Leveraging Transparency of Initial Trust Establishment for Device Security Management

Fries, Steffen; Falk, Rainer

Home // International Journal On Advances in Security, volume 18, numbers 1 and 2, 2025 // View article

Leveraging Transparency of Initial Trust Establishment for Device Security Management

Authors:
Steffen Fries
Rainer Falk

Keywords: communication security; onboarding; trust establishment; industrial automation and control system; cybersecurity; system security management; Internet of Things

Abstract:
Device onboarding is the process of bootstrapping new devices into target systems or target domains, and further on to bring them into an operational state. Secure Device Onboarding has a direct relation to cybersecurity of the operation of the device in a system later on, as it establishes trust between the device and the domain based on device identities and associated cryptographic parameters. Moreover, new devices are provisioned with domain-specific security parameters. Different technologies for automated device onboarding have been specified. Having a reliable information on performed onboarding operations is important during operation, in which the identities and cryptographic parameters are maintained as part of device management. Currently available onboarding technologies do not explicitly consider a binding of this information to the device management during operation. The onboarding information may be specifically important to address upcoming vulnerabilities and threats. Specifically in cases of attacks, it can support the root cause analysis to derive immediate measures to further maintain the attacked service. This supports addressing requirements from existing and currently developed regulations and standards. This paper proposes enhancements to current onboarding approaches that provide this transparency of the onboarding process.

Pages: 104 to 111

Publication date: June 30, 2025

Published in: journal

ISSN: 1942-2636