Abstract
Safety critical systems are used to reduce the probability of failure that could cause danger to person, equipment or environment. The increasing level of vertical and horizontal integration increases the security risks in automation. Since the risk of security attacks can not be treated as negligible anymore, there is a need to investigate possible security attacks on safety critical communication.
In this paper we show that it is possible to attack PROFIsafe and change the safety-related process data without any of the safety measures in the protocol detecting the attack. As a countermeasure to network security attacks, the concept of security modules in combination with PROFIsafe will reduce the risk of security attacks, and is in line with the security concept defense-in-depth.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Sirkka, L., Jämsä, J.: Future trends in process automation. Annual Reviews in Control 31, 211–220 (2007)
Dzung, D., Naedele, M., Von Hoff, T., Crevatin, M.: Security for industrial communication systems. Proceedings of the IEEE 93(6), 1152–1177 (2005)
Tanenbaum, A.S.: Computer Networks, 4th edn. Pearson Education International, London (2003)
Treytl, A., Sauter, T., Schwaiger, C.: Security measures for industrial fieldbus systems - state of the art and solutions for ip-based approaches. In: IEEE International Workshop on Factory Communication Systems, September 2004, pp. 201–209 (2004)
Harada, M.: Security management of factory automation. In: SICE, 2007 Annual Conference, September 2007, pp. 2914–2917 (2007)
IEC: IEC 61784-3-3. Industrial communication networks - Profiles - Part 3-3: Functional safety fieldbuses - Additional specifications for CPF 3. International Electrotechnical Commission (2007)
Treytl, A., Sauter, T., Schwaiger, C.: Security measures in automation systems-a practice-oriented approach. In: 10th IEEE Conference on Emerging Technologies and Factory Automation, September 2005, vol. 2, p. 9 (2005)
Baud, M., Felser, M.: Profinet io-device emulator based on the man-in-the-middle attack. In: 11th IEEE Conference on Emerging Technologies and Factory Automation, pp. 437–440 (2006)
Åkerberg, J., Björkman, M.: Exploring security in profinet io. 33rd Annual IEEE International Computer Software and Applications Conference (2009) (in press)
Granzer, W., Reinisch, C., Kastner, W.: Denial-of-service in automation systems. In: 13th IEEE Conference on Emerging Technologies and Factory Automation, pp. 468–471 (2008)
Granzer, W., Reinisch, C., Kastner, W.: Key Set Management in Networked Building Automation Systems using Multiple Key Servers. In: Proc. 7th IEEE International Workshop on Factory Communication Systems (WFCS 2008), May 2008, pp. 205–214 (2008)
Neumann, P.: Virtual automation network - reality or dream. In: IEEE International Conference on Industrial Technology, December 2003, vol. 2, pp. 994–999 (2003)
Neumann, P.: Communication in industrial automation-what is going on? Control Engineering Practice 15, 1332–1347 (2006)
Neumann, P., Poeschmann, A., Messerschmidt, R.: Architectural concept of virtual automation networks. In: IFAC World Congress (2008)
IEC: IEC 61784-3. Industrial communication networks - Profiles - Part 3: Functional safety fieldbuses - General rules and profile definitions. International Electrotechnical Commission (2007)
PNO: PROFIsafe - Profile for Safety Technology on PROFIBUS DP and PROFINET IO. Version 2.0. Order No: 3.192. PROFIBUS Nutzerorganisation e.V. (2005)
IEC: IEC 62280-1. Railway applications - Communication, signaling and processing systems - Part 1: Safety-related communication in closed transmission systems. International Electrotechnical Commission (2002)
IEC: IEC 62280-2. Railway applications - Communication, signaling and processing systems - Part 2: Safety-related communication in open transmission systems. International Electrotechnical Commission (2002)
IEC: IEC 61508. Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements. International Electrotechnical Commission (1998)
PNO: PROFINET Security Guideline, Version 1.0. PROFIBUS Neutzerorganisation e.V. (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Åkerberg, J., Björkman, M. (2009). Exploring Network Security in PROFIsafe. In: Buth, B., Rabe, G., Seyfarth, T. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2009. Lecture Notes in Computer Science, vol 5775. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04468-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-04468-7_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04467-0
Online ISBN: 978-3-642-04468-7
eBook Packages: Computer ScienceComputer Science (R0)