POWERLINK is hack proof
Industry 4.0, the widely heralded next industrial revolution based on the "Internet of Things", will further boost the need for fast and open industrial networks. At the same time, many producers are reluctant to connect their factory-floor equipment to outside lines, let alone cloud-based services, for fear of hacker or malware attacks that could paralyze production. Nevertheless, an industrial network that provides high speed and uncompromised openness and whose architecture prevents intrusion without the need for external security measures does exist. That network is POWERLINK.
Thirty years ago, a virus was a microscopic organism that made you sick, the Trojan horse was a gift in ancient Greek mythology and the word "malware" had not even been invented yet. Since then, cybersecurity has become a major concern of companies all over the world. What's more, the fear of hackers is now no longer limited to the office environment, where they have been wreaking havoc and causing a considerable amount of damage for years.
Although the advantages of increased efficiency are obvious, companies have been reluctant to connect their PC-based automation hardware for industrial plant and machinery to the Internet for remote operation, diagnostics, maintenance, updates or other services. "This is understandable since any standstill whatsoever of a production machine results in losses," says Stefan Schönegger, managing director of the Ethernet POWERLINK Standardization Group (EPSG). "For producers in a highly competitive environment, confidential production data in the hands of outsiders is also not a notion they can easily come to terms with.”
A matter of protocol
ICS and SCADA security has been a serious concern for over a decade, but it has come under increased scrutiny following the discovery of the Stuxnet virus in 2010, the DuQu virus in 2011 and the Shamoon virus in 2012, all of which specifically targeted industrial control systems. Last October, the Repository for Industrial Security Incidents (RISI) published their 2013 Annual Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems. It includes an in-depth analysis of 240 incidents recorded in the RISI database from 2001 through 2012, as well as detailed results and analysis from the second annual RISI Control System Security Benchmark Survey. It finds that 33% of all ICS security incidents were perpetrated through remote access and notes a significant increase in the number of reported cybersecurity incidents in recent years, over 150 percent in some industries.
Hackers and malware programmers are gaining access to specific computers through the Internet using their unique IP addresses. Since this addressing scheme is used by the TCP and UDP protocols – the most popular communication protocols for LANs as well – attackers are guided directly to individual hardware in internal networks, even when they are not directly connected to the outside world themselves.
The internal hardware in production machines is connected via fieldbus or, increasingly, one of several industrial Ethernet implementations currently available. The various standards differ considerably in the way nodes are addressed and data is routed. Some continue to use the TCP/IP protocol as it is. Consequently, automation manufacturers and suppliers of industrial IT hardware that support these standards are addressing this issue by offering security concepts involving industrial-grade firewall hardware to protect Ethernet-based networks on the factory floor.
Other industrial Ethernet protocols, notably those covering hard real-time requirements, rely on master-slave communication models for the majority of data transfer and only use TCP/IP communication layers to route regular Ethernet communication through the system. Some of these models make use of non-standard layers, which open up potential future compatibility issues. There are, however, industrial Ethernet network protocols that not only build on certified standard IEEE 802.3 Ethernet layers without modification, but also take advantage of deterministic communication layers for real-time communication.
One notable technology that features this type of architecture is POWERLINK, which combines timeslot and polling procedures to achieve isochronous data transfer. How the master node addresses the controlled nodes can be configured by software developers using suitable engineering tools, though this is not transparent to other entities in the network. "The fact that there is no way whatsoever for users to access these network configuration details during system runtime eliminates the need for specific protection against fraudulent manipulations in the system itself," says Schönegger.
General data completely isolated
Every POWERLINK communication cycle consists of three phases. In the initial phase, the master node sends a synchronizing message to all controlled nodes as preparation for the isochronous data exchange that takes place in the second, cyclic period. The third phase is the asynchronous phase, where user data and TCP/IP packets are sent through the network. Built-in routers safely and transparently separate real-time and asynchronous data; not doing so would pose a risk to the real-time behavior of the entire system. As a result, even if malware were planted directly in the network, it would remain completely isolated.
Hackers or malicious software intruding from outside lines also have no realistic chance of compromising a POWERLINK network since they would only get as far as the opposite side of the controller acting as the network's managing node. Since attacks should be prevented from traveling through an industrial network across the TCP/IP communication layers, it is simply a wise course of action to protect external lines with a proper firewall on the non-POWERLINK side of routers. Nevertheless, the real-time communication layers of POWERLINK are inherently protected and do not need to rely on such precautions.
High speed, high availability and high security
POWERLINK owes much of its unparalleled level of security to the fact that it is open-source software . The stack's source code and any modifications to it are subject to frequent review by the community. This not only prevents security issues – they are discovered and eliminated long before they can do any harm – but also provides effective protection against hidden backdoor attacks.
"With the early stages of Industry 4.0 relying on the 'Internet of Things' for advanced and sustainable efficiency, plants require industrial communication mechanisms that are not only fast and open, but highly available as well," says Schönegger. "High speed regardless of network size, total and complete openness, high tolerance to electrical interference, line and master node redundancy and inherent security that stops attackers in their tracks – POWERLINK meets all of these requirements."