{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T18:53:38Z","timestamp":1770749618955,"version":"3.50.0"},"reference-count":84,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2024,4,10]],"date-time":"2024-04-10T00:00:00Z","timestamp":1712707200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100002723","name":"AiF","doi-asserted-by":"publisher","award":["AIF\/DFAM21752N"],"award-info":[{"award-number":["AIF\/DFAM21752N"]}],"id":[{"id":"10.13039\/501100002723","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JSAN"],"abstract":"<jats:p>Driven by the Industry 4.0 paradigm and the resulting demand for connectivity in industrial networking, there is a convergence of formerly isolated operational technology and information technology networks. This convergence leads to attack surfaces on industrial networks. Therefore, a holistic approach of countermeasures is needed to protect against cyber attacks. One element of these countermeasures is the use of certificate-based authentication for industrial components communicating on the field level. This in turn requires the management of certificates, private keys, and trust anchors in the communication endpoints. The work at hand surveys the topic of certificate management in industrial networking environments throughout their life cycle, from manufacturing until their disposal. To the best of the authors\u2019 knowledge, there is no work yet that surveys the topic of certificate management in industrial networking environments. The work at hand considers contributions from research papers, industrial communication standards, and contributions that originate from the IT domain. In total, 2042 results from IEEE Xplore, Science Direct, Scopus, and Springer Link were taken into account. After applying inclusion and exclusion criteria and title, abstract, and full-text analysis, 20 contributions from research papers were selected. In addition to the presentation of their key contributions, the work at hand provides a synopsis that compares the overarching aspects. This comprises different proposed entity architectures, certificate management functions, involvement of different stakeholders, and consideration of life cycle stages. Finally, research gaps that are to be filled by further work are identified. While the topic of certificate management has already been addressed by the IT domain, its incorporation into industrial communication standards began significantly later and is still the subject of research work.<\/jats:p>","DOI":"10.3390\/jsan13020026","type":"journal-article","created":{"date-parts":[[2024,4,10]],"date-time":"2024-04-10T06:07:46Z","timestamp":1712729266000},"page":"26","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["A Survey on Life-Cycle-Oriented Certificate Management in Industrial Networking Environments"],"prefix":"10.3390","volume":"13","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0679-3841","authenticated-orcid":false,"given":"Julian","family":"G\u00f6ppert","sequence":"first","affiliation":[{"name":"Institute of Reliable Embedded Systems and Communication Electronics (ivESK), Offenburg University of Applied Sciences, 77652 Offenburg, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4485-5871","authenticated-orcid":false,"given":"Andreas","family":"Walz","sequence":"additional","affiliation":[{"name":"Institute of Reliable Embedded Systems and Communication Electronics (ivESK), Offenburg University of Applied Sciences, 77652 Offenburg, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0878-2919","authenticated-orcid":false,"given":"Axel","family":"Sikora","sequence":"additional","affiliation":[{"name":"Institute of Reliable Embedded Systems and Communication Electronics (ivESK), Offenburg University of Applied Sciences, 77652 Offenburg, Germany"}]}],"member":"1968","published-online":{"date-parts":[[2024,4,10]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.dcan.2019.07.001","article-title":"Recent advances in Industrial Internet: Insights and challenges","volume":"6","author":"Qin","year":"2020","journal-title":"Digit. Commun. Netw."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Chhetri, S.R., Rashid, N., Faezi, S., and Al Faruque, M.A. (2017, January 13\u201316). Security trends and advances in manufacturing systems in the era of industry 4.0. Proceedings of the 2017 IEEE\/ACM International Conference on Computer-Aided Design (ICCAD), Irvine, CA, USA.","DOI":"10.1109\/ICCAD.2017.8203896"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Arnarson, H., Kanafi, F.S., Kaarlela, T., Seldeslachts, U., and Pieters, R. (2022, January 9\u201312). Evaluation of cyber security in agile manufacturing: Maturity of Technologies and Applications. Proceedings of the 2022 IEEE\/SICE International Symposium on System Integration (SII), Virtual.","DOI":"10.1109\/SII52469.2022.9708888"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"23235","DOI":"10.1109\/ACCESS.2021.3056650","article-title":"A Review of Cybersecurity Guidelines for Manufacturing Factories in Industry 4.0","volume":"9","author":"Mullet","year":"2021","journal-title":"IEEE Access"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Hemsley, K.E., and Fisher, D.R.E. (2018). History of Industrial Control System Cyber Incidents, Technical Report INL\/CON\u201318-44411-Rev002.","DOI":"10.2172\/1505628"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Xu, Y., Yang, Y., Li, T., Ju, J., and Wang, Q. (2017, January 26\u201328). Review on cyber vulnerabilities of communication protocols in industrial control systems. Proceedings of the 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2), Beijing, China.","DOI":"10.1109\/EI2.2017.8245509"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"1253","DOI":"10.1016\/j.promfg.2017.09.047","article-title":"Network and information security challenges within Industry 4.0 paradigm","volume":"13","author":"Pereira","year":"2017","journal-title":"Procedia Manuf."},{"key":"ref_8","unstructured":"NCCIC (2016). Office of Cybersecurity and Communications, Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies, Technical Report."},{"key":"ref_9","unstructured":"(2024, March 04). PI White Paper: Security Extensions for PROFINET. Available online: https:\/\/de.profibus.com\/downloads\/pi-white-paper-security-extensions-for-profinet."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Walz, A., Niemann, K.H., G\u00f6ppert, J., Fischer, K., Merklin, S., Ziegler, D., and Sikora, A. (2023, January 17\u201320). PROFINET Security: A Look on Selected Concepts for Secure Communication in the Automation Domain. Proceedings of the 2023 IEEE 21st International Conference on Industrial Informatics (INDIN), Lemgo, Germany.","DOI":"10.1109\/INDIN51400.2023.10217985"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"93137","DOI":"10.1109\/ACCESS.2021.3092203","article-title":"How to Survive Identity Management in the Industry 4.0 Era","volume":"9","author":"Astorga","year":"2021","journal-title":"IEEE Access"},{"key":"ref_12","unstructured":"Boeyen, S., Santesson, S., Polk, T., Housley, R., Farrell, S., and Cooper, D. (2008). Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, Internet Engineering Task Force. Technical Report RFC 5280."},{"key":"ref_13","unstructured":"Einarsson, B.R., and Gillmor, D.K. (2024, March 04). OpenPGP Example Keys and Certificates. Internet Draft Draft-Bre-Openpgp-Samples-01, Internet Engineering Task Force. Available online: https:\/\/datatracker.ietf.org\/doc\/draft-bre-openpgp-samples-01."},{"key":"ref_14","unstructured":"Mononen, T., Kause, T., Farrell, S., and Adams, C. (2024, March 04). Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP). Request for Comments RFC 4210, Internet Engineering Task Force. Available online: https:\/\/datatracker.ietf.org\/doc\/html\/rfc4210."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., and Adams, C. (2013). X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. Request for Comments RFC 6960, Internet Engineering Task Force.","DOI":"10.17487\/rfc6960"},{"key":"ref_16","unstructured":"(2024, March 04). Datenbank-Infosystem: Universit\u00e4tsbibliothek der TU Berlin: Fachgebiet: Elektrotechnik, Mess- und Regelungstechnik. Technical Report. Available online: https:\/\/dbis.ur.de\/dbinfo\/fachliste.php?bib_id=tubb&colors=255&ocolors=40&lett=l."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Gutmann, P. (2020). Simple Certificate Enrolment Protocol. Request for Comments RFC 8894, Internet Engineering Task Force.","DOI":"10.17487\/RFC8894"},{"key":"ref_18","unstructured":"(2024, March 04). EtherCAT Technology Group, Industrial Ethernet Technologies: Overview and Comparison. Available online: https:\/\/www.ethercat.org\/download\/documents\/Industrial_Ethernet_Technologies.pdf."},{"key":"ref_19","unstructured":"Myers, M., and Schaad, J. (2008). Certificate Management Over CMS (CMC). Request for Comments RFC 5272, Internet Engineering Task Force."},{"key":"ref_20","unstructured":"Antonio, A. (2024, March 04). What Is the Difference Between Profibus and Profinet?. Available online: https:\/\/control.com\/technical-articles\/understanding-profibus-vs-profinet\/."},{"key":"ref_21","unstructured":"OPC Foundation (2024, March 04). OPC 10000-2 UA Part 2: Security, V1.00. Available online: https:\/\/opcfoundation.org\/developer-tools\/documents\/view\/159."},{"key":"ref_22","unstructured":"(2007). Industrial Communication Networks\u2014Fieldbus Specifications (Standard No. IEC 61158: 2007)."},{"key":"ref_23","unstructured":"(2007). Industrial Communication Networks\u2014Profiles (Standard No. IEC 61784: 2007)."},{"key":"ref_24","unstructured":"Wallace, C., Ashmore, S., and Housley, R. (2010). Trust Anchor Management Protocol (TAMP). Request for Comments RFC 5934, Internet Engineering Task Force."},{"key":"ref_25","unstructured":"OPC Foundation (2024, March 04). OPC 10000-2 UA Part 2: Security, V1.01. Available online: https:\/\/opcfoundation.org\/developer-tools\/documents\/view\/159."},{"key":"ref_26","unstructured":"(2018). IEEE Standard for Local and Metropolitan Area Networks\u2014Secure Device Identity (Standard No. IEEE Standard 802.1AR-2018 (Revision of IEEE Std 802.1AR-2009))."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Pritikin, M., Yee, P.E., and Harkins, D. (2013). Enrollment over Secure Transport. Request for Comments RFC 7030, Internet Engineering Task Force.","DOI":"10.17487\/rfc7030"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Fischer, K., Ge\u00dfner, J., and Fries, S. (2012, January 4\u20136). Secure Identifiers and Initial Credential Bootstrapping for IoT@Work. Proceedings of the 2012 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Palermo, Italy.","DOI":"10.1109\/IMIS.2012.53"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Fernbach, A., and Kastner, W. (2012, January 17\u201321). Certificate management in OPC UA applications: An evaluation of different trust models. Proceedings of the 2012 IEEE 17th International Conference on Emerging Technologies Factory Automation (ETFA 2012), Krakow, Poland.","DOI":"10.1109\/ETFA.2012.6489675"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Hausmann, S., and Heiss, S. (2012, January 17\u201321). Usage of public key infrastructures in automation networks. Proceedings of the 2012 IEEE 17th International Conference on Emerging Technologies Factory Automation (ETFA 2012), Krakow, Poland.","DOI":"10.1109\/ETFA.2012.6489750"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Pettersen, Y.N. (2013). The Transport Layer Security (TLS) Multiple Certificate Status Request Extension. Request for Comments RFC 6961, Internet Engineering Task Force.","DOI":"10.17487\/rfc6961"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Kim, D., and An, S. (2014, January 23\u201326). Efficient and scalable public key infrastructure for wireless sensor networks. Proceedings of the the 2014 International Symposium on Networks, Computers and Communications, Madeira, Portugal.","DOI":"10.1109\/SNCC.2014.6866514"},{"key":"ref_33","first-page":"1","article-title":"Managed Certificate Whitelisting\u2014A Basis for Internet of Things Security in Industrial Automation Applications","volume":"8","author":"Falk","year":"2014","journal-title":"Int. J. Adv. Secur."},{"key":"ref_34","unstructured":"Runde, M., Hausmann, S., Tebbe, C., Czybik, B., Niemann, K.H., Heiss, S., and Jasperneite, J. (2014). Schlussbericht SEC_PRO 2014, Hanover University."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Pritikin, M., Richardson, M., Eckert, T., Behringer, M.H., and Watsen, K. (2021). Bootstrapping Remote Secure Key Infrastructure (BRSKI). Request for Comments RFC 8995, Internet Engineering Task Force.","DOI":"10.17487\/RFC8995"},{"key":"ref_36","unstructured":"OPC Foundation (2024, March 04). OPC 10000-12 UA Part 12: Discovery and Global Services, V1.03. Available online: https:\/\/opcfoundation.org\/developer-tools\/documents\/view\/169."},{"key":"ref_37","unstructured":"(2024, March 04). CIP Security Phase 1 Secure Transport for EtherNet\/IP-ODVA 2015 Industry Conference and 17th Annual Meeting. Available online: https:\/\/www.odva.org\/library_proceedings\/cip-security-phase-1-secure-transport-for-ethernet-ip\/."},{"key":"ref_38","unstructured":"OPC Foundation (2024, March 04). OPC 10000-2 UA Part 2: Security, V1.03. Available online: https:\/\/opcfoundation.org\/developer-tools\/documents\/view\/159."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Barnes, R., Hoffman-Andrews, J., McCarney, D., and Kasten, J. (2019). Automatic Certificate Management Environment (ACME). Request for Comments RFC 8555, Internet Engineering Task Force.","DOI":"10.17487\/RFC8555"},{"key":"ref_40","unstructured":"Selander, G., Raza, S., Vu\u010dini\u0107, M., Furuhed, M., and Richardson, M. (2017). Enrollment with Application Layer Security. Internet Draft Draft-Selander-Ace-Eals-01, Internet Engineering Task Force."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Karthikeyan, G., and Heiss, S. (2018, January 4\u20137). PKI and User Access Rights Management for OPC UA based Applications. Proceedings of the International Conference on Emerging Technologies and Factory Automation (ETFA), Turin, Italy.","DOI":"10.1109\/ETFA.2018.8502603"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Duan, L., Li, Y., and Liao, L. (2018, January 15\u201318). Flexible certificate revocation list for efficient authentication in IoT. Proceedings of the 8th International Conference on the Internet of Things, New York, NY, USA.","DOI":"10.1145\/3277593.3277595"},{"key":"ref_43","unstructured":"OPC Foundation (2024, March 04). OPC 10000-12 UA Part 12: Discovery and Global Services, V1.04. Available online: https:\/\/opcfoundation.org\/developer-tools\/documents\/view\/169."},{"key":"ref_44","unstructured":"(2024, March 04). IEC\/IEEE 60802 TSN Profile for Industrial Automation Draft V0.0. Available online: https:\/\/1.ieee802.org\/tsn\/iec-ieee-60802\/."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Danilchenko, V., Theobald, M., and Cohen, D. (2019, January 9\u201313). Bootstrapping Security Configuration for IoT Devices on Networks with TLS Inspection. Proceedings of the 2019 IEEE Globecom Workshops (GC Wkshps), Waikoloa, HI, USA.","DOI":"10.1109\/GCWkshps45667.2019.9024325"},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"101658","DOI":"10.1016\/j.cose.2019.101658","article-title":"PKI4IoT: Towards public key infrastructure for the Internet of Things","volume":"89","author":"Lindemer","year":"2020","journal-title":"Comput. Secur."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Boudagdigue, C., Benslimane, A., and Kobbane, A. (2020, January 7\u201311). Cluster-based certificate revocation in industrial loT networks using Signaling game. Proceedings of the GLOBECOM 2020\u20142020 IEEE Global Communications Conference, Taipei, Taiwan. ISSN: 2576-6813.","DOI":"10.1109\/GLOBECOM42002.2020.9322497"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"226422","DOI":"10.1109\/ACCESS.2020.3045441","article-title":"Security Architecture and Protocols for Secure MQTT-SN","volume":"8","author":"Park","year":"2020","journal-title":"IEEE Access"},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Kulik, T., Boudjadar, J., and Aranha, D.F. (2021, January 17\u201321). Formally Verified Credentials Management for Industrial Control Systems. Proceedings of the 2021 IEEE\/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE), Madrid, Spain. ISSN: 2575-5099.","DOI":"10.1109\/FormaliSE52586.2021.00014"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1140\/epjqt\/s40507-021-00104-z","article-title":"Towards security recommendations for public-key infrastructures for production environments in the post-quantum era","volume":"8","author":"Yunakovsky","year":"2021","journal-title":"EPJ Quantum Technol."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"99299","DOI":"10.1109\/ACCESS.2021.3096062","article-title":"On the Security of IIoT Deployments: An Investigation of Secure Provisioning Solutions for OPC UA","volume":"9","author":"Meier","year":"2021","journal-title":"IEEE Access"},{"key":"ref_52","unstructured":"(2023). Industrial Communication Networks\u2014Fieldbus Specifications (Standard No. IEC 61158)."},{"key":"ref_53","doi-asserted-by":"crossref","unstructured":"Krishnan, A.A., Rajendran, S.K., and Sunil Kumar, T.K. (2022, January 9\u201310). Improved PKI Certificate Lifecycle Management with Centralized Device Management For Industrial IoT. Proceedings of the International Conference on Public Key Infrastructure and its Applications (PKIA), Bangalore, India.","DOI":"10.1109\/PKIA56009.2022.9952216"},{"key":"ref_54","unstructured":"OPC Foundation (2024, March 04). OPC 10000-2 UA Part 2: Security, V1.05.02. Available online: https:\/\/reference.opcfoundation.org\/Core\/Part2\/v105\/docs\/."},{"key":"ref_55","unstructured":"OPC Foundation (2024, March 04). OPC 10000-12 UA Part 12, V1.05.02. Available online: https:\/\/reference.opcfoundation.org\/GDS\/v105\/docs\/."},{"key":"ref_56","unstructured":"OPC Foundation (2024, March 04). OPC 10000-21 UA Part 21, V1.05.02. Available online: https:\/\/reference.opcfoundation.org\/Onboarding\/v105\/docs\/."},{"key":"ref_57","first-page":"103424","article-title":"Lightweight certificate revocation for low-power IoT with end-to-end security","volume":"73","author":"Furuhed","year":"2023","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"28370","DOI":"10.1109\/ACCESS.2023.3259068","article-title":"LightCert4IoTs: Blockchain-Based Lightweight Certificates Authentication for IoT Applications","volume":"11","author":"Garba","year":"2023","journal-title":"IEEE Access"},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"12867","DOI":"10.1109\/JIOT.2023.3259340","article-title":"Trust-based Certificate Management for industrial IoT networks","volume":"10","author":"Boudagdigue","year":"2023","journal-title":"IEEE Internet Things J."},{"key":"ref_60","unstructured":"(2024, March 04). IEC\/IEEE 60802 TSN Profile for Industrial Automation Draft V2.0. Available online: https:\/\/1.ieee802.org\/tsn\/iec-ieee-60802\/."},{"key":"ref_61","unstructured":"(2024, March 04). HMS-Network, Industrial Networks Keep Growing Despite Challenging Times. Available online: https:\/\/www.hms-networks.com\/news-and-insights\/news-from-hms\/2022\/05\/02\/industrial-networks-keep-growing-despite-challenging-times."},{"key":"ref_62","unstructured":"OPC Foundation (2024, March 04). Unified Architecture. Available online: https:\/\/opcfoundation.org\/about\/opc-technologies\/opc-ua\/."},{"key":"ref_63","unstructured":"(2024, March 04). IEC\/IEEE 60802 Security Slice V0.4. Available online: https:\/\/www.ieee802.org\/1\/files\/public\/docs2021\/60802-pfaff-et-al-security-slice-0521-v03.pdf."},{"key":"ref_64","doi-asserted-by":"crossref","unstructured":"M\u00fchlbauer, N., Kirdan, E., Pahl, M.O., and Carle, G. (2020, January 8\u201311). Open-Source OPC UA Security and Scalability. Proceedings of the 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Vienna, Austria.","DOI":"10.1109\/ETFA46521.2020.9212091"},{"key":"ref_65","doi-asserted-by":"crossref","unstructured":"Watson, V., Lou, X., and Gao, Y. (2017, January 24\u201326). A Review of PROFIBUS Protocol Vulnerabilities - Considerations for Implementing Authentication and Authorization Controls. Proceedings of the 14th International Joint Conference on e-Business and Telecommunications, Madrid, Spain.","DOI":"10.5220\/0006426504440449"},{"key":"ref_66","first-page":"107","article-title":"Proposal of a Secure Modbus RTU Communication with Adi Shamir\u2019s Secret Sharing Method","volume":"64","year":"2018","journal-title":"Int. J. Electron. Telecommun."},{"key":"ref_67","unstructured":"(2024, March 04). CC-Link Partner Association, Specification Table of CC-Link V1.10\/V2. Available online: https:\/\/www.cc-link.org\/en\/cclink\/cclink\/spec1.html."},{"key":"ref_68","doi-asserted-by":"crossref","unstructured":"Murvay, P.S., and Groza, B. (2018, January 15\u201316). A brief look at the security of DeviceNet communication in industrial control systems. Proceedings of the Central European Cybersecurity Conference 2018, Ljubljana, Slovenia.","DOI":"10.1145\/3277570.3277575"},{"key":"ref_69","doi-asserted-by":"crossref","unstructured":"Wampler, D., Fu, H., and Zhu, Y. (2009, January 18\u201320). Security Threats and Countermeasures for Intra-vehicle Networks. Proceedings of the 2009 5th International Conference on Information Assurance and Security, Xi\u2019an, China.","DOI":"10.1109\/IAS.2009.350"},{"key":"ref_70","doi-asserted-by":"crossref","unstructured":"Cuppens-Boulahia, N., Lambrinoudakis, C., Cuppens, F., and Katsikas, S. (2017). Security of Industrial Control Systems and Cyber-Physical Systems, Springer International Publishing. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-319-61437-3"},{"key":"ref_71","doi-asserted-by":"crossref","unstructured":"Cuppens-Boulahia, N., Lambrinoudakis, C., Cuppens, F., and Katsikas, S. (2017). Proceedings of the Security of Industrial Control Systems and Cyber-Physical Systems, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-319-61437-3"},{"key":"ref_72","unstructured":"Granat, A., Hoefken, H., and Schuba, M. (2024, March 04). Intrusion Detection of the ICS Protocol EtherCAT. Available online: https:\/\/opus.bibliothek.fh-aachen.de\/opus4\/frontdoor\/index\/index\/docId\/8049."},{"key":"ref_73","unstructured":"(2024, March 04). MODBUS\/TCP Security Protocol Specification. Available online: https:\/\/modbus.org\/docs\/MB-TCP-Security-v21_2018-07-24.pdf."},{"key":"ref_74","unstructured":"(2024, March 04). ODVA, CIP Security at a Glance. Available online: https:\/\/www.odva.org\/wp-content\/uploads\/2020\/05\/PUB00319R1_CIP-Security-At-a-Glance.pdf."},{"key":"ref_75","unstructured":"Rinaldi, J.S. (2024, March 04). CIP Certificate Management Object. Available online: https:\/\/www.rtautomation.com\/rtas-blog\/cip-certificate-management-object\/."},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Badra, M., Luchuk, A., and Sch\u00f6nw\u00e4lder, J. (2015). Using the NETCONF Protocol over Transport Layer Security (TLS) with Mutual X.509 Authentication, Internet Engineering Task Force. Technical Report RFC 7589.","DOI":"10.17487\/RFC7589"},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"Eastlake, D.E. (2011). Transport Layer Security (TLS) Extensions: Extension Definitions. Request for Comments RFC 6066, Internet Engineering Task Force.","DOI":"10.17487\/rfc6066"},{"key":"ref_78","unstructured":"Khare, A., Tiwary, U.S., Sethi, I.K., and Singh, N. Enhancement of Security in the Internet of Things (IoT) by Using X.509 Authentication Mechanism. Proceedings of the Recent Trends in Communication, Computing, and Electronics, Lecture Notes in Electrical Engineering."},{"key":"ref_79","unstructured":"Rinaldi, J.S. (2024, March 04). The CIP Security PUSH Model. Available online: https:\/\/www.rtautomation.com\/rtas-blog\/the-cip-security-push-model\/."},{"key":"ref_80","unstructured":"Rinaldi, J.S. (2024, March 04). The CIP Security PULL Model. Available online: https:\/\/www.rtautomation.com\/rtas-blog\/the-cip-security-pull-model\/."},{"key":"ref_81","unstructured":"(2024, March 04). Pyramid Soluctions\u2014A Practical Guide for CIP Security Device Developers. Available online: https:\/\/www.isit.fr\/documents\/2100\/cip_security_developers_guide_6.8.20.pdf."},{"key":"ref_82","doi-asserted-by":"crossref","unstructured":"Dukhovni, V. (2014). Opportunistic Security: Some Protection Most of the Time. Request for Comments RFC 7435, Internet Engineering Task Force.","DOI":"10.17487\/rfc7435"},{"key":"ref_83","doi-asserted-by":"crossref","unstructured":"Stajano, F. (2024, March 04). The Resurrecting Duckling\u2014What Next?. Available online: https:\/\/www.cl.cam.ac.uk\/~fms27\/papers\/2001-Stajano-duckling.pdf.","DOI":"10.1007\/3-540-44810-1_27"},{"key":"ref_84","unstructured":"Rockwell Automation (2024, March 04). CIP Security with Rockwell Automation Products Application Technique. Available online: https:\/\/literature.rockwellautomation.com\/idc\/groups\/literature\/documents\/at\/secure-at001_-en-p.pdf."}],"container-title":["Journal of Sensor and Actuator Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2224-2708\/13\/2\/26\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T14:25:34Z","timestamp":1760106334000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2224-2708\/13\/2\/26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,10]]},"references-count":84,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2024,4]]}},"alternative-id":["jsan13020026"],"URL":"https:\/\/doi.org\/10.3390\/jsan13020026","relation":{},"ISSN":["2224-2708"],"issn-type":[{"value":"2224-2708","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,10]]}}}