Title :
Exploring Security in PROFINET IO
Author :
Åkerberg, Johan ; Björkman, Mats
Author_Institution :
Corp. Res., ABB AB, Vasterds, Sweden
Abstract :
In this paper we show that it is possible to attack and gain control over PROFINET IO nodes and also that this can be done without any of the communicating peers detecting the attack. Analysis of attacks in both shared and packet switched networks show that the attacker can control the process data and thus the state of the machines connected to the I/O modules. As the security risks are increasing in automation with the level of vertical and horizontal integration, the concept of security modules is proposed towards a method to retrofit security in PROFINET IO. The concept of security modules can be applied without changing anything in the underlying transmission system and is extendable if and when new security threats are identified.
Keywords :
local area networks; packet radio networks; peer-to-peer computing; telecommunication security; Ethernet; I/O module; PROFINET IO; attack detection; communicating peers; network security; packet switched network; process data; security module; security risk; security threat; shared network; transmission system; Automation; Availability; Communication system security; Data security; Embedded system; Field buses; Internet; Peer to peer computing; Protection; Protocols; PROFINET IO; attack; network security; security modules;
Conference_Titel :
Computer Software and Applications Conference, 2009. COMPSAC '09. 33rd Annual IEEE International
Conference_Location :
Seattle, WA
Print_ISBN :
978-0-7695-3726-9
DOI :
10.1109/COMPSAC.2009.61
