The digital transition in industry is resulting in new services based on data from various objects (sensors, actuators, robots). More specifically, Industrial Cyber-Physical Systems (ICPS) now enable sophisticated interactions between connected devices and humans to make informed decisions. These objects range from sensors and actuators to vehicles and production machines. They are used in the fields of industry, energy, mobility, the smart home, and the smart city. The rapid evolution of the number of objects and the tasks performed on them has increased the attack surface of ICPS, significantly increasing the risk of cyber incidents. Recent sophisticated attacks, exploits, and flaws in software and hardware design (e.g., Stuxnet, WannaCry, Mirai, Meltdown) thus testify to the importance of cybersecurity for industrial cyber-physical systems. Indeed, digital control systems make decisions that are reflected towards the physical elements of ICPS, thus posing security and safety risks incurred in the infrastructures relying on these ICPS (e.g., road safety, nuclear safety). In order to determine the decisions to be taken, these systems use data exchanged within or between several ICPS. Numerous solutions used today in the Internet make it possible to secure data exchanges, guaranteeing in particular the confidentiality of contents, their integrity, and the authentication of sources and destinations.
However, after the emergence of an Internet of Things where data was stored and processed within remote infrastructures (e.g., cloud), there are now many reasons for carrying out these operations as close as possible to the source objects (e.g., reactivity of real-time applications, optimization of bandwidth, limitation of the risk of data leakage). The security solutions deployed in the context of the Internet must, therefore, be adapted, or even rethought, in order to take into account the specific characteristics of ICPS.
