Cybersecurity of the Eight Most Used Industrial Protocols

Attacks on Industrial Control Systems

The main goal in the industrial world is to prevent major disruptions in controlled processes, but protecting the information system and the data it contains is also an important concern. As a result, successful attacks can have catastrophic implications. Regardless of the scale of the manufacturer, these interruptions can cause irreversible production stops and cause harm to people, property, and the environment, all of which can have far-reaching implications.

Sensitive installations in the energy production, water treatment, transportation, and broader large infrastructure sectors are easy targets for crisis scenarios.

As a result, the industry finds itself faced with a pressing issue that it can no longer ignore, and it is the responsibility of every industrial manager to evaluate the dangers that the installation for which they are responsible is exposed to and to implement the necessary safeguards.

But industrial managers are still confused about what needs to be done and how to set up the organization. Even if they are prepared to accept the existence of danger, they frequently struggle to understand its source, scope, and potential repercussions.

When it comes to industrial systems, there are firewalls that can identify industrial protocols and examine the packet’s contents. The firewall examines the frame’s content in addition to port numbers and source and destination addresses.

For instance, it can identify the type of function, the address that is written or read, and the data that is transferred by decoding the Modbus protocol.

Table of Contents:

1. Industrial Control Systems (Introduction to Variety of Protocols)
2. Modbus
3. Profibus and Profinet
4. Actuator/Sensor Interface
5. Highway Addressable Remote Transducer
6. DNP3 and IEC 60870
7. The CAN bus
8. Ethernet/IP and Common Industrial Protocol (CIP)
9. OLE for Process Control (OPC)
10. Other Protocols
11. Attachment (PDF) 🔗 Download ‘Cyber Security Of Substation Automation Systems’

1. Industrial Control Systems

Introduction to Variety of Protocols

In an Industrial Control System, various protocols are used for data exchange amongst the various pieces of equipment. Some are tailored to certain industries or uses, such as construction, electrical distribution systems, motor vehicles, or chemical or petroleum industry control systems.

In general, in an ICS, it is first necessary to transmit data between sensors and actuators and level 1 processing systems. The transmission distance can vary from a few meters to a few hundred meters; the transmission can even be carried out over a much greater distance for telemetry systems.

Fieldbuses are discussed at this level; protocols such as Modbus, Profibus, Asi-bus, and DeviceNet are examples.

Common methods of transmission include radio, GSM, or an RS232 or RS485 link. Just in case you forgot, it also doesn’t require any kind of computer protocol and may be executed just by sending an electrical signal to the PLC input.

Data transmission is carried out via Ethernet, either in its classic non-deterministic version or in a so-called real-time version. Exchanges at higher levels (above level 2) are generally based on traditional computer protocols such as Ethernet or Wi-Fi and TCP/IP.

Watch Video – Cybersecurity for Industrial Control Systems: Why It Matters and How To Stay Protected

Since the 1990s, there has been a convergence of protocols that first used Ethernet 802.3, then wherever real-time aspects are not critical, use IP, which also allows the use of Wi-Fi equipment. IP network equipment is ubiquitous, easy to deploy, relatively inexpensive and well known to administrators.

This technology facilitates the connection of manufacturing systems with the company’s IT systems for better production management. It should also be noted that this convergence is not limited to ICS and business management aspects, but that voice (VoIP), television, video surveillance, and many services also use IP networks.

It explains the significant increase in companies’ vulnerability to cyber-attacks.

Fieldbus protocols that do not use TCP/IP or even Ethernet, as actuator/sensor interface (AS-i) presented below, are not vulnerable to attacks from the Internet. Similarly, networks using an Ethernet protocol but not TCP/IP (such as Profinet RT) are, to some extent, less vulnerable.

Recommended Reading – So automated, but so hackable. Is power grid in your country safe from cyberattacks?

So automated, but so hackable. Is power grid in your country safe from cyberattacks?

The following practical problem is critical: how to improve the security of industrial control systems (ICS) in the face of risks such as technical equipment, sensor, and actuator failures, human error, and damaging targeted activities, such as cyber-attacks and sabotage.

The present solutions are inadequate since they only address certain threats. There are no holistic answers to security challenges.

One aspect of this topic is developing effective methods for identifying breaches into the control system, which consist of malicious modifications to the control algorithm or its parameters.

Go back to Content Table ↑

2. Modbus

Modbus is among the earliest industrial control protocols. It was introduced in 1979 for PC-based automated communications and utilized serial connectivity. In the 1990s, it expanded significantly, and to enhance compatibility with contemporary systems, a version for TCP/IP networks, named Modbus/TCP, was introduced in 1999.

Currently, it is among the most extensively utilized protocols across several industries, including critical infrastructure.

There exist three categories of Modbus implementation:

1. Serial Modbus using RS232 or RS485 links, in RTU and ASCII version (bytes are encoded on two hexadecimal characters), using a variety of physical means of transmission (electrical cables, fiber, radio, etc.);
2. Modbus+ over HDLC (high-level data link control) using a high-speed token-passing network;
3. Modbus TCP/IP over Ethernet.

Figure 1 – Modbus and OSI communication stack

The TCP/IP version usually gets used between levels 1 and 2, facilitating communication between PLCs and supervisory systems, while the RTU version is utilized between levels 0 and 1 to connect PLCs with Intelligent Electronic Devices (IEDs).

The trend is towards a generalization of TCP/IP, even at the most fundamental levels.

The fundamental functions permit the reading or writing of words from the slave’s memory, whereas the frames contain a function code and corresponding data.