With the increased desire for secure remote servicing of automation equipment, usage of wireless devices in automation networks, and upcoming Government regulations, it has become important to provide data security services such as confidentiality and authenticity to automation networks on par with IT communication networks.
Cryptography is the science and art for realizing confidential and authentic communications over insecure communications channels, such as the Ethernet or the Internet. Confidentiality is a cryptographic service for ensuring that only a pre-determined set of entities can read a communicated message using a parameter called a key. Authentication is a cryptographic service for verifying that only a pre-determined set of entities could have generated a communicated message with or without the usage of a key. A third aspect of information security is availability, which involves a system guarantee that any authorized entity can access available data on demand and that such an access cannot be prevented or subverted. Higher response rates of computation systems are desirable to mitigate the effects of denial of service attacks.
The communication security mechanisms presently available were developed for data-driven communications, such as those over the Internet, which did not encompass real-time or jitter-sensitivity requirements. Limited, or practically non-existent, security technology currently exists for providing data security to such real time and jitter sensitive automation networks where communication latency is important.
The time elapsed between sending a request by an automation application on an automation network and receiving the corresponding response is called response time. The communications on automation networks have relied on the Ethernet protocol for realizing real-time, low-latency automation communications. The response time for communications on automation networks can be on the order of milliseconds. With unwarranted delays due to the scheduling action of a real time operating system (RTOS) used in a microprocessor implementation of an automation device, the system may not provide hard real time performance as desired for an automation network. Since logical communication security measures involve another sequential process in communication stacks, it can be important to ensure that these sequential processes do not contribute adversely to communication overhead.
Siemens SCALANCE S provides security modules with features to protect traffic, data and network activity amidst a set of programmable logic controllers (PLCs). An exemplary wireless gateway provides secure interaction between several field devices connected by several FIELDBUS, Modbus, DF1, Profibus Decentralized Peripherals (DP), Modbus Transmission Protocol (TCP) and Ethernet TCP/IP networks. Secure login devices have been proposed for device level communication. Another security solution has been proposed to protect systems used in automation from a variety of attacks. These products and solutions do not incorporate features such as broadcast communication or device level redundancy. Further, the implementation of these products does not explicitly call for the use of Field Programmable Gate Arrays (FPGAs) or Application Specific Integrated Circuits (ASICs). Known industrial firewalls (e.g., the Eagle_FW_MM_SCTX firewall) can provide device level redundancy and can be implemented on an FPGA/ASIC platform (e.g., Inominate Mguard Firewall), however, these features are maintained in isolation of other features such as protocol independence.
WO2006074436 discloses a firewall method and apparatus for industrial systems wherein networked devices in an automation setup, connected using a plurality of protocols, interact using a dual packet protocol.
EP1496664 discloses a system, method and security module for securing the access of a user to at least one automation component of an automation system, wherein a safety device is proposed which is placed within an automation network to provide security to the components interconnected via the network. In EP1496664, the safety device appears to be restricting access to the devices using pre-defined access control rules, implemented in the safety device.
US2007006292 discloses a method and system for transparent transmission of data traffic between data processing devices, a corresponding computer program product, and a corresponding computer-readable storage medium wherein a system implemented as either a firewall or a proxy is used to provide security within an automation network. This patent proposes the insertion of a computer as a conduit for delivering data between interconnected components, the system being the only security device.