Challenges when securing manufacturing message service in legacy industrial control systems

The resource constrained legacy embedded systems are widely found in today´s Industrial Control System networks. The Manufacturing message service (MMS) protocol is an international messaging service standard for industrial communications with very limited security provisioning. Legacy embedded systems and real-time applications impose challenges to secure the MMS protocol. Analysing the relevant standards such as IEC 62351-4, this paper presents a secure MMS profile by implementing Transport Layer Security (TLS) into the MMS protocol. In this paper, we present a detailed evaluation of the secure MMS profile that include how TLS addresses the vulnerability of the MMS protocol and an analysis of its performance in a low resource embedded system environment. We found that the secure MMS protocol in legacy embedded systems introduces concerns such as high run-time memory usage and considerable increase of the duration of data read and write. Due to these concerns, real-time nature of applications can be compromised.