mdh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Exploring Network Security in PROFIsafe
ABB AB, Corporate Research, Sweden.ORCID iD: 0000-0002-7159-7508
Mälardalen University, School of Innovation, Design and Engineering.ORCID iD: 0000-0002-2419-2735
2009 (English)In: Lecture Notes In Computer Science: Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security, Heidelberg: Springer-Verlag , 2009, p. 67-80Conference paper, Published paper (Refereed)
Abstract [en]

Safety critical systems are used to reduce the probability of failure that could cause danger to person, equipment or environment. The increasing level of vertical and horizontal integration increases the security risks in automation. Since the risk of security attacks can not be treated as negligible anymore, there is a need to investigate possible security attacks on safety critical communication.

In this paper we show that it is possible to attack PROFIsafe and change the safety-related process data without any of the safety measures in the protocol detecting the attack. As a countermeasure to network security attacks, the concept of security modules in combination with PROFIsafe will reduce the risk of security attacks, and is in line with the security concept defense-in-depth.

Place, publisher, year, edition, pages
Heidelberg: Springer-Verlag , 2009. p. 67-80
Series
Lecture Notes In Computer Science, ISSN 0302-9743 ; 5775
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-7332DOI: 10.1007/978-3-642-04468-7_7ISI: 000272105300007Scopus ID: 2-s2.0-70350453950ISBN: 9783642044670 (print)OAI: oai:DiVA.org:mdh-7332DiVA, id: diva2:245919
Conference
28th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2009; Hamburg; Germany; 15 September 2009 through 18 September 2009
Available from: 2009-10-08 Created: 2009-10-08 Last updated: 2018-08-21Bibliographically approved
In thesis
1. On Security in Safety-Critical Process Control
Open this publication in new window or tab >>On Security in Safety-Critical Process Control
2009 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

This Licentiate thesis is about security in automation networks with emphasis on fieldbus communication. In the process industry, network and system security have become even more important since the introduction of Ethernet-based fieldbus protocols. As an example, a successful attack on a power plant, supporting large cities with energy, could result in a temporal but total power loss. Such attacks could be devastating for the society. The security threats are real, and motivations for attacking industrial communication systems may be political or economical.

The visions of autonomous systems, which can be supervised, diagnosed and maintained from remote is not far from reality, but stress the need for security and safety measures. Wired fieldbus protocols are mature when it comes to safety and there are existing standards for safe communication. In a setup like an autonomous system security measures over safe communication has to be taken into account.

The state-of-the-art in automation security is to use firewalls to restrict incoming and outgoing traffic to the networks. Firewalls can be deployed between different automation networks, i.e. server, control, and fieldbus networks, and even protect a single automation cell with a dedicated firewall. If an adversary can penetrate the perimeter defenses, no other security countermeasures exist in process automation to protect the safety-critical communication from sabotage.

In this thesis we initially explore the possibilities of security attacks on the automation protocols PROFINET IO and PROFIsafe. We show that it is possible to attack safety-related communication to take control of safety-critical fieldbus nodes. We propose the concept of Security Modules in combination with PROFINET IO and PROFIsafe to achieve safe and secure real-time fieldbus communication.

Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2009
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 110
National Category
Information Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-7334 (URN)978-91-86135-42-3 (ISBN)
Presentation
2009-11-13, Kappa, Mälardalens högskola, Västerås, 13:15 (English)
Opponent
Supervisors
Available from: 2009-10-14 Created: 2009-10-08 Last updated: 2018-01-13Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Åkerberg, JohanBjörkman, Mats

Search in DiVA

By author/editor
Åkerberg, JohanBjörkman, Mats
By organisation
School of Innovation, Design and Engineering
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 146 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf