Secure and Scalable Remote Access Tunnels for the IIoT: An Assessment of openVPN and IPSec Performance

Frederic Pohl; Hans Dieter Schotten

In: Flavio De Paoli; Stefan Schulte; Einar Broch Johnsen (Hrsg.). Service-Oriented and Cloud Computing. European Conference on Service-Oriented and Cloud Computing (ESOCC-17), 6th IFIP WG 2.14 European Conference, September 27-29, Oslo, Norway, Pages 83-90, LNCS, Vol. 10465, ISBN 978-3-319-67261-8, Springer, 2017.


Nowadays, industrial production already benefits from an increased level of interconnection involving various heterogeneous production assets. Future development in the area is likely to lead to a scenario often referred to as the Industrial Internet of Things (IIoT), a promising factor in achieving unseen productivity goals. One of the key IIoT use cases is remote access, which can drastically reduce the requirement for on-site presence of technicians and thus eliminate a large cost factor. In this paper, we present a detailed examination of two widespread Virtual Private Network (VPN) remote access frameworks and analyse their suitability for IIoT remote access facilities. We introduce a cloud architecture that seamlessly integrates with existing highly segmented and firewalled industrial networks, yet providing secure connectivity through the use of openVPN and IPsec technology. With scalability being a key factor for a cloud architecture, we give an analysis of our favoured protocols in order to derive potential performance bottlenecks. We finally verify our assumptions by providing empirical performance measurements.


Deutsches Forschungszentrum für Künstliche Intelligenz
German Research Center for Artificial Intelligence