Challenges and prospects of communication security in real-time ethernet automation systems

Thomas Muller, Andreas Walz, Manuel Kiefer, H. D. Doran, A. Sikora
{"title":"Challenges and prospects of communication security in real-time ethernet automation systems","authors":"Thomas Muller, Andreas Walz, Manuel Kiefer, H. D. Doran, A. Sikora","doi":"10.1109/WFCS.2018.8402338","DOIUrl":null,"url":null,"abstract":"Real-Time Ethernet has become the major communication technology for modern automation and industrial control systems. On the one hand, this trend increases the need for an automation-friendly security solution, as such networks can no longer be considered sufficiently isolated. On the other hand, it shows that, despite diverging requirements, the domain of Operational Technology (OT) can derive advantage from high-volume technology of the Information Technology (IT) domain. Based on these two sides of the same coin, we study the challenges and prospects of approaches to communication security in real-time Ethernet automation systems. In order to capitalize the expertise aggregated in decades of research and development, we put a special focus on the reuse of well-established security technology from the IT domain. We argue that enhancing such technology to become automation-friendly is likely to result in more robust and secure designs than greenfield designs. Because of its widespread deployment and the (to this date) nonexistence of a consistent security architecture, we use PROFINET as a showcase of our considerations. Security requirements for this technology are defined and different well-known solutions are examined according their suitability for PROFINET. Based on these findings, we elaborate the necessary adaptions for the deployment on PROFINET.","PeriodicalId":350991,"journal":{"name":"2018 14th IEEE International Workshop on Factory Communication Systems (WFCS)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 14th IEEE International Workshop on Factory Communication Systems (WFCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WFCS.2018.8402338","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15

Abstract

Real-Time Ethernet has become the major communication technology for modern automation and industrial control systems. On the one hand, this trend increases the need for an automation-friendly security solution, as such networks can no longer be considered sufficiently isolated. On the other hand, it shows that, despite diverging requirements, the domain of Operational Technology (OT) can derive advantage from high-volume technology of the Information Technology (IT) domain. Based on these two sides of the same coin, we study the challenges and prospects of approaches to communication security in real-time Ethernet automation systems. In order to capitalize the expertise aggregated in decades of research and development, we put a special focus on the reuse of well-established security technology from the IT domain. We argue that enhancing such technology to become automation-friendly is likely to result in more robust and secure designs than greenfield designs. Because of its widespread deployment and the (to this date) nonexistence of a consistent security architecture, we use PROFINET as a showcase of our considerations. Security requirements for this technology are defined and different well-known solutions are examined according their suitability for PROFINET. Based on these findings, we elaborate the necessary adaptions for the deployment on PROFINET.
实时以太网自动化系统通信安全的挑战与展望
实时以太网已成为现代自动化和工业控制系统的主要通信技术。一方面,这种趋势增加了对自动化友好的安全解决方案的需求,因为这样的网络不能再被认为是充分隔离的。另一方面,它表明,尽管需求不同,操作技术(OT)领域可以从信息技术(it)领域的大容量技术中获得优势。基于这两个方面,我们研究了实时以太网自动化系统中通信安全方法的挑战和前景。为了充分利用在数十年的研究和开发中积累的专业知识,我们特别关注IT领域中成熟的安全技术的重用。我们认为,增强这种技术,使其成为自动化友好型,可能会产生比绿地设计更健壮、更安全的设计。由于它的广泛部署和(到目前为止)不存在一致的安全体系结构,我们使用PROFINET作为我们考虑事项的展示。定义了该技术的安全需求,并根据不同的知名解决方案对PROFINET的适用性进行了检查。基于这些发现,我们详细阐述了在PROFINET上部署所需的调整。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信