The connectivity of IoT and Industry 4.0 means controls engineers must address cybersecurity now
Cybersecurity will become the big topic in industrial communication technologies as it has been in IT for many years now: the connectivity required by IoT and Industry 4.0 concepts means the controls engineer will also have to deal with the topic. When and to what extent depends primarily on two decisions: what the network architecture looks like and which network technology is used.
First, the architecture: Up to now, a hierarchical model has worked well. The real-time control network, i.e. the control-level fieldbus to which the I/Os and drives are connected, is separated by the controller from the higher-level communication systems and the plant network. The controller provides and conditions the process data that the higher-level systems require and also regulates access to the lower-level devices, such as the I/O nodes.
The controller thus acts effectively as a cybersecurity firewall for the underlying network, and it transforms hardly comprehensible raw data from the I/O level into meaningful information. Transporting data directly “from the sensor to the cloud” only makes sense in some select cases. For example, the user cannot know without further information whether a motor temperature of 85 degrees Celsius is OK or too hot. Often not even the motor itself knows this because it depends on the application and the current situation. A controller, on the other hand, can tell the operator’s cloud service in addition whether the current motor temperature is acceptable. And for those cases where the provision of raw data is desired – for example, by the motor manufacturer who wants to see for warranty claims whether the motor is being operated within specification – the user should be able to decide whether to allow that. And that is much easier to do in the controller than on each sensor or device.
For some, however, the hierarchical architecture is considered outdated. They demand complete access, with a single network from “bottom to top.” This is also the justification for demanding the same network technology below the controller as above – there should be no more “below” and “above.” What may look tempting at first glance, however, harbors many problems: in terms of responsibility and liability, independent performance of the control network, address duplication and costs. And especially regarding cybersecurity: suddenly, I/O nodes, networked sensors and drives are directly visible and accessible in the plant network and possibly beyond. And here we don’t even have to assume deliberate attacks: Even an accidental change of parameters on the wrong device would have far-reaching consequences.
So, in this brave new world, all devices must have cybersecurity protections. That means certificates on every I/O device, and certificates expire, so they must be updated. Security requires additional computing power and memory on the devices, and this alone leads to increased costs. And meeting security requirements with this architecture means that controls engineers must build up profound cybersecurity know-how.
And secondly, of course, the choice of network technology plays a decisive role. With switch-based industrial Ethernet solutions, each device must be cyber-protected, especially if the technologies are fully or partially based on the Internet Protocol. EtherCAT, on the other hand, is neither switch-based nor does it rely on the Internet Protocol: The EtherCAT protocol is directly embedded in the Ethernet frame.
Since almost all cyberattacks require the Internet Protocol for routing, with EtherCAT they go nowhere. Furthermore, the EtherCAT chips filter out non-EtherCAT frames by hardware, and by principle EtherCAT devices cannot be persuaded to falsify data not intended for them, even by compromised firmware. In addition, EtherCAT ports that are not used can be switched off in hardware.
EtherCAT is already so well protected, per se, that no further cybersecurity measures are required beyond what’s required to harden the controller to industry cybersecurity standards. Therefore, no knowledge of certificates or cybersecurity is required to operate this industrial Ethernet fieldbus. With EtherCAT, this new “big thing” is covered without any additional effort.
Ready to enhance the performance and cybersecurity of your industrial Ethernet networks? Contact your local Beckhoff sales engineer today.
Martin Rostan is the Executive Director of the EtherCAT Technology Group.