A solution for industrial device commissioning along with the initial trust establishment

Industrial device commissioning along with the initial distribution of keying material is an important step for the security of industrial plants. An efficient key management system is required in cryptography for both symmetric key or public/private key encryption. Most of the key management system use either pre-installed shared keys or install keys using out-of-band channels. In addition to that, the sensor devices both wired and wireless need to be verified whether it is connected to the correct physical entity since these devices are linked with the physical world. Therefore in industrial plants there is a requirement to automate the trust bootstrapping process, where the devices from upper level in communication network will be aware that the communication device from below level is trusted. In this work, we present a workflow that uses the existing trust mechanism on employees to enable the initial bootstrap of trust in the devices, and also optionally support the commissioning engineer to download the required configuration data in the device as well. Thus, this approach presents a unique solution to the initial trust distribution problem reusing the existing features and facilities in industrial plants.