Improving security in industry 4.0 by extending OPC-UA with usage control

This work presents a framework that provides ongoing control on actions execution in the industrial environment exploiting the OPC Unified Architecture (OPC-UA) framework and the Usage Control (UCON) paradigm. We present a fine-grained usage control model, referred as OPC-UCON, satisfying security and privacy needs of the OPC-UA framework. Our proposed framework exploits the OPC-UA connectivity between simulated industrial components and uses the UCON paradigm for dynamically controlling actions execution according to fine-grained policies reported in the standardized format. The UCON paradigm, in a form of the system, is in charge of controlling the process of dynamic policy reevaluation and the possibility of revoking already granted authorization by stopping previously authorized actions if conditions do not satisfy policy anymore. We presented the implementation and deployment of the proposed framework in a simulated industrial environment with relevant security policies to reflect the advantages of the OPCUCON model.