engineering Research &, 1(1).
[63] Wen, F., & Li, X. (2012). An improved dynamic ID-based remote user authentication with key agreement scheme. Computers & Electrical Engineering, 38(2), 381-387.
[64] Hsiang, H. C., & Shih, W. K. (2009). Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces, 31(6), 1118-1123.
[65] Sharma, D. K., Baghel, N., & Agarwal, S. (2020, February). Multiple degree authentication in sensible homes basedon iot device vulnerability. In 2020 International Conference on Power Electronics & IoT Applications in Renewable Energy and its Control (PARC) (pp. 539-543). IEEE.
[66] Yang, J., Fan, J., & Zhu, X. (2023). Perception Layer Lightweight Certificateless Authentication Scheme for IoT-Based Emergency Logistics. IEEE Access, 11, 14350-14364.
[67] Dammak, M., Boudia, O. R. M., Messous, M. A., Senouci, S. M., & Gransart, C. (2019, January). Token-based lightweight authentication to secure IoT networks. In 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1-4). IEEE.
[68] Ahmed, S., & Mahmood, Q. (2019, November). An authentication based scheme for applications using JSON web token. In 2019 22nd international multitopic conference (INMIC) (pp. 1-6). IEEE.
[69] Nyangaresi, V. O. (2022). Terminal independent security token derivation scheme for ultra-dense IoT networks. Array, 15, 100210.
[70] Das, A. K., Wazid, M., Yannam, A. R., Rodrigues, J. J., & Park, Y. (2019). Provably secure ECC-based device access control and key agreement protocol for IoT environment. IEEE Access, 7, 55382-55397.
[71] Lara, E., Aguilar, L., & García, J. A. (2021). Lightweight authentication protocol using self-certified public keys for wireless body area networks in health-care applications. IEEE Access, 9, 79196-79213.
[72] Li, P., Su, J., & Wang, X. (2020). iTLS: Lightweight transport-layer security protocol for IoT with minimal latency and perfect forward secrecy. IEEE Internet of Things Journal, 7(8), 6828-6841.
[73] Gaba, G. S., Kumar, G., Monga, H., Kim, T. H., & Kumar, P. (2020). Robust and lightweight mutual authentication scheme in distributed smart environments. IEEE Access, 8, 69722-69733.
[74] Li, X., Niu, J., Bhuiyan, M. Z. A., Wu, F., Karuppiah, M., & Kumari, S. (2017). A robust ECC-based provable secure authentication protocol with privacy preserving for industrial Internet of Things. IEEE Transactions on Industrial Informatics, 14(8), 3599-3609.
[75] Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23 (pp. 523-540). Springer Berlin Heidelberg.
[76] Hammi, B., Fayad, A., Khatoun, R., Zeadally, S., & Begriche, Y. (2020). A lightweight ECC-based authentication scheme for Internet of Things (IoT). IEEE Systems Journal, 14(3), 3440-3450.
[77] Aravindhan, K., & Karthiga, R. R. (2013). One time password: A survey. International Journal of Emerging Trends in Engineering and Development, 1(3), 613-623.
[78] Lohachab, A. (2019). ECC based inter-device authentication and authorization scheme using MQTT for IoT networks. Journal of Information Security and Applications, 46, 1-12.
[79] Ranaweera, P., Jurcut, A. D., & Liyanage, M. (2021). Survey on multi-access edge computing security and privacy. IEEE Communications Surveys & Tutorials, 23(2), 1078-1124.
[80] Ali, B., Gregory, M. A., & Li, S. (2021). Multi-access edge computing architecture, data security and privacy: A review. IEEE Access, 9, 18706-18721.
[81] Li, C. Y., Lin, Y. D., Lai, Y. C., Chien, H. T., Huang, Y. S., Huang, P. H., & Liu, H. Y. (2020). Transparent AAA security design for low-latency MEC-integrated cellular networks. IEEE Transactions on Vehicular Technology, 69(3), 3231-3243.
[82] Zhang, S., & Lee, J. H. (2019). A group signature and authentication scheme for blockchain-based mobile-edge computing. IEEE Internet of Things Journal, 7(5), 4557-4565.
[83] Yu, L., He, M., Liang, H., Xiong, L., & Liu, Y. (2023). A Blockchain-Based Authentication and Authorization Scheme for Distributed Mobile Cloud Computing Services. Sensors, 23(3), 1264.
[84] Yao, A., Li, G., Li, X., Jiang, F., Xu, J., & Liu, X. (2023). Differential privacy in edge computing-based smart city Applications: Security issues, solutions and future directions. Array, 100293.
[85] OpenMUC User Guide. Available online: https://www.openmuc.org/openmuc/user-guide/ (accessed on 1 April 2021).