6.1 Introduction

Cyber-physical systems (CPSs) can be found at the core of critical infrastructures and industrial control systems, such as electric power grid, healthcare and medical devices, automotive systems, and manned and unmanned aerial vehicles. A CPS includes both computation and networking components, which are vulnerable to many threats and attacks such as virus and denial-of-service (DoS) attacks. Without security mechanisms, cybercriminals can take over a CPS easily and turn the CPS into a botnet. As wireless technologies are widely adopted and integrated into CPSs, cybercriminals can also leverage wireless network vulnerabilities for eavesdropping and injection attacks. In a demonstration in July 2015, two hackers took control of a car remotely and they were able to command the car to do whatever they asked for (Greenberg, 2015). In another incident reported in 2015, the FBI investigated a case of a passenger tweeting a joke about hacking an airplane's in-flight entertainment system (Zetter, 2015). Many CPSs are life-critical systems. Thus, their security is important. Security services such as confidentiality, integrity, authentication, and nonrepudiation are desired to ensure message security. All these security services require corresponding keys established between the communication entities that must exchange data. Thus, key management ...