https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
On Safe and Secure Communication in Process Automation
Mälardalen University, School of Innovation, Design and Engineering.ORCID iD: 0000-0002-7159-7508
2011 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

In the process industry, network and system security have become important since the introduction of Ethernet-based fieldbus protocols. As an example, a successful attack on a power plant, supporting large cities with energy, could result in a temporal but total power loss. Such attacks could be devastating for the society. The security threats are real, and motivations for attacking industrial communication systems may be political or economical.

The visions of autonomous systems, which can be supervised, diagnosed and maintained from remote is not far from reality, but stress the need for security and safety measures. Wired fieldbus protocols are mature with respect to safety and there are existing standards for safe communication. However, the wired fieldbuses lack adequate security measures to be deployed in industrial automation. In wireless sensor networks security is addressed thoroughly in the standards, but is not mature with respect to safety. Future automation systems need ideally to seamlessly support safety and security in heterogeneous networks while hiding the complexity for the end-users in order to successfully manage large-scale industrial production.

This thesis presents one feasible solution towards safe and secure communication in heterogeneous industrial networks for process control. The presented solution addresses several other important aspects such that engineering efficiency, transparency, possibilities for retrofitting, coexistence with international standards in order to protect the return-of-investment of products, systems, and installed base within the area of process automation. Field trials show that several improvements of wireless sensor networks with respect to determinism in both the uplink and the downlink are needed. This is not only true when it comes to the research problems addressed within the scope of this thesis, but rather a necessity for market acceptance and deployment in process automation in general. The major contribution of this thesis is a method that enables end-to-end safe and secure communication in heterogeneous automation networks without major changes in existing standards, while preserving engineering and integration efficiency.

Place, publisher, year, edition, pages
Västerås: Mälardalen University , 2011.
Series
Mälardalen University Press Dissertations, ISSN 1651-4238 ; 109
National Category
Computer Engineering
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-13079ISBN: 978-91-7485-039-0 (print)OAI: oai:DiVA.org:mdh-13079DiVA, id: diva2:445429
Public defence
2011-11-25, Paros, Mälardalens högskola, Västerås, 10:00 (English)
Opponent
Supervisors
Available from: 2011-10-10 Created: 2011-10-03 Last updated: 2018-01-12Bibliographically approved
List of papers
1. Introducing Security Modules in PROFINET IO
Open this publication in new window or tab >>Introducing Security Modules in PROFINET IO
2009 (English)In: 14th IEEE International Conference on Emerging Technologies and Factory Automation, Mallorca, Spain: IEEE , 2009, p. 1-8Conference paper, Published paper (Refereed)
Abstract [en]

In this paper we show that it is possible to retrofit a security layer on top of PROFINET IO without changing the underlying transmission system or standards. By introducing security modules, end-to-end network security can be achieved and ensure authentication, integrity and confidentiality for real-time communication.

The concept of security modules is a flexible framework and countermeasures can be changed, as security threats and exploits are changing over time. A proof-of-concept implementation shows that it is possible to implement security modules on existing products and secure them against, for example, man-in-the-middle attacks.

Place, publisher, year, edition, pages
Mallorca, Spain: IEEE, 2009
Identifiers
urn:nbn:se:mdh:diva-7333 (URN)10.1109/ETFA.2009.5347205 (DOI)000355314000210 ()2-s2.0-77949881635 (Scopus ID)978-1-4244-2727-7 (ISBN)
Available from: 2009-10-08 Created: 2009-10-08 Last updated: 2018-08-21Bibliographically approved
2. Integration of WirelessHART Networks in Distributed Control Systems using PROFINET IO
Open this publication in new window or tab >>Integration of WirelessHART Networks in Distributed Control Systems using PROFINET IO
Show others...
2010 (English)In: 8th IEEE International Conference on Industrial Informatics (INDIN), Osaka, Japan, 2010, p. 154-159Conference paper, Published paper (Refereed)
Abstract [en]

In this paper we describe a method to integrate WirelessHART networks in Distributed Control Systems (DCS)using PROFINET IO. By modeling the WirelessHART network in the Generic Station Description file, that describes a PROFINET IO device, the WirelessHART related configuration can be distributed from the central engineering stations. In this way, both process controller configuration and WirelessHART network configuration is engineered and maintained from a central location. Thus the end-user do not need any additional tool-specific training, as the existing tools are used to engineer the WirelessHART networks. We base the method of integration on the keywords simple deployment and maintenance, and flexible topology. A proof-of-concept implementation of the proposed method shows that it is possible to download WirelessHART configuration both to the WirelessHART network managers, as well as the WirelessHART sensors. By integrating WirelessHART in this way, maintenance is greatly simplified as the actual configuration will be downloaded automatically by the DCS when faulty field devices are replaced.

Place, publisher, year, edition, pages
Osaka, Japan: , 2010
Identifiers
urn:nbn:se:mdh:diva-11057 (URN)10.1109/INDIN.2010.5549444 (DOI)2-s2.0-77956606068 (Scopus ID)978-1-4244-7298- (ISBN)
Conference
8th IEEE International Conference on Industrial Informatics, INDIN 2010; Osaka; 13 July 2010 through 16 July 2010
Available from: 2010-11-11 Created: 2010-11-11 Last updated: 2013-12-03Bibliographically approved
3. Enabling Safety-Critical Communication using WirelessHART and PROFIsafe
Open this publication in new window or tab >>Enabling Safety-Critical Communication using WirelessHART and PROFIsafe
2010 (English)In: 15th IEEE International Conference on Emerging Technology and Factory Automation (ETFA), Bilbau, Spain, 2010, p. 1-8Conference paper, Published paper (Refereed)
Abstract [en]

Two major trends can be recognized in industrial automation. One of them is that Ethernet is replacing traditional fieldbus networks continuously, because it combines flexibility, reliability, and introduces fast data rates, which allow beside others quality of services. This is pushed even further when field devices use wireless communication to connect to the control system. Beside that another trend is seen in functional safety due to rising customer demands and evolving regulations in industry. That leads necessarily to a consolidation of both technologies, where safety must be guaranteed in the same manner over wireless channels as it is handled over Ethernet. This paper addresses safety issues emerging when PROFIsafe, as one of various safety protocols on the market, is used on top of a black channel layer, which is comprised by non safe protocols including WirelessHART.

Place, publisher, year, edition, pages
Bilbau, Spain: , 2010
Identifiers
urn:nbn:se:mdh:diva-11072 (URN)10.1109/ETFA.2010.5641253 (DOI)2-s2.0-78650562356 (Scopus ID)978-1-4244-6848-5 (ISBN)
Conference
15th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2010; Bilbao; 13 September 2010 through 16 September 2010
Available from: 2010-11-12 Created: 2010-11-12 Last updated: 2013-12-03Bibliographically approved
4. Deterministic Downlink Transmission in WirelessHART Networks enabling Wireless Control Applications
Open this publication in new window or tab >>Deterministic Downlink Transmission in WirelessHART Networks enabling Wireless Control Applications
Show others...
2010 (English)In: The 36th Annual Conference of the IEEE Industrial Electronics Society (IECON), Phoenix, USA, 2010, p. 2120-2125Conference paper, Published paper (Refereed)
Abstract [en]

Wireless sensor and actuator networks bring many benefits to industrial automation systems. However, unreliable wireless and multihop communications among sensors and actuators cause challenges in designing such systems. In this paper we focus on WirelessHART and propose a periodic and deterministic downlink transmission functionality which enables efficient usage of actuators and enabling control applications. Furthermore, we define new HART commands extending the interface, without affecting available services.

Place, publisher, year, edition, pages
Phoenix, USA: , 2010
Identifiers
urn:nbn:se:mdh:diva-10842 (URN)10.1109/IECON.2010.5675281 (DOI)2-s2.0-78751526864 (Scopus ID)978-1-4244-5225-5 (ISBN)
Available from: 2010-11-10 Created: 2010-11-10 Last updated: 2016-06-02Bibliographically approved
5. Efficient Integration of Secure and Safety Critical Industrial Wireless Sensor Networks
Open this publication in new window or tab >>Efficient Integration of Secure and Safety Critical Industrial Wireless Sensor Networks
Show others...
2011 (English)In: EURASIP Journal on Wireless Communications and Networking, ISSN 1687-1472, E-ISSN 1687-1499, no 1, article id 100Article in journal (Refereed) Published
Abstract [en]

Wireless communication has gained more interest in industrial automation due to flexibility, mobility, and cost reduction. Wireless systems, in general, require additional and different engineering and maintenance tasks, for example cryptographic key management. This is an important aspect that needs to be addressed before wireless systems can be deployed and maintained efficiently in the industry. In this paper, we take an holistic approach that addresses safety and security regardless of the underlying media. In our proposed framework we introduce security modules which can be retrofitted to provide end-to-end integrity and authentication measures by utilizing the black channel concept. With the proposed approach, we can extend and provide end-to-end security as well as functional safety using existing automation equipment and standards, such as Profisafe, Profinet IO, and WirelessHART. Furthermore, we improve the WirelessHART standard with periodic and deterministic downlink transmissions to enable efficient usage of wireless actuators, as well as improving the performance of functional safety protocols.

National Category
Computer Engineering
Identifiers
urn:nbn:se:mdh:diva-13077 (URN)10.1186/1687-1499-2011-100 (DOI)000301069300001 ()2-s2.0-84964211644 (Scopus ID)
Available from: 2011-10-03 Created: 2011-10-03 Last updated: 2018-01-12Bibliographically approved
6. Future research challenges in wireless sensor and actuator networks targeting industrial automation
Open this publication in new window or tab >>Future research challenges in wireless sensor and actuator networks targeting industrial automation
2011 (English)In: IEEE Int. Conf. Ind. Informatics (INDIN), 2011, p. 410-415Conference paper, Published paper (Refereed)
Abstract [en]

A growing trend in the automation industry is to use wireless technologies to reduce cable cost, deployment time, unlocking of stranded information in previously deployed devices, and enabling wireless control applications. Despite a huge research effort in the area of wireless sensor networks (WSNs), there are several issues that have not been addressed properly such that WSNs can be adopted properly in the process automation domain. This article presents the major requirements for typical applications in process automation and we also aim to outline the research direction for industrial wireless sensor networks (IWSNs) in industrial automation. The major issues that need to be addressed are safety, security and availability before industrial wireless sensor networks will be adopted in full scale in process automation. © 2011 IEEE.

Series
IEEE International Conference on Industrial Informatics (INDIN), ISSN 1935-4576
Keywords
Automation industry, Cable costs, Deployment time, Full scale, In-process, Industrial automation, Industrial wireless sensor networks, Process automation, Research challenges, Research directions, Research efforts, Typical application, Wireless control, Wireless sensor and actuator networks, Wireless technologies, Accident prevention, Automation, Industrial research, Industry, Information science, Process control, Sensors, Wireless telecommunication systems, Wireless sensor networks
National Category
Engineering and Technology
Identifiers
urn:nbn:se:mdh:diva-16008 (URN)10.1109/INDIN.2011.6034912 (DOI)000298743300062 ()2-s2.0-80054978662 (Scopus ID)9781457704345 (ISBN)
Conference
2011 9th IEEE International Conference on Industrial Informatics, INDIN 2011, 26 July 2011 through 29 July 2011, Lisbon
Note

Sponsors: The Institute of Electrical and Electronics Engineers (IEEE); IEEE Industrial Electronics Society (IES); UNINOVA; Universidade Nova de Lisba, Faculdade de Ciencias e Tecnologia; Schneider Electric; O3neida

Available from: 2013-01-02 Created: 2012-10-29 Last updated: 2014-05-16Bibliographically approved

Open Access in DiVA

Kappa(1335 kB)3270 downloads
File information
File name FULLTEXT02.pdfFile size 1335 kBChecksum SHA-512
0c82d8917a84b7e6bc7ca32f422461d17965ef575977f2c53b3b052dbf7b9b9698a30e6054861957a8a77f1a2d00f02f7991847532e6d9377c52d9deb3021450
Type fulltextMimetype application/pdf

Authority records

Åkerberg, Johan

Search in DiVA

By author/editor
Åkerberg, Johan
By organisation
School of Innovation, Design and Engineering
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 3284 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 1182 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf