IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v17y2025i7p286-d1688156.html
   My bibliography  Save this article

Exponential Backoff and Its Security Implications for Safety-Critical OT Protocols over TCP/IP Networks

Author

Listed:
  • Matthew Boeding

    (Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA)

  • Paul Scalise

    (Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA)

  • Michael Hempel

    (Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA)

  • Hamid Sharif

    (Department of Electrical and Computer Engineering, University of Nebraska-Lincoln, Lincoln, NE 68588, USA)

  • Juan Lopez

    (Oak Ridge National Laboratory, Oak Ridge, TN 37831, USA)

Abstract

The convergence of Operational Technology (OT) and Information Technology (IT) networks has become increasingly prevalent with the growth of Industrial Internet of Things (IIoT) applications. This shift, while enabling enhanced automation, remote monitoring, and data sharing, also introduces new challenges related to communication latency and cybersecurity. Oftentimes, legacy OT protocols were adapted to the TCP/IP stack without an extensive review of the ramifications to their robustness, performance, or safety objectives. To further accommodate the IT/OT convergence, protocol gateways were introduced to facilitate the migration from serial protocols to TCP/IP protocol stacks within modern IT/OT infrastructure. However, they often introduce additional vulnerabilities by exposing traditionally isolated protocols to external threats. This study investigates the security and reliability implications of migrating serial protocols to TCP/IP stacks and the impact of protocol gateways, utilizing two widely used OT protocols: Modbus TCP and DNP3. Our protocol analysis finds a significant safety-critical vulnerability resulting from this migration, and our subsequent tests clearly demonstrate its presence and impact. A multi-tiered testbed, consisting of both physical and emulated components, is used to evaluate protocol performance and the effects of device-specific implementation flaws. Through this analysis of specifications and behaviors during communication interruptions, we identify critical differences in fault handling and the impact on time-sensitive data delivery. The findings highlight how reliance on lower-level IT protocols can undermine OT system resilience, and they inform the development of mitigation strategies to enhance the robustness of industrial communication networks.

Suggested Citation

  • Matthew Boeding & Paul Scalise & Michael Hempel & Hamid Sharif & Juan Lopez, 2025. "Exponential Backoff and Its Security Implications for Safety-Critical OT Protocols over TCP/IP Networks," Future Internet, MDPI, vol. 17(7), pages 1-18, June.
    • Handle: RePEc:gam:jftint:v:17:y:2025:i:7:p:286-:d:1688156
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/17/7/286/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/17/7/286/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Daniele Porcu & Sonia Castro & Borja Otura & Paula Encinar & Ioannis Chochliouros & Irina Ciornei & Lenos Hadjidemetriou & Georgios Ellinas & Rita Santiago & Elisavet Grigoriou & Angelos Antonopoulos , 2022. "Demonstration of 5G Solutions for Smart Energy Grids of the Future: A Perspective of the Smart5Grid Project," Energies, MDPI, vol. 15(3), pages 1-27, January.
    2. Matthew Boeding & Kelly Boswell & Michael Hempel & Hamid Sharif & Juan Lopez & Kalyan Perumalla, 2022. "Survey of Cybersecurity Governance, Threats, and Countermeasures for the Power Grid," Energies, MDPI, vol. 15(22), pages 1-22, November.
    3. Peyman Jafary & Antti Supponen & Sami Repo, 2022. "Network Architecture for IEC61850-90-5 Communication: Case Study of Evaluating R-GOOSE over 5G for Communication-Based Protection," Energies, MDPI, vol. 15(11), pages 1-36, May.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Boeding, Matthew & Hempel, Michael & Sharif, Hamid & Lopez, Juan & Perumalla, Kalyan, 2023. "A flexible OT testbed for evaluating on-device implementations of IEC-61850 GOOSE," International Journal of Critical Infrastructure Protection, Elsevier, vol. 42(C).
    2. Wadim Strielkowski & Andrey Vlasov & Kirill Selivanov & Konstantin Muraviev & Vadim Shakhnov, 2023. "Prospects and Challenges of the Machine Learning and Data-Driven Methods for the Predictive Analysis of Power Systems: A Review," Energies, MDPI, vol. 16(10), pages 1-31, May.

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;
    ;
    ;

    JEL classification:

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:17:y:2025:i:7:p:286-:d:1688156. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.