REAL-TIME CYBERSECURITY INTEGRATION IN PLCS AND IOT GATEWAYS: A PERFORMANCE-CONSCIOUS APPROACH TO ENCRYPTION, AUTHENTICATION, AND INTRUSION DETECTION

Abstract

The integration of real-time cybersecurity mechanisms into embedded systems has become a critical priority in the context of Industry 4.0, where programmable logic controllers (PLCs) and Internet of Things (IoT) gateways serve as foundational components of industrial automation. These devices are increasingly exposed to cyber-physical threats as they connect to broader networked infrastructures, yet their computational constraints and real-time operational requirements often preclude the use of conventional security measures. This study proposes and evaluates a performance-conscious cybersecurity framework designed to embed lightweight encryption, mutual authentication, and decentralized intrusion detection directly within industrial control devices. The research methodology involved the development of a modular security architecture tested on commercial-grade PLCs and IoT gateways, utilizing communication protocols such as Modbus/TCP, OPC UA, MQTT, and Profinet. Lightweight encryption algorithms, including SPECK, LEA, and ChaCha20, were implemented alongside elliptic curve-based authentication schemes to assess their latency, throughput, and system resource impact. Additionally, hybrid intrusion detection models—combining statistical baselining and anomaly detection—were deployed locally on embedded nodes to monitor network behavior in real time. The findings demonstrate that full-spectrum security can be achieved in embedded systems without disrupting deterministic control cycles. Encryption tasks remained within sub-millisecond boundaries, mutual authentication completed with minimal handshake delay, and intrusion detection maintained over 94% accuracy with low false positives. Resource utilization across CPU, memory, and power remained within device tolerances, and the architecture sustained operational stability during prolonged testing. The study confirms that embedded cybersecurity, when implemented with algorithmic efficiency and system-aware scheduling, can coexist with mission-critical automation processes. This work challenges the conventional reliance on perimeter defenses and post-factum monitoring, offering instead a secure-by-design approach that integrates security functions natively within embedded industrial systems. The proposed framework supports scalable deployment, protocol interoperability, and long-term resilience, advancing the field toward real-time, embedded protection for critical infrastructure environments.