I. Introduction
As The third wave of the world's information industry after computers and the internet, industrial Internet of Things (IIoT) can empower many industrial sectors to be smart, autonomous, efficient, and safe by using massive sensors and actuators [1]. As IIoT has been widely used in urban critical infrastructure [2]–[4], such as, water or natural gas networks, smart grids, and transportation systems, it is crucial to protect the security of IIoT [5], [6]. However, due to the complex and heterogeneous topology, and massive nodes with huge differences in capabilities (e.g., computing power, storage capacity, and energy), the industrial networks are vulnerable to many attacks, such as, node impersonation [7], [8], message tampering [9], and information eavesdropping [10].