Proxy-Based Approach for Securing Modbus Communication with Post-quantum Cryptography: A Hydrogen-Based Smart Grid Case Study

The increasing integration of small renewable generation and energy storage plants within electricity systems has increased their vulnerability to cyberattacks, especially as efforts to maintain low operating costs persist. This is particularly critical in smart grids that use hydrogen technologies, where resilience against grid failures is built-in, but security measures are often an afterthought. This paper explores a Public Key Infrastructure (PKI) coupled with Post-Quantum Cryptography (PQC) techniques to secure Industrial Control Systems (ICS) within such smart grids, with a focus on the Modbus protocol. Using a real-world hydrogen production and refueling station as a case study, the proposed solution uses proxies to manage encryption and authentication without replacing legacy devices, ensuring compatibility and minimizing costs. Performance evaluations conducted through testbeds demonstrate the feasibility of the proposed infrastructure. Key findings indicate that, while the introduction of proxies and PQ cryptographic protocols introduces some latency, the overall security benefits justify their implementation. Future work will explore the decentralization of the infrastructure employing a self-sovereign identity model using decentralized identifiers, eliminating the current need to rely on a central Certificate Authority.