Efficient and Lightweight Data Streaming Authentication in Industrial Control and Automation Systems

The industrial control and automation systems have played an increasingly important role in critical manufacturing processes. In such systems, many Internet of Things devices continuously collect large number of streaming data for real-time processing. Verifiable data streaming (VDS) addresses such authenticity issue for streaming data, but most VDS schemes are not efficient and lightweight, do not support range querying, and cannot be used in practice. To improve the efficiency and achieve a verifiable range query in data streaming, we present here a new primitive, namely, a chameleon authentication tree with prefixes (PCAT), which is extended from the PBTree and chameleon authentication tree. Our scheme is not only lightweight but also supports dynamic expansion and verifiable range query in data streaming, making it more suitable for resource-constrained devices. We separate the PCAT's algorithms into the following phases: initialization, data appending, query, and verification. Our analyses prove that the PCAT satisfies all the security requirements of VDS. Moreover, an efficiency analysis and performance evaluation demonstrate that our scheme not only supports lightweight data streaming authentication but also has high efficiency, which means that the PCAT is easier to apply in the industrial control and automation systems.