Implementation of SIMON and SPECK Lightweight
Block Ciphers on Programmable Logic Controllers
Adrian-Vasile Duka
Department of Electrical Engineering and Computer Science
“Petru Maior” University of Tı̂rgu Mureş, Romania
1 N.Iorga St. Tı̂rgu Mureş, Mureş, Romania 540088
Email:
[email protected]
Email:
[email protected]
Abstract—Programmable Logic Controllers (PLCs) are the
key components of SCADA systems, controlling different in-
dustrial processes, while handling the communication with
other systems via different communication protocols, which are
subject to security attacks. The introduction of cryptography at
the PLC’s application level could represent a first step in pro-
viding the needed security for such systems. However, despite
the recent technological progress, PLCs are still quite limited
equipment in terms of processing performance, when compared
to other computing systems (e.g., PCs). Consequently, running
the traditional cryptographic algorithms at PLC level is time
consuming and requires a lot of resources. In this context,
the implementation of the recent lightweight cryptographic
algorithms may provide more feasible solutions. This paper
presents the PLC implementation aspects and the results for
the SIMON and SPECK families of cryptographic algorithms,
as tested on Phoenix Contact’s ILC 350 PN controller.
I. I NTRODUCTION
The technological progress of recent years has made it
possible for more Information and Communication Tech-
nology (ICT) equipment to be introduced in industrial con-
trol systems. The fourth industrial revolution, also known
as Industry 4.0, brings innovative and cost-efficient solu-
tions, while imposing dramatic changes in the traditional
technologies and infrastructures. Essentially, these systems
are industrial cyber-physical production systems [1] (also
associated more recently to the Industrial Internet of Things
[2]) where the massive proliferation of ICT enabled the
development of innovative applications and services, new
technologies and advanced features, increased operational
benefits, while reducing the costs of installations.
While this technological shift greatly improves the moni-
toring and data acquisition capabilities of Supervisory Con-
trol and Data Acquisition (SCADA) systems, it also raises
serious concerns regarding their exposure to cyber attacks
[3]–[5]. Programmable Logic Controllers (PLCs) are key
components of SCADA systems. They are very capable of
controlling a large variety of industrial systems, being vir-
tually present in every branch of industry, but their security
features, which until now were almost non-existent, are just
starting to be addressed by the major producers. Since the
life expectancy of the already installed PLCs continues to
c
978-1-5090-5835-8/17/$31.00
2017 IEEE issuing commands to the actuators. These controllers also
Béla Genge
Department of Informatics
“Petru Maior” University of Tı̂rgu Mureş, Romania
1 N.Iorga St. Tı̂rgu Mureş, Mureş, Romania 540088
extend over the next years, adding security features to those
systems should be a major concern [6]–[9].
The introduction of cryptography at the PLC’s application
level could represent a first step in providing the needed
security for such systems. Furthermore, the recent devel-
opments in the field [10], [11] open the possibility for
the implementation of cryptography on different equipment
with low computing resources. This paper presents the
implementation issues of the SIMON and SPECK fam-
ily of lightweight block ciphers in PLC applications. It
shows that, while the two block ciphers exhibit high per-
formances and can represent significant candidates for en-
forcing application-layer security properties, designers need
to carefully analyse the underlying hardware architecture
and in particular the supported data types. While these can
have a significant impact on the application performance,
the large number of SIMON and SPECK variants ensure
that sufficient options are available for many applications
and scenarios. A Phoenix Contact ILC 350-PN controller is
used as a testbed for the implementation and results.
The remainder of the paper is organized as follows:
Section 2 contains a brief overview of the related work
on the topic; Section 3 highlights the PLC implementation
aspects of SIMON and SPECK cryptographic algorithms;
Section 4 presents the time results for the execution of the
algorithms on the specified platform, while in Section 5 the
conclusions of this work are formulated.
II. BACKGROUND AND R ELATED W ORK
A. Architectural Overview of SCADA Systems
The architecture of modern SCADA systems is structured
on two distinct layers: the physical layer and the cyber
layer. The physical layer encompasses sensors, actuators,
and hardware that, physically needed to control the system,
while the cyber layer encompasses all the ICT hardware
and software needed to monitor the physical process and to
implement complex control loops. From an operational point
of view, industrial controllers (e.g., Programmable Logical
Controllers PLCs, and Remote Terminal Units RTUs), read
data from sensors and produce the local control strategy by

SCADA server Engineering
station Power Line-based
Communications
Process network
SCADA server
Maintenance
server
Domain Communications
controller Routers
HMI
Fig. 1. Example architecture of a SCADA system.
forward data to the SCADA servers and eventually execute
the remote commands they receive.
In modern industrial installations, the communication
between SCADA servers and PLCs is usually implemented
in two ways: (i) through an Object Linking and Embed-
ding (OLE) for Process Control (OPC) layer that helps
map the PLC devices, program, and monitor the hardware
controllers; and/or (ii) through a direct memory mapping
notation, which makes use of SCADA communications pro-
tocols such as Modbus and DNP3. An example architecture
of a SCADA system is shown in Fig. 1.
B. Related Studies
The widely accepted cryptographic standards such as the
Advanced Encryption Standard (AES) have been widely
adopted and implemented in various scenarios. Nowadays,
we find that AES is the “de facto” symmetric cryptographic
system powering the services of our modern society, sup-
ported by a plethora of applications. Despite its popularity,
AES has been found to lack the needed flexibility to be used
by devices with constrained computational resources [12].
To cope with this issue, a significant effort towards the
development of new block ciphers was made. To this end,
a notable initiative was promoted by the National Security
Agency and in 2013 an announcement was made on the
development of a new set of lightweight block ciphers:
the SIMON and SPECK family of ciphers [10], [11], [13].
Compared to AES, the newly developed ciphers support
many different block sizes of 32, 48, 64, 96 and 128 bit block
sizes, and 64, 72, 96, 128, 192, and 256 bit key sizes. They
are based on simple arithmetic computations, which make
them feasible for integration in low-power devices (e.g., the
IoT, industrial systems).
Given their promising performances, there have been
several studies which discuss the implementation of SIMON
and SPECK in different hardware/software environments. In
[14], Buhrow et al. tested the effectiveness of the SPECK
lightweight block cipher on a MSP430 device. A com-
prehensive analysis was provided on different block and
Cyber Layer Physical Layer
PLC PLC
Telephone
Leased Line or Control network
PLC
Generation Transmission
Radio Modem
Microwave or
Cellular
WAN Card
Satellite
PLC
Wide Area Control network
Network Customer Distribution
PLC PLC
key size variants. Manifas et al. confirmed in [15] the
appropriateness of SPECK and SIMON for use in embedded
systems. The use of an ARM-NEON system to further
enhance the performance of these block ciphers was proven
to be highly effective in [16]. The two ciphers have been
shown to be applicable in 8-bit CPUs as well [11].
Nonetheless, despite the previous efforts, to the best of
our knowledge, this is the first attempt to implement the two
lightweight block ciphers in PLC applications. The research
presented in this paper can be used to further enhance the
security of SCADA applications, and most importantly, to
deliver effective end-to-end data protection strategies.
III. PLC I MPLEMENTATION OF SIMON AND SPECK
A. Brief overview of SIMON and SPECK
Each encryption algorithm in the SIMON and SPECK
cipher families processes blocks of data, representing keys
and plaintext, organized as n-bit words. Depending on the
algorithm, n is required to be {16, 24, 32, 48, 64} bit long,
while the key has a length of m-words. The available values
for m are {2, 3, 4} and depend on the encryption algorithm
variant. For example, SIMON 64/128 encrypts a 64-bit long
plaintext (x, y), organized as two n=32-bit words, using a
128-bit key k = (k[3], k[2], k[1], k[0]) organized as m=4
x n=32-bit words. In the case of SPECK 64/128, the two
32-bit words representing the plaintext (x, y) are encrypted
using the four 32-bit word key k, initially organized as: k =
(l[2], l[1], l[0], k[0]).
The full encryption process of the SIMON and SPECK
algorithms consists of two separate iterative components: the
key expansion and the encryption, both of which require sev-
eral rounds (T ) to complete, and make use of the following
operations performed on n-bit words:
• Bitwise XOR (⊕);
• Bitwise AND (&);
• Left and right circular shift (ROLj / RORj ) by a
specified number of bits j;
• Modulo 2n addition (ADD M OD 2n ).
 The key expansion components of the algorithms extend The PLC natively supports 8, 16 and 32-bit size data
the initial m key words k[i], where i = 0, m − 1, to a types, named BYTE, WORD and DWORD, as part of the IEC-
number of T key words k[i], where i = 0, T − 1, which are 61131-3 elementary data types, as well as user defined data
then used one by one during each round of the encryption types which can be derived of these in the form of structures
process. and arrays [17]. The PLC can also perform the operations
The general structure of SIMON and SPECK encryption specified above up to a data size of n=8, 16 or 32 bits. For
algorithms is shown in Fig. 2 and Fig. 3, while the PLC the other cases: n=24, 48, 64 user defined data types are
implementation aspects of the necessary operations is de- necessary and the left/right rotation as well as the modulo
scribed next. Further details regarding the two algorithms 2n addition need special attention.
are available in [10], [11], [13]. Considering the available PLC data types, in order to
implement the 24-bit word organization required by SI-
for i=m to T-1 for i=0 to T-1 MON48/72, SIMON48/96, SPECK48/72 and SPECK48/96
a 3-BYTE structure was implemented to store the informa-
tmpĸx
tion and all the necessary operations were tailored to it. The
tmpĸROR3(k[i-1])
same procedure was applied for n=48, where a 3-WORD
no
structure was implemented and for n=64 which needed a
m=4? tmp2ĸROL1(x) & ROL8(x)
yes
structure containing two DWORD type elements.
This data organization resulted as the most obvious way to
tmpĸtmp k[i-3] tmp2ĸy tmp2 correlate the compatible PLC data types, with the PLC data
to be encrypted and the n-bit word organization required
tmp2ĸtmp2 ROL2(x) by the algorithms. This way, the messages which are to be
tmpĸtmp ROR1(tmp)
encrypted and the keys needed for this process would be
xĸtmp2 k[i] encoded using data types of the same size (either BYTE,
tmpĸtmp NOT(k[i-m])
WORD or DWORD), which would eventually lead to an easier
yĸtmp
integration of the proposed implementation in PLC projects.
tmpĸtmp BIT_TESTb(z) Since these cryptographic algorithms are intended for
use in industrial control applications, as an extension to
k[i]ĸtmp 3 the control logic implemented by the PLC, and should
a. b. provide the protection of SCADA networks communication,
a decrease in execution time was a major concern. This
Fig. 2. SIMON key expansion (a); encryption (b) lead to a second approach regarding the word organization
of the cryptographic algorithms, which mixed the basic
PLC data types as follows: for n=24 a DWORD was used
for i=0 to T-2 for i=0 to T-1 having the most significant byte (bits 31÷24) equal to 0; for
n=48 a structure with two elements was used to encode the
tmpĸROR (l[i]) tmpĸROR (x) necessary 48 bits. This structure was made of one DWORD
encoding bits 47÷16 and one WORD encoding bits 15÷0.
tmpĸADD_MOD_2n(k[i], tmp) tmpĸADD_MOD_2n(tmp, y)
The two choices specifying the PLC data organization
with respect to the different variants of SIMON and SPECK
cryptographic algorithms families are shown in Table I.
l[i+m-1]ĸtmp i xĸtmp k[i]
Since the elements of such a structure define a sequence
of n bits, the left circular shift operation (ROLj ) applied
k[i+1]ĸROL (k[i]) l[i+m-1] yĸROL (y) x on the n-bit sequence consists of rearranging the bits of
a. b. each element in the structure, by moving the final j-bit
entry of an element to the first position of the next element,
Fig. 3. SPECK key expansion (a); encryption (b)
while shifting all other bits to the next position. The inverse
operation describes the right circular shift (RORj ). This can
B. PLC Implementation Aspects be done by individually rotating, with the specified number
Our test infrastructure consisted of the Integrated Logical of bits, each element of the considered structure. Then, by
Controller (ILC) 350 produced by Phoenix Contact. This using bit masks, the bits which need to be moved from one
particular type of controller is frequently used in Romanian element in the sequence to another can be isolated, before
SCADA systems (e.g., gas transportation) due to its high being copied to their final position.
performance and low costs (compared to other controllers). This procedure makes use of basic bit-oriented operations
The PLC runs the ProConOS (Programmable Controller and functions, such as bitwise AND, bitwise OR, left (e.g.
Operating System), and is based on Windows CE technology ROL_BYTE, ROL_WORD, ROL_DWORD) and right rotations
and the .NET 4.2 framework. (e.g. ROR_BYTE, ROR_WORD, ROR_DWORD). These are all
 TABLE I
PLC DATA ORGANIZATION FOR SIMON AND SPECK 2n/mn

Block Key Word Key PLC data v.1 PLC data v.2
size 2n size mn size n words m

32 64 16 4 WORD unchanged
48 72 24 3 TYPE DWORD (bits 31 ÷ 24 = 0)
96 4 BYTE_3:
STRUCT
upper_byte : BYTE;
middle_byte : BYTE;
lower_byte : BYTE;
END_STRUCT;
END_TYPE
64 96 32 3 DWORD unchanged
128 4
96 96 48 2 TYPE TYPE
144 3 WORD_3: WORD_48:
STRUCT STRUCT
upper_word : WORD; upper_dword : DWORD;
middle_word : WORD; lower_word : WORD;
lower_word : WORD; END_STRUCT;
END_STRUCT; END_TYPE
END_TYPE
128 128 64 2 TYPE unchanged
192 3 DWORD_2:
256 4 STRUCT
upper_dword : DWORD;
lower_dword : DWORD;
END_STRUCT;
END_TYPE

available for the given PLC as part of the IEC-61131-3
programming languages, and can be applied on the data size
used by the individual elements of the used structures.
Fig. 4 shows the right circular shift operation by a number
of 3 bits (ROR3 ) as implemented on a block size of 24
bits (n=24), organized on the PLC as a structure with three
elements of type BYTE. The other needed rotations, to the
left or right, with j bits, as demanded by each algorithm,
were implemented in a similar manner.
Another element which had to be addressed by our imple-
mentation was the modulo 2n addition (ADD M OD 2n ).
The PLC is capable of performing unsigned integer addi-
tion with numbers of the same size, which are represented
on either 16 bits (UINT: unsigned int) or 32 bits (UDINT:
unsigned double int). Conversion to these data types is
needed if addition between BYTEs, WORDs or DWORDs is
required.
At first glance, solving the modulo 2n addition problem
of two n-bit sequences requires summing the first elements
of the encoding structures, the detection of the carry out flag
(C) and its addition to the sum of the next elements of the
two structures involved in the operation and so on.
However, for the given PLC, there is no predefined
mechanism of detecting the overflow in the addition of two
variables having the same size. To overcome this problem,
the addition is performed between the corresponding ele-
ments of the structures converted to the closest PLC data
type which enables the detection of the carry flag.
This means that, BYTEs (8-bit) are added as UINTs (16-
bit), the result indicating the state of the carry flag (C = 1
when sum > 255 or C =sum.B8) which is to be added to
the sum of the next pair of BYTEs of the two encoding
structures involved in the addition and so on. Variables
of type WORD (16-bit), are added as UDINTs (32-bit), the
carry out flag being bit 16 of the sum (or C = 1 when
sum > 65535) and the same procedure as above is applied
to the next pair of WORDs to be added. The addition of
DWORD (32-bit) elements, present in the structures encoding
the n=64 bit data blocks, was done by decomposing the
least significant DWORD into two WORDs (DWORD.W1 and
DWORD.W0), which were added as UDINTs with the result-
ing C being added to the sum of the next pair of WORDs
and finally to the sum of the two DWORDs encoding the most
significant bytes in the data block.
To illustrate the PLC implementation aspects of the mod-
ular addition, the case of the modulo-224 addition, applied
using the 3-BYTE structures, is used as showcase in Fig. 5.
The second choice with respect to the data organization
used on the PLC (see Table I) faces the same problems in
solving the rotations or the modulo 2n addition. A similar
approach to the one described above was used.
It should be noted that for the case of SIMON and
SPECK 48/72 and 48/96 the rotations are more easily im-
plemented by making use of ROR_DWORD or ROL_DWORD
and then copying the necessary bits to the required positions.
Also, the modular addition is performed by adding the
 BYTE
7 0
b23 b22 b21 b20 b19 b18 b17 b16
b18 b17 b16 b23 b22 b21 b20 b19
b 2 b 1 b 0 b 23 b 22 b 21 b 20 b 19
Fig. 4. Right rotation with 3 bits of a block of 24 bits (n=24)
UINT
15 0 15
BYTE(b23:b16)
BYTE(b23:b16)
C C
C BYTE
BYTE
Fig. 5. Modulo-224 addition, as implemented on the PLC
two DWORDs as UDINTs and converting the result back
to DWORD. In the case of SIMON and SPECK 96/96
and 96/144 the same procedures, as described above, were
tailored to suit the data stored in the structures.
As a result, the new data organization reduces the number
of operations needed to implement the rotations and the
additions, thus reducing the execution time of the algorithms.
The key expansion component of the SIMON algorithms,
requires a predefined constant bit sequence z, of which
round by round one bit is extracted and introduced, by means
of XOR operation, in the computation of the keys (see the
operation denoted by BIT T ESTb (z) in Fig. 2.a). The size
and the bit sequence of this constant depend on the SIMON
algorithm and on the number of rounds it uses, and varies
between 28 and 68 bits [10]. The necessary bit sequence
can be stored using at most two DWORDs and one BYTE, or
less, depending on the algorithm. Access to the bit needed
in the computation of the keys is done by identifying its
position inside the variable which stores it and using the
PLCs predefined BIT_TEST function to return it.
IV. E XPERIMENTAL RESULTS
The PLC used to support the implementation of SI-
MON and SPECK families of cryptographic algorithms is
a product of Phoenix Contact, model ILC 350 PN, and
is programmable according to IEC 61131 using the PC
WorX automation software (version 5 or later) [18]. The
measurable time base of the controller is of 1ms and is
provided by the so-called “system tick”. Since our initial
tests showed that the algorithms executed in less than
1ms, the following tests considered multiple calls on each
algorithm. The total execution time for each set of calls was
estimated by recording the number of elapsed ticks. Each
BYTE BYTE
7 0 7 0
b 15 b 14 b 13 b 12 b 11 b 10 b 9 b 8 b7 b6 b5 b4 b3 b2 b1 b0
b 10 b 9 b 8 b 15 b 14 b 13 b 12 b 11 b2 b1 b0 b7 b6 b5 b4 b3
b18 b17 b16 b15 b14 b13 b12 b11 b10 b9 b8 b7 b6 b5 b4 b3
UINT UINT
0 15 0
+ BYTE(b15:b8) + BYTE(b7:b0) +
BYTE(b15:b8) BYTE(b7:b0)
C BYTE C BYTE
BYTE BYTE
result
of the 20 different algorithms was implemented as a distinct
PLC program and was allocated to the default task of the
PLC. This task had a watchdog timer set at 500ms, which,
as the results show, was never triggered.
The execution time for a given algorithm was determined
by considering 1000 calls for each of the two components
(key expansion and encryption) of the algorithm. Different
input data (key k, plaintext (x, y)) was considered on each
call for both components. The execution time was assessed
considering the two choices for data organization, discussed
in Section 3 and presented in Table I.
Table II shows the execution time of SIMON and SPECK
cryptographic algorithms as resulted from their implementa-
tion on Phoenix Contact’s ILC 350 PN programmable logic
controller.
The results in Table II clearly show that the availability
of proper PLC data types, which are able to accommodate
as simply as possible the block size of the given algorithm
variant, as well as the existence of predefined functions for
the necessary operations, has a major influence on the com-
putation time of the algorithms. Even under these conditions,
the low execution times, correlated with the process time
constants of industrial control applications, which most of
the time extend well beyond 1ms, makes these algorithms
good candidates to be used as extensions of the control logic
implemented by the PLC, thus assuring a first step towards
securing the incoming/outgoing communications.
V. C ONCLUSION
We presented an implementation of the SPECK and
SIMON family of lightweight block ciphers on a Pro-
grammable Logical Controller (PLC) used in industrial
automation systems. The implementations turned out to be
 TABLE II
E XECUTION TIME OF SIMON AND SPECK CRYPTOGRAPHIC ALGORITHMS

PLC data v.1 PLC data v.2

Algorithm
Key expansion time[ms] Encryption time[ms] Key expansion time[ms] Encryption time[ms]
block size/key size
Total time Time/call Total time Time/call Total time Time/call Total time Time/call
SIMON32/64 32 0.032 34 0.034 - - - -
SIMON48/72 128 0.128 140 0.140 54 0.054 68 0.068
SIMON48/96 122 0.122 139 0.139 53 0.053 68 0.068
SIMON64/96 41 0.041 42 0.042 - - - -
SIMON64/128 45 0.045 44 0.044 - - - -
SIMON96/96 196 0.196 254 0.254 153 0.153 197 0.197
SIMON96/144 200 0.2 263 0.263 157 0.157 205 0.205
SIMON128/128 214 0.214 252 0.252 - - - -
SIMON128/192 214 0.214 257 0.257 - - - -
SIMON128/256 231 0.231 268 0.268 - - - -
SPECK32/64 21 0.021 17 0.017 - - - -
SPECK48/72 83 0.083 76 0.076 33 0.033 27 0.027
SPECK48/96 86 0.086 79 0.079 35 0.035 29 0.029
SPECK64/96 23 0.023 19 0.019 - - - -
SPECK64/128 25 0.025 20 0.02 - - - -
SPECK96/96 136 0.136 127 0.127 101 0.101 92 0.082
SPECK96/144 140 0.14 131 0.131 105 0.105 95 0.095
SPECK128/128 123 0.123 110 0.110 - - - -
SPECK128/192 128 0.128 114 0.114 - - - -
SPECK128/256 132 0.132 117 0.117 - - - -

data type-specific, a fact that was also confirmed by the
experimental results. It was demonstrated that the avail-
ability of the appropriate data type significantly affects the
execution time of both ciphers. Therefore, while the analysed
block ciphers can indeed be used in the application of PLCs,
the choice in the block and key size needs to be carefully
analysed according to the supported data types.
ACKNOWLEDGMENT
This work was supported by a grant of the Romanian
National Authority for Scientific Research and Innovation,
CNCS/CCCDI-UEFISCDI, project number PN-III-P2-2.1-
BG-2016-0013, within PNCDI III.
R EFERENCES
[1] R. Drath and A. Horch, “Industrie 4.0: Hit or hype? [industry forum],”
IEEE Industrial Electronics Magazine, vol. 8, no. 2, pp. 56–58, June
2014.
[2] L. D. Xu, W. He, and S. Li, “Internet of things in industries: A
survey,” IEEE Transactions on Industrial Informatics, vol. 10, no. 4,
pp. 2233–2243, Nov 2014.
[3] M. Hagerott, “Stuxnet and the vital role of critical infrastructure oper-
ators and engineers,” International Journal of Critical Infrastructure
Protection, vol. 7, no. 4, pp. 244 – 246, 2014.
[4] D. Goodin, “First known hacker-caused power outage signals
troubling escalation,” http://arstechnica.com/security/2016/01/first-
known-hacker-caused-power-outage-signals-troubling-escalation/,
2016, [accessed January 2016].
[5] G. Liang, S. R. Weller, J. Zhao, F. Luo, and Z. Y. Dong, “The 2015
ukraine blackout: Implications for false data injection attacks,” IEEE
Transactions on Power Systems, vol. PP, no. 99, pp. 1–1, 2016.
[6] B. Genge, P. Haller, C. D. Dumitru, and C. Enachescu, “Designing
optimal and resilient intrusion detection architectures for smart grids,”
IEEE Transactions on Smart Grid, vol. PP, no. 99, pp. 1–1, 2017.
[7] B. Genge, P. Haller, and I. Kiss, “Cyber-security-aware network
design of industrial control systems,” IEEE Systems Journal, vol. PP,
no. 99, pp. 1–12, 2015.
[8] B. Genge, F. Graur, and P. Haller, “Experimental assessment
of network design approaches for protecting industrial control
systems,” International Journal of Critical Infrastructure
Protection, vol. 11, pp. 24 – 38, 2015. [Online]. Available:
http://www.sciencedirect.com/science/article/pii/S1874548215000463
[9] B. Genge, P. Haller, and I. Kiss, “A framework for designing
resilient distributed intrusion detection systems for critical
infrastructures,” International Journal of Critical Infrastructure
Protection, vol. 15, pp. 3 – 11, 2016. [Online]. Available:
http://www.sciencedirect.com/science/article/pii/S1874548216300816
[10] R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks,
and L. Wingers, “The simon and speck families of lightweight
block ciphers,” Cryptology ePrint Archive, Report 2013/404, 2013,
http://eprint.iacr.org/2013/404.
[11] R. Beaulieu, S. Treatman-Clark, D. Shors, B. Weeks, J. Smith, and
L. Wingers, “The simon and speck lightweight block ciphers,” in 2015
52nd ACM/EDAC/IEEE Design Automation Conference (DAC), June
2015, pp. 1–6.
[12] R. Nithya and D. S. Kumar, “Where {AES} is for internet, {SIMON}
could be for iot,” Procedia Technology, vol. 25, pp. 302 – 309,
2016, 1st Global Colloquium on Recent Advancements and Effectual
Researches in Engineering, Science and Technology - {RAEREST}
2016 on April 22nd-23rd April 2016. [Online]. Available:
//www.sciencedirect.com/science/article/pii/S2212017316304583
[13] R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks,
and L. Wingers, “Simon and speck: Block ciphers for the inter-
net of things,” Cryptology ePrint Archive, Report 2015/585, 2015,
http://eprint.iacr.org/2015/585.
[14] B. Buhrow, P. Riemer, M. Shea, B. Gilbert, and E. Daniel, Block
Cipher Speed and Energy Efficiency Records on the MSP430: Sys-
tem Design Trade-Offs for 16-Bit Embedded Applications. Cham:
Springer International Publishing, 2015, pp. 104–123.
[15] C. Manifavas, G. Hatzivasilis, K. Fysarakis, and K. Rantos,
Lightweight Cryptography for Embedded Systems – A Comparative
Analysis. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014, pp.
333–349.
[16] T. Park, H. Seo, and H. Kim, “Parallel implementations of simon and
speck,” in 2016 International Conference on Platform Technology and
Service (PlatCon), Feb 2016, pp. 1–6.
[17] K.-H. John and M. Tiegelkamp, Variables, Data Types and Common
Elements. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp.
67–97.
[18] P. Contact, “User manual. installing and operating the ilc 330 and ilc
350 inline controllers,” Phoenix Contact Manual, 2014.