Refine
Year of publication
- 2023 (3) (remove)
Document Type
- Conference Proceeding (3) (remove)
Language
- English (3)
Has Fulltext
- yes (3)
Is part of the Bibliography
- no (3)
Keywords
- PROFINET Security (2)
- PROFInet (2)
- 2D data processing (1)
- Automation (1)
- Data handling (1)
- Datenerfassung (1)
- Digital storage (1)
- Dimension 2 (1)
- Ethernet (1)
- Industrial Security (1)
- Kommunikation (1)
- Kryptologie (1)
- MIMOS II (1)
- Mößbauer-Spektrometer (1)
- OT Security (1)
- Secure communication (1)
- Signal processing (1)
- Signalverarbeitung (1)
- Transmission measurement setup (1)
Institute
- Fakultät I - Elektro- und Informationstechnik (3) (remove)
Operators of production plants are increasingly emphasizing secure communication, including real-time communication, such as PROFINET, within their control systems. This trend is further advanced by standards like IEC 62443, which demand the protection of realtime communication in the field. PROFIBUS and PROFINET International (PI) is working on the specification of the security extensions for PROFINET (“PROFINET Security”), which shall fulfill the requirements of secure communication in the field.
This paper discusses the matter in three parts. First, the roles and responsibilities of the plant owner, the system integrator, and the component provider regarding security, and the basics of the IEC 62443 will be described. Second, a conceptual overview of PROFINET Security, as well as a status update about the PI specification work will be given. Third, the article will describe how PROFINET Security can contribute to the defense-in-depth approach, and what the expected operating environment is. We will evaluate how PROFINET Security contributes to fulfilling the IEC 62443-4-2 standard for automation components.
Two of the authors are members of the PI Working Group CB/PG10 Security.
The miniaturized Mössbauer-spectrometer (MIMOS II), originally devised by Göstar Klingelhöfer, is further developed by the Renz group at the Leibniz University Hanover in cooperation with the Hanover University of Applied Sciences and Arts. A new processing unit with a two-dimensional (2D) data acquisition was developed by M. Jahns. The advantage of this data acquisition is that no thresholds need to be set before the measurement. The energy of each photon is determined and stored with the velocity of the drive. After the measurement, the relevant area can be selected for the Mössbauer spectrum. Now we have expanded the evaluation unit with a power supply for a MIMOS drive and a MIMOS PIN detector. So we have a very compact MIMOS transmissions measurement setup. With this setup it is possible to process the signals of two detectors serially. Currently we are working on a parallel signal processing.
PROFINET Security: A Look on Selected Concepts for Secure Communication in the Automation Domain
(2023)
We provide a brief overview of the cryptographic security extensions for PROFINET, as defined and specified by PROFIBUS & PROFINET International (PI). These come in three hierarchically defined Security Classes, called Security Class 1, 2 and 3. Security Class 1 provides basic security improvements with moderate implementation impact on PROFINET components. Security Classes 2 and 3, in contrast, introduce an integrated cryptographic protection of PROFINET communication. We first highlight and discuss the security features that the PROFINET specification offers for future PROFINET products. Then, as our main focus, we take a closer look at some of the technical challenges that were faced during the conceptualization and design of Security Class 2 and 3 features. In particular, we elaborate on how secure application relations between PROFINET components are established and how a disruption-free availability of a secure communication channel is guaranteed despite the need to refresh cryptographic keys regularly. The authors are members of the PI Working Group CB/PG10 Security.