March 1, 2005
A brand new guideline has been published by PROFIBUS International (pi), providing an introduction to network security and describing a ‘Security Concept’ for modern automation networks.
This Guideline is available free to members, from www.profibus.com. Non-members may purchase it from their local PROFIBUS Organization or the PROFIBUS International Support Center (Order No.: 7.002, Language: English).
What’s the rationale?
Automation systems have moved rapidly towards highly interconnected applications employing widely-used technology such as MS Windows and TCP/IP. Furthermore, today’s systems are being increasingly integrated with enterprise systems and other business applications. This means new security requirements have to be considered. PI’s Industrial Security Guideline starts with a general introduction on automation and security in general. Automation systems are far from being ordinary IT systems; there are fundamental differences. An outline of the ISA’s efforts in this field is also included.
The major part covers security requirements and a corresponding Security Concept as developed by the PI working group ‘PROFINET Security’ (TC3/WG18). A short analysis then shows the extent to which the PROFINET Security Concept meets security requirements. Finally, an outline for implementing the PROFINET Security Concept rounds up the guideline.