Industrial control systems are ubiquitous across myriad industries and have been in operation since the mid twentieth century. Due to the design principles of maximum reliability and 100% availability, many industrial controllers have been in operation since their inception, with moderate changes to infrastructure—in part to avoid lengthy downtime periods associated with overhauling an industrial control system, which would be detrimental to availability. As a consequence, a sizeable portion of the infrastructure related to industrial controllers still in use today is legacy infrastructure, particularly in connection with devices employed in the controlled processes.
With the advent of modern networking technologies, and more affordable computational resources, a renovation of the control industry was expected. Yet, penetration of new technologies into industrial control systems based on legacy devices has turned out to be a slow process, even for those systems that incorporated digital processing technology in the late 1970s and early 1980s. Such slow progress is in part due to the quick obsolescence of relatively modern devices—e.g., devices employing computational resources and digital processing based on technology as recent as that developed in the mid 1990s are largely outperformed by computer technologies only a few years newer. It should also be appreciated that market pressures have also suppressed adoption of new technologies in the realm of automation system and industrial control, as such change of paradigm would result in significant downtime of factories, refineries, power plants, assembly lines, as well as a sizeable investment that could increase production costs and jeopardize positions of economical advantage—a clearly undesirable situation given the highly competitive economy of these days.
As a result, legacy industrial control systems, in particular devices employed in the various controlled processes, lack sufficient computational resources to adapt to new networking protocols and cyber-security aspects such as meaningful encryption. In essence, legacy devices that still offer a high standard of operational reliability fail to offer a level of security that is compatible with modern standards for networked systems. It should be appreciated that many of the security threats that networked system face today were non-existent as recently as the early 1990s.
In addition, security issues surrounding devices that operate within an industrial control system are not the only concerns related to legacy systems. New market aspects, such as globalization and inter-industry collaboration demand appreciable volumes of information that describe each active part of a factory or plant or production system. Such information has become a valuable tool for institutional planning and company development. Moreover, information related to a plant or factory or production line is necessary for better configuration management, better documentation of system architecture, and better contingency planning.
In view of the above, there is need for having a robust system for identification of devices in industrial systems that is compatible with legacy characteristics of devices, and yet affords security features in a networked environment, information mining, as well as contingency planning and organizational modeling.