On the Adoption of Physically Unclonable Functions to Secure IIoT Devices

The growing convergence among information and operation technology worlds in modern Industrial Internet of Things (IIoT) systems is posing new security challenges, requiring the adoption of novel security mechanisms involving light architectures and protocols to cope with IIoT devices resource constraints. In this article, we investigate the adoption of physically unclonable functions (PUFs) in the IIoT context, and propose the design of a PUF-based architecture (Pseudo-PUF), obtained by suitably combining a weak PUF and an encryption module, that can be successfully adopted to implement advanced security primitives while meeting the existing requirements of IIoT devices in terms of cost and resource demand. To demonstrate the feasibility of our proposal, we analyzed the overall quality of different Pseudo-PUF instances with respect to well-known PUF quality metrics, and found that it is possible to obtain good results with a negligible impact on the devices, thus making our approach suited to IIoT deployments.