Secure Industrial Control Utilizing High Speed Ethernet Networks and Web Management GarrettCom, Inc. 47823 Westinghouse Drive Fremont, CA 94539 PH: (510) 438-9071 FAX: (510) 438-9072 www.GarrettCom.
INTRODUCTION This paper explores the state of network security options today at the Ethernet switch level and offers an elementary roadmap for industrial operations to plan for and deploy secure communications systems. Industrial systems need to take advantage of the advanced networking technologies that can support greater efficiency, reliability, and security in plant and remote operations.
More and more industrial sites are taking advantage of Ethernet as a mature, end-to-end, standardsbased networking, communications and data transmission protocol because it offers convenience and efficiency that bring higher performance and lower cost. In addition, the standards that are in place support interoperability among many competing equipment vendors as well as world-wide interconnectivity.
As Ethernet has expanded into outlying industrial facilities, two types of network structures emerge: Local and Remote. The Local Ethernet structure is within the walls of a single facility which can be closely watched, with the only serious security risk being from disgruntled employees or persons who have penetrated the physical security of the plant. Access to data running across this type of Local Ethernet network can be protected by segregating it with VLANs (Virtual Local Area Networks).
be properly addressed, the benefits of controlling the functioning of equipment in remote locations such as power substations, and linking outlying facilities such as aircraft maintenance hubs and other far-flung industrial applications. Web access provides very significant efficiency improvements and cost-savings, but this is also the area of greatest threat since the whole world has access to the Internet.
(TLS). These features allow an Ethernet switch to handle HyperText Transfer Protocol Secure (HTTPS), the highest level of Web access security available. Other security strategies available to Ethernet equipment include port security, remote Telnet access security, password protection and remote unit cut-off protection. Appendix B offers a brief primer on the components of some of the most well-known security standards.
Ethernet switch level, assisting readers in appreciating the multiple levels of industrial network security and the overall complexity required to achieve a highly secure distributed communications system. REFERENCES Bond, Andrew, “Security Could Put Process Control Under IT”, ControlGlobal.com, The Online Resource of Control Magazine, April 11, 2005, http://www.controlglobal.com/articles/2005/293.html. Byres, Eric, “Security Technologies for Manufacturing and Control Systems”, ANSI/ISA-TR99.00.
APPENDIX A BRIEF OVERVIEW OF SP99 AND PCSRF At the vanguard of developing security guidelines for industrial control systems are the Instrumentation, Systems, and Automation Society (ISA) and the National Institute of Standards and Technology (NIST). ISA, through its SP99 committee, has published two technical reports on manufacturing and control systems security that address the growing threats to industrial system security.
• security vulnerabilities addressed by this technology; • typical deployment; • known issues and weaknesses; • assessment of use in the manufacturing and control system environment. In addition it discusses anticipated future directions, offers recommendations and guidance, and points the reader to information sources and reference material.
APPENDIX B SECURITY STANDARDS IN USE IN ETHERNET INSTALLATIONS The protocols and standards listed below are readily available components that can be used to implement secure Ethernet networks in factories, power substations and other industrial sites. SNMP Simple Network Management Protocol, introduced in 1988, is a standard for gathering and managing statistical data about network traffic and the behavior of network components such as switches, hubs, routers and any device which is SNMP enabled.
authorized manager, and that the message was not altered in transit. Note that the shared secret key between sending and receiving parties must be preconfigured by a configuration manager or a network manager, and loaded into the databases of the various SNMP managers and agents. A separate “privacy facility” enables managers and agents to encrypt messages to prevent eavesdropping by third parties. Again, manager entity and agent entity must share a secret key.
TLS – Transport Layer Security TLS is a successor to SSL, using a wider variety of cryptographic algorithms for access security. It is standardized by the Internet Engineering Task Force (IETF). It is a protocol that provides secure communication over a TCP/IP connection such as the Internet. It uses digital certificates for authentication and digital signatures to ensure message integrity, and can use public key cryptography to ensure data privacy.
