A Quantum-Safe Software-Defined Deterministic Internet of Things (IoT) with Hardware-Enforced Cyber-Security for Critical Infrastructures

Abstract

The next-generation “Industrial Internet of Things” (IIoT) will support “Machine-to-Machine” (M2M) communications for smart Cyber-Physical-Systems and Industry 4.0, and require guaranteed cyber-security. This paper explores hardware-enforced cyber-security for critical infrastructures. It examines a quantum-safe “Software-Defined-Deterministic IIoT” (SDD-IIoT), with a new forwarding-plane (sub-layer-3a) for deterministic M2M traffic flows. A “Software-Defined Networking” (SDN) control plane controls many “Software-Defined-Deterministic Wide-Area Networks” (SDD-WANs), realized with FPGAs. The SDN control plane provides an “Admission-Control/Access-Control” system for network-bandwidth, using collaborating Artificial Intelligence (AI)-based “Zero Trust Architectures” (ZTAs). Hardware-enforced access-control eliminates all congestion, BufferBloat, and DoS/DDoS attacks, significantly reduces buffer-sizes, and supports ultra-reliable-low-latency communications in the forwarding-plane. The forwarding-plane can: (i) Encrypt/Authenticate M2M flows using quantum-safe ciphers, to withstand attacks by Quantum Computers; (ii) Implement “guaranteed intrusion detection systems” in FPGAs, to detect cyber-attacks embedded within billions of IIoT packets; (iii) Provide guaranteed immunity to external cyber-attacks, and exceptionally strong immunity to internal cyber-attacks; (iv) Save USD 100s of billions annually by exploiting FPGAs; and (v) Enable hybrid Classical-Quantum networks, by integrating a “quantum key distribution” (QKD) network with a classical forwarding plane with exceptionally strong cyber-security, determined by the computational hardness of cracking Symmetric Key Cryptography. Extensive experimental results for an SDD-WAN over the European Union are reported.