On October 24th in Milan, we met Eric Byres, the well-known industrial security expert from Tofino Security (www.tofinosecurity.com), who analyzed the situation of industrial networks in a post-Stuxnet Era. The meeting was organized by AIIC, the Italian Association of Critical Infrastructure Experts, whose goal is to make industry aware that industrial field networks, not only information technology (IT) ones, can be in danger.
“As Stuxnet came, the period of ‘security from ignorance’ ended,” said Byers. “Before Stuxnet, hackers simply didn’t know much about SCADA, PLCs, HMIs. More than that, nowadays these devices are often linked to industrial Ethernet networks, and through them to the Internet. Now hackers know that they can easily access and crack industrial devices, causing serious problems to critical plants and infrastructures.” Protected perimeters are no longer enough, added Byers. “Industrial network engineers have to provide separated areas and ‘cleaning rooms’ and also have to adopt industrial-specific firewalls in order to filter any kind of data accessing the plant level.”
The day after, it was our turn to meet with EPSG—Ethernet Powerlink standardization group, the European organization promoting Ethernet Powerlink (EPL). This industrial protocol isbased on standardized Ethernet, does not need specific hardware, and is easy to implement. We had an exclusive interview with Stephane Potier, EPSG Technology Marketing, when the EPL European roadshow organized by Staubli, B&R Automation, Asco Numatics and Cognex stopped in Milan.
Potier said, “EPL specifications had been standardized in 2005, so the technology is nowadays well known and solid; as EPSG, we give support to end users and continue to optimize the protocol, adding new functionalities, but the most part of our developing work deals with openSafety.”
openSafety is an open and license-free technology that guarantees exchange of safety data from one point of the network to another, regardless which fieldbus protocol is being used. “EPSG is providing all the technical documentation needed to use openSafety with other fieldbuses, such as Profinet or EtherNet/IP,” said Potier. “We are working to provide it for any kind of fieldbus or Industrial Ethernet system in the market.” Another future development of openSafety will concern the SIL level: “openSafety is now SIL3 compliant, but we want to reach SIL4,” Potier said.