A Reference Architecture for Verifiable Trust Across Industrial Cloud–Edge Continuum
摘要
As Industrial Control Systems (ICS) shift toward cloud–edge continuums, a single breach can trigger cascading failures across the entire infrastructure. Current research lacks a unified method to establish end-to-end verifiable trust across heterogeneous devices and platforms. This paper proposes a reference architecture to bridge this gap, deriving security requirements from NIST, ENISA, and MITRE ATT&CK frameworks. The architecture integrates hardware-rooted trust, secure networking, and cloud-based attestation. It is designed for diverse environments—ranging from TEE-enabled devices to bare-metal controllers—allowing for incremental deployment and clear security-performance trade-offs. By unifying siloed defenses into a holistic framework, this work provides systematic guidance for managing risks and ensuring deployability in real-world industrial settings.