Establishment of a CLPA Working Group on Industrial Ethernet Security

June 1, 2017
Recently, the IT and OT worlds have started to overlap. While this has brought many benefits to manufacturing, it also means that plant staff now also needs to consider IT security threats to their operations.

Recently, the IT and OT worlds have started to overlap. While this has brought many benefits to manufacturing, it also means that plant staff now also needs to consider IT security threats to their operations. Actual measures for reducing those risks need to be considered and implemented. From the factory system point of view, it is said that the priority of protection requirements is availability, integrity, and confidentiality. Another difference from IT systems is “the human factor.” Personnel are in a plant floor to manufacture, maintain, or manage the plant. The role and the authorization assigned to personnel related to a target plant system should also be considered.

CC-Link IE Security Working Group (WG)

Both physical and cyber security measures have to be considered for plant security. In general, one measure is insufficient and the “defense in depth” concept, combining multiple measures, needs to be contemplated.

System security architecture

Physical access control

Industrial network security access control, integrity, and confidentiality

Security monitoring

Scope of the CLPA Security WG

The first step of the CLPA Security WG focuses on network security, especially when the user adopts the SeamLess Message Protocol (SLMP) and CC-Link IE Field Basic where general IP communication is used for both cyclic and transient communications. A guideline document for secure network design will be created. The guideline document will be based on IEC62443 including the defense in depth security approach. Router/switch configuration examples for secure SLMP and CC-Link IE Field Basic are also described.

Overview of Industrial network security

Security concerns viewpoint for industrial networks

Defense-in-depth security approach

Use-case examples

Participating Companies

The CC-Link Partner Association Ethernet Security Working Group includes participation from Cisco Systems, Hilscher, Mitsubishi Electric, HMS, Belden-Hirschmann, MOXA, Panduit and MIND.

>>For more information, click here

Sponsored Recommendations

Shorten project timelines with these hidden-gem Ignition efficiency tips for designing HMIs, provided by Inductive Automation Sales Engineer Reese Tyson.
Get ready for that “where has this been all my life?” moment—over 25 hidden Ignition features await in our webinar. Our experts show how to boost your productivity and streamline...
Advanced software solutions, like those built in the Ignition platform from Inductive Automation, can provide a crucial means to navigating electrical grid challenges.
Unlock seamless data flow across your manufacturing sites with MQTT and Ignition—turn siloed operations into a connected, data-driven enterprise. Discover how standardization,...