What problem does this paper attempt to address?

The key problem that this paper attempts to solve is the security challenges faced by low - performance devices when interacting with cloud services in critical infrastructures. Specifically, with the development of the Internet of Things (IoT) and Industry 4.0, more and more low - performance devices (such as sensors, storage systems, and actuators) are connected to the cloud for advanced data analysis. These devices usually have limited computing power and memory resources, but their roles in industrial automation and critical infrastructures are crucial. ### Main problems include: 1. **Security threats**: - The paper discusses various security threats against cloud services and operational technology (OT) devices, especially in applications in critical infrastructures. For example, in the 2015 Ukraine blackout event, the attackers not only destroyed the industrial control system (ICS), but also damaged the firmware of the serial - to - Ethernet adapter, causing the server to be unable to obtain power from the uninterruptible power supply (UPS), thus prolonging the blackout time. 2. **Security challenges in the life cycle**: - Low - performance devices may face various security risks throughout their entire life cycle (from manufacturing, installation, operation, update to retirement). For example, in the manufacturing stage, an attacker may implant a backdoor in the initial firmware; in the installation stage, a man - in - the - middle attack may occur; in the operation stage, data transmission may be tampered with or intercepted; in the update stage, unauthorized devices may obtain new firmware; in the retirement stage, the identity of the device may be copied for forging devices. 3. **Economic and technical limitations**: - Low - performance devices are usually designed to only meet their main functional requirements, so their computing power and memory are very limited. This makes it difficult for traditional encryption algorithms and security protocols to be effectively implemented on these devices. In addition, for reasons of cost and supply chain optimization, adding additional security measures may make the product uneconomical. 4. **Communication security**: - Ensuring secure communication between low - performance devices and cloud services is another important challenge. Especially when these devices are connected via the Internet, it is necessary to ensure the confidentiality, integrity, and availability of data and prevent unauthorized access and tampering. ### Solutions: The paper proposes a research project named "iSEC", aiming to develop an integrated data communication architecture that can both ensure high internal computing performance for processing real - time control algorithms and achieve secure communication. Specific measures include: - **Light - weight encryption**: Research light - weight encryption algorithms suitable for low - performance embedded systems to improve security without significantly affecting performance. - **Physical Unclonable Function (PUF)**: Utilize the inherent physical characteristics of hardware to generate a unique digital fingerprint for device authentication and data encryption, preventing cloning and forging. - **Secure design**: Consider security at the design stage (Security by Design) to ensure that all components can resist potential cyber - attacks. In conclusion, the core problem of this paper is to solve the security challenges faced by low - performance devices when interacting with cloud services in critical infrastructures and propose corresponding solutions.