Establishment of a CLPA Working Group on Industrial Ethernet Security

June 1, 2017
Recently, the IT and OT worlds have started to overlap. While this has brought many benefits to manufacturing, it also means that plant staff now also needs to consider IT security threats to their operations.

Recently, the IT and OT worlds have started to overlap. While this has brought many benefits to manufacturing, it also means that plant staff now also needs to consider IT security threats to their operations. Actual measures for reducing those risks need to be considered and implemented. From the factory system point of view, it is said that the priority of protection requirements is availability, integrity, and confidentiality. Another difference from IT systems is “the human factor.” Personnel are in a plant floor to manufacture, maintain, or manage the plant. The role and the authorization assigned to personnel related to a target plant system should also be considered.

CC-Link IE Security Working Group (WG)

Both physical and cyber security measures have to be considered for plant security. In general, one measure is insufficient and the “defense in depth” concept, combining multiple measures, needs to be contemplated.

System security architecture

Physical access control

Industrial network security access control, integrity, and confidentiality

Security monitoring

Scope of the CLPA Security WG

The first step of the CLPA Security WG focuses on network security, especially when the user adopts the SeamLess Message Protocol (SLMP) and CC-Link IE Field Basic where general IP communication is used for both cyclic and transient communications. A guideline document for secure network design will be created. The guideline document will be based on IEC62443 including the defense in depth security approach. Router/switch configuration examples for secure SLMP and CC-Link IE Field Basic are also described.

Overview of Industrial network security

Security concerns viewpoint for industrial networks

Defense-in-depth security approach

Use-case examples

Participating Companies

The CC-Link Partner Association Ethernet Security Working Group includes participation from Cisco Systems, Hilscher, Mitsubishi Electric, HMS, Belden-Hirschmann, MOXA, Panduit and MIND.

>>For more information, click here

Sponsored Recommendations

Meet our experts - Reduce complexity of a DCS Migration

Sign up for a complementary onsite assessment.

Revolutionizing Germany’s energy landscape: The Wilhelmshaven floating LNG terminal

The German LNG terminal lays the groundwork for future sustainable energy initiatives. Here's how Schneider Electric helped make it happen.

Navigating Distributed Control Systems Migration

Navigating Distributed Control System (DCS) migrations doesn't have to be as complex as it seems. Whether you are planning a migration or seeking to enhance ...

Revolutionize process safety with Tricon CX V12

The most versatile TÜV certified safety instrumented system. One system with a choice of architectures and form factors delivering a lifetime of safe, resili...