View in EDS

Enhancing industrial cybersecurity via IoT device-trusted remote attestation framework with zero trust architecture in brewery operations.

Saved in:
Bibliographic Details
Title: Enhancing industrial cybersecurity via IoT device-trusted remote attestation framework with zero trust architecture in brewery operations.
Authors: Salman, Muhammad, Budiyanto, Alan
Source: Indonesian Journal of Electrical Engineering & Computer Science; Feb2026, Vol. 41 Issue 2, p720-730, 11p
Subject Terms: INDUSTRY 4.0, INDUSTRIAL security, REAL-time control, INTERNET security, BEER brewing
Abstract: The rapid expansion of industrial internet of things (IIoT) adoption in Industry 4.0 has improved automation and real-time control yet simultaneously increased security risks in operational technology (OT) environments, where device integrity and system reliability are critical. Existing attestation approaches such as SAFEHIVE, SEDA, CRA, and ERASMUS provide scalable verification capabilities but still lack continuous hardware-rooted validation and adaptive access control required for real-time industrial systems. To address this gap, this study proposes a hybrid cybersecurity framework that integrates IoT device-trusted remote attestation (ID-TRA) based on trusted platform module (TPM) with zero trust architecture (ZTA) to ensure continuous device trustworthiness in brewery operations. The framework was implemented on an industrial testbed with programmable logic controllers (PLCs), edge devices, and industrial switches, and it was evaluated through measurements of attestation latency, false positive rate, communication overhead, and TPM resource utilization. Experimental results show that the framework achieves an average attestation latency of 250 ms, a false positive rate below 2%, and a communication overhead of only 1.1%, while TPM resource usage remains within acceptable bounds (62% CPU and 48 MB RAM). These outcomes demonstrate that the proposed solution can reliably detect unauthorized firmware modifications, prevent compromised devices from accessing critical network zones, and maintain compatibility with real-time control processes. Overall, the integration of ID-TRA and ZTA enhances device-level assurance and strengthens industrial cybersecurity resilience against firmware tampering, replay attacks, and unauthorized lateral movement. [ABSTRACT FROM AUTHOR]
Copyright of Indonesian Journal of Electrical Engineering & Computer Science is the property of Institute of Advanced Engineering & Science and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Complementary Index
Description
Abstract:The rapid expansion of industrial internet of things (IIoT) adoption in Industry 4.0 has improved automation and real-time control yet simultaneously increased security risks in operational technology (OT) environments, where device integrity and system reliability are critical. Existing attestation approaches such as SAFEHIVE, SEDA, CRA, and ERASMUS provide scalable verification capabilities but still lack continuous hardware-rooted validation and adaptive access control required for real-time industrial systems. To address this gap, this study proposes a hybrid cybersecurity framework that integrates IoT device-trusted remote attestation (ID-TRA) based on trusted platform module (TPM) with zero trust architecture (ZTA) to ensure continuous device trustworthiness in brewery operations. The framework was implemented on an industrial testbed with programmable logic controllers (PLCs), edge devices, and industrial switches, and it was evaluated through measurements of attestation latency, false positive rate, communication overhead, and TPM resource utilization. Experimental results show that the framework achieves an average attestation latency of 250 ms, a false positive rate below 2%, and a communication overhead of only 1.1%, while TPM resource usage remains within acceptable bounds (62% CPU and 48 MB RAM). These outcomes demonstrate that the proposed solution can reliably detect unauthorized firmware modifications, prevent compromised devices from accessing critical network zones, and maintain compatibility with real-time control processes. Overall, the integration of ID-TRA and ZTA enhances device-level assurance and strengthens industrial cybersecurity resilience against firmware tampering, replay attacks, and unauthorized lateral movement. [ABSTRACT FROM AUTHOR]
ISSN:25024752
DOI:10.11591/ijeecs.v41.i2.pp720-730