One of the main concerns about implementing networked automation systems is ensuring its security against cyber attacks. In this paper, we consider networked automation systems abstracted as Discrete-Event Systems (DES), and consider cyber attacks where a malicious agent eavesdrops a network communication channel with the objective to gather information about the system behavior. It is important to remark that network security strategies used in Information Technology (IT) cannot be straightforwardly used in industrial networks, since the control of automation systems usually requires small communication delays, which limits the size of the data that can be transmitted in the communication network. In this paper, we introduce a new cryptographic scheme based on events, called event-based cryptography, where an event is defined as any change in the binary signals transmitted in the channel. We also present a necessary and sufficient condition that the event-based encryption function must satisfy to be used in the cryptographic scheme proposed in this paper, and present a class of encryption functions that can be modeled by Mealy automata. We also present procedures for the implementation of the event-based encryption function, and illustrate all results with a practical example.
