Cybersecurity’s role in improving industrial Ethernet
All devices in a manufacturing facility need cybersecurity as they transmit data through the internet and picking the right network architecture and technology is crucial.
- Learn about the importance of industrial network structures and why they matter for manufacturing facilities.
- Learn how EtherCAT can help manufacturers improve networking hierarchy and cybersecurity posture.
- Many devices in a manufacturing facility are connected to the internet these days, but many aren’t cybersecure.
- Picking the right network architecture and technology is crucial in keeping devices secure.
- Avoiding switch-based industrial Ethernet and internet protocol has cybersecurity benefits.
Cybersecurity will become the big topic in industrial communication technologies as it has been in IT for many years now: the connectivity required by the Internet of Things (IoT) and Industrie 4.0 concepts means the controls engineer also will have to deal with the topic. When and to what extent depends primarily on two decisions: what the network architecture looks like and which network technology is used.
The importance of architecture models
For the architecture, a hierarchical model has worked well up to now.
The real-time control network — the control-level fieldbus to which the input/outputs (I/Os) and drives are connected — is separated by the controller from the higher-level communication systems and the plant network. The controller provides and conditions the process data the higher-level systems require and also regulates access to the lower-level devices, such as the I/O nodes.
The controller acts as a cybersecurity firewall for the underlying network and transforms raw data from the I/O level into meaningful information. Transporting data directly from the sensor to the cloud only makes sense in some select cases. For example, the user cannot know without further information if a motor temperature of 85 °C is OK or too hot. In many cases, the motor knows this because it depends on the application and the current situation. A controller, on the other hand, can tell the operator’s cloud service in addition and if the current motor temperature is acceptable.
For those cases where the provision of raw data is desired — for example, by the motor manufacturer that wants to see for warranty claims whether or not the motor is being operated within specifications — the user should be able to decide to allow that or not. This is much easier to do in the controller than on each sensor or device.
For some, however, the hierarchical architecture is outdated. They demand complete access with a one network from “bottom to top.” This is also the justification for demanding the same network technology below the controller as above — there should be no more “below” and “above.” While tempting, this approach has many problems for responsibility and liability, independent performance of the control network, address duplication and costs. Cybersecurity risk increases when I/O nodes, networked sensors and drives are visible and accessible in the plant network and beyond. Users do not even have to assume deliberate attacks: Even an accidental change of parameters on the wrong device would have far-reaching consequences.
Avoiding switch-based industrial Ethernet, internet protocol
In this brave new world, all devices must have cybersecurity protections. That means certificates on every I/O device. However, the certificates expire after a period of time and must be updated. Security requires additional computing power and memory on the devices and this leads to increased costs. Meeting security requirements with this architecture means controls engineers must build cybersecurity know-how.
The choice of network technology plays a key role. With switch-based industrial Ethernet solutions, each device must be cyber-protected, especially if the technologies are fully or partially based on the internet protocol (IP). EtherCAT, on the other hand, is neither switch-based nor does it rely on IP: The EtherCAT protocol is embedded in the Ethernet frame.
Since almost all cyberattacks require the IP for routing, with EtherCAT the cyberattacks go nowhere. Furthermore, the EtherCAT chips filter out non-EtherCAT frames by hardware, and, by principle, EtherCAT devices cannot be persuaded to falsify data not intended for them, even by compromised firmware. EtherCAT ports that are not used can be switched off in hardware.
EtherCAT is well protected, and no further cybersecurity measures are required beyond what is required to harden the controller to industry cybersecurity standards. Therefore, no knowledge of certificates or cybersecurity is required to operate the EtherCAT industrial Ethernet fieldbus. With EtherCAT, cybersecurity concerns are covered.
Martin Rostan is executive director of the EtherCAT Technology Group, a CFE Media and Technology content partner. Edited by Chris Vavra, web content manager, Control Engineering, CFE Media and Technology, firstname.lastname@example.org.
Keywords: Ethernet, cybersecurity
See additional Ethernet stories at https://www.controleng.com/industrial-networking/ethernet/
How is Ethernet use affecting your cybersecurity?