Security at the Protocol Level
In this world of Industry 4.0 and the Industrial Internet of Things, digitalization of production processes is mandatory. As digitalization spreads to all levels and applications in manufacturing, IT security gains more importance. Previous security concepts relied primarily on isolating production plants from external users and networks. But in the nowadays connected environment, security strategies must take another approach. PROFIBUS and PROFINET International (PI) considers security a fundamental part of Industry 4.0 and is working towards implementing a state of the art and future proof security strategy to PROFINET.
Up to now, PI offered their security insights for users and operators of industrial networks (particularly those using Ethernet-based PROFINET) in their security guideline. The guideline points out the key aspects for the establishment of a security concept in an industrial environment and provides appropriate recommendations. According to the guideline, a reasonable security strategy would include a multi-layer perimeter that includes, firewalls, physical security, password protection, network segmentation, etc.
Several enterprises and organizations have adopted PI’s defense-in-depth approach to security. Nevertheless, increasing Industry 4.0 requirements will entail more robust measures. With this in mind, PI has decided to expand the security concept to the protocol level for PROFINET.
The following list includes the general security objectives for automation systems:
- Integrity: Message packets must not be falsified. Message falsification could lead to the unintentional activation of actuators or the recording of incorrect measured values.
- Confidentiality: The security objective “confidentiality of IO data” is fulfilled when no conclusions can be drawn with regard to company secrets.
- Availability: There are generally high to very high availability requirements, especially for critical infrastructures.
- Authenticity: Data can be uniquely assigned to its source. The components must “identify” themselves for this purpose and have a counterfeit-proof digital identity.
- Authorization: Usage control ensures that only authorized users can intervene in the automation system.
- Non-repudiation: It refers to installations that require traceability of user intervention. For example, traceability required in the pharmaceutical industry.
Currently, PI is working on identifying solution measures to fulfill the objectives above. A subset of such measures will be taken care through changes or additions to the PROFINET protocol, and possibly to communication-relevant hardware as well.
Challenges and Resources
PROFINET is the most widely used industrial Ethernet worldwide, with over 26 million installed nodes. It is a mature technology with a proven ability to transmit real-time data for factory, process, and motion control applications. Adding security into the protocol level of PROFINET is not trivial. Some key capabilities must remain untouched, such as real-time properties, ease of use, coexistence with existing installations, and serviceability. Last month PI published a white paper: Security Extensions for PROFINET. The document has started the conversation between PROFINET users, integrators, and manufacturers to develop a viable security concept for industrial communication with PROFINET. The white paper is available for download at the profibus.com website. Feel free to download it and join the conversation!