Reactive security for SDN/NFV-enabled industrial networks leveraging service function chaining

The innovative application of fifth-generation core technologies, ie, software-defined networking (SDN) and network function virtualization, can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. These major changes could not leave the industrial environment unaffected, with smart industrial deployments gradually becoming a reality, a trend that is often referred to as the Fourth Industrial Revolution or Industry 4.0. A wind park is a good example of an industrial application relying on a network with strict performance, security, and reliability requirements and was chosen as a representative example of industrial systems. This work highlights the benefit of leveraging the flexibility of SDN/network function virtualization-enabled networks to deploy enhanced reactive security mechanisms for the protection of the industrial network via the use of service function chaining. Moreover, the implementation of a proof-of-concept reactive security framework for an industrial-grade wind park network is presented, along with a performance evaluation of the proposed approach. The framework is equipped with SDN and supervisory control and data acquisition honeypots, modeled on and deployable to the wind park, allowing continuous monitoring of the industrial network and detailed analysis of potential attacks, thus isolating attackers and enabling the assessment of their level of sophistication. Moreover, the applicability of the proposed solutions is assessed in the context of the specific industrial application based on the analysis of the network characteristics and requirements of an actual operating wind park.