SlideShare une entreprise Scribd logo

PROFIsafe and IT security - Peter Brown of Siemens A&D

PROFIBUS and PROFINET InternationaI - PI UK
PROFIBUS and PROFINET InternationaI - PI UK

PROFIsafe is a standard for safe communication in industrial automation networks. It allows for both standard and failsafe communication over the same network using PROFIBUS or PROFINET. PROFIsafe ensures safety by adding features like consecutive numbering of data packets, time monitoring, and authenticity monitoring using unique addresses. It detects possible faults like delays, data loss, or address errors. PROFIsafe supports coexistence of standard and safety-related programs on one CPU without impacting each other. It uses techniques like time and data redundancy to achieve safety without full redundancy. Network security for industrial automation is also important, and can be implemented through measures like secure network segmentation, firewalls, VPNs, and ongoing network monitoring.

TechnologieBusiness
1  sur  31
Télécharger pour lire hors ligne
What is PROFIsafe and how does it work? Pete Brown Siemens I CS
2 Author / Title of the presentation “The condition of being safe; freedom from danger, risk, or injury.” In the UK (and Europe) this can cover many areas and industries, for example: Supply of Machinery (Safety) Regulations Electromagnetic Compatibility Regulations Electrical Equipment (Safety) Regulations Pressure Equipment Regulations Simple Pressure Vessels (Safety) Regulations Equipment and Protective Systems Intended for Use in Potentially Explosive Atmospheres Regulations Lifts Regulations Medical Devices Regulations Gas Appliances (Safety) Regulations Important: It is essential to have some form of risk assessment / risk analysis e.g. HAZAN / HAZID / HAZOP / RA to ISO 12100 What do we mean by “Safety”
3 Author / Title of the presentation Profibus DP Standard-Host/PLC F-Gate- way other Safety- Bus Repeater Standard-I/O Master-Slave Assignment F-Field- Device DP/PA Coexistence of standard and failsafe communication F-Host/FPLC Standard-I/O F-I/O Engineering Tool PG/ES with secure access e.g. Firewall TCP/IP F = Failsafe F-Sensor F-Actuator PROFIsafe – The Vision
4 Author / Title of the presentation "Black Channel": ASICs, Links, Cables, etc. Not safety relevant "PROFIsafe": Safety critical communications systems: Addressing, Watch Dog Timers, Sequencing, Signature, etc. Safety relevant, Not part of the PROFIsafe: Safety I/O / Safety Control Systems Non safety critical functions, e.g. diagnostics Standard- I /O Standard Control 1 2 7 1 2 7 1 2 7 1 2 7 1 2 7 Safety Input Safety Control Safety Output Safety-LayerSafety-LayerSafety-Layer e.g.. Diagnostics PROFIsafe – ISO/OSI Model
5 Author / Title of the presentation PROFIsafe – Add-on Strategy Standard engineering tool STEP 7 Standard CPU Standard PROFIBUS DP Standard Remote I/O Failsafe engineering Tool Distributed Safety Failsafe I/O Modules PROFIsafe Failsafe Application ProgramF-Hardware
6 Author / Title of the presentation Coexistence of standard program and safety- related program on one CPU Changes to the standard program have no effect on the integrity of the safety-related program section Standard program Safety program Standard program Back-up PROFIsafe - Program
7 Author / Title of the presentation Time redundancy and diversity replace complete redundancy Time redundancy Time Diverse Operation Operation Coding Comparison Diverse Operators Operators Diverse Output Output Stop by D /C D = /C CA, B /A, /B OR AND PROFIsafe – Coded Processing Coded Processing
8 Author / Title of the presentation “Blackchannel" PROFIsafe layer PROFIsafe layer Standard data Fail-safe data Standard bus protocol Standard data Fail-safe data Standard bus protocol PROFIBUS PROFINET PROFIsafe - Introduction Safety-oriented communication via PROFIsafe First standard of communication in accordance with safety standard IEC 61508 PROFIsafe supports safe communication for the open standard PROFIBUS and PROFINET The PROFIsafe meets possible faults like address error, delay, data loss with Serial numeration of PROFIsafe-telegram Time monitoring Authenticity monitoring via unique addresses Optimized CRC-checking PROFIsafe supports standard- and failsafe Communication by one medium
9 Author / Title of the presentation Failure type: Remedy: Consecutive Number Time Out with Receipt Codename for Sender and Receiver Data Consistency Check Repetition Deletion Insertion Resequencing Data Corruption Delay Masquerade (standard message mimics failsafe) Revolving memory failure within switches Overview: Possible Errors and detection mechanism PROFIsafe - Introduction
10 Author / Title of the presentation Which protocol must be supported ? IO- C F D O Actuator PROFINET -IO Device F D I F D O Sensor PROFIBUS. PROFIBUS DeviceModular Device Local bus F- Host PROFINET- PROFIBUS Link Encapsulation Encapsulation Encapsulation F-DI Fail-safe digital input F-DO Fail-safe digital output IO-C PROFINET IO-Controller PROFINET SWITCH PROFIsafe - Introduction
11 Author / Title of the presentation Which protocol version applies when ? PROFIsafe V2 Slave used in Protocol with 8Bit-Counter (= PROFIsafe V1 mode) Protocol with 24Bit-Counter (= PROFIsafe V2 mode) PROFIBUS network only mandatory mandatory PROFINET network only - mandatory PROFIBUS / PROFINET network mandatory mandatory Goal: 100% compatability A PROFIsafe slave which supports the v2 mode must be able to replace an older version of this PROFIsafe slave which only supports the v1 mode without the need of any adaption PROFIsafe - Introduction
12 Author / Title of the presentation DP MasterDP Master PROFINET – PROFIsafe V2 PROFIBUS – PROFIsafe V1 or V2 DP Slave V2DP Slave V2 I/OI/O--Device V2Device V2 DP Slave V1DP Slave V1 DP Slave V1DP Slave V1 Proxy OnlyOnly DP Slave V2DP Slave V2 V1 = PROFIsafe Profil V1V1 = PROFIsafe Profil V1 V2 = PROFIsafe Profil V2V2 = PROFIsafe Profil V2 Which protocol version applies when ? PROFIsafe - Introduction
Security for Industrial Automation Considering the PROFINET Security Guideline
14 Peter Brown / IT Security for Industrial Automation DCS/ SCADA* *DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition Potential Attack Plant Security Physical Security • Physical access to facilities and equipment Policies & Procedures • Security management processes • Operational Guidelines • Business Continuity Management & Disaster Recovery Network Security Security Zones & DMZ • Secure architecture based on network segmentation Firewalls and VPN • Implementationof Firewalls as the only access point to a security cell System Integrity System Hardening • Adapting system to be secure by default User Account Management • Access control based on user rights and privileges Patch Management • Regular implementation of patches and updates Malware Detection and Prevention • Anti Virus and Whitelisting Industrial IT Security
15 Peter Brown / IT Security for Industrial Automation What is IT Security? (Cyber/Network) Protection of computers and networks from intrusion and disruption With so many systems relying on networks this is critical The internet allows global connectivity and all its advantages These advantaged lead to vulnerability Security
16 Peter Brown / IT Security for Industrial Automation Why do I need IT Security? Intrusion can be malicious or accidental Governments are concerned by terrorist acts Business is concerned by industrial espionage and theft Ex employees may have a grudge Current employees can be careless Computer viruses can attack PLCs Network intrusions are on the increase – The damage can be catastrophic
17 Peter Brown / IT Security for Industrial Automation How do I implement IT Security? CPNI recommendations Risk analysis and policies Industrial grade equipment PROFINET / PROFINET Security Guideline (ICS CERT recommendations) Industrial Security Homepage: http://www.industry.siemens.com/topics/global/en/industrial-security
18 Peter Brown / IT Security for Industrial Automation PROFINET Security Concept The PROFINET Security Concept From the PROFINET Security Guideline Network Architecture – Security Zones Trust Concept – within Zones Perimeter Defence – Firewall/VPN Provision of Confidentiality and Integrity Transparent Integration of Firewalls www.AllThingsPROFINET.com
19 Peter Brown / IT Security for Industrial Automation Security Zones Security Zone Communication based on trust within zone Trusted networks should be able to talk with each other Perimeter defense Local Security Measures E.g. Locked Ethernet ports, Networking equipment in cabinets Trusted Network Firewall
20 Peter Brown / IT Security for Industrial Automation …Using Industrial Firewalls Monitor incoming and outgoing data packets on the basis of predefined rules Only authorized connections are accepted Help to keep unwanted traffic out (e.g. Office Broadcasts) Rugged industrial design “Industrial like” administration Built-in VPN capabilities How to secure the Network…
21 Peter Brown / IT Security for Industrial Automation Linking Security Zones Data traffic control between network using security modules Encrypted data transmission between security modules Firewalls help to keep unwanted office traffic out as well ted Network Firewall Trusted Netw Firewall Corporate Network/Backbone VPN
22 Peter Brown / IT Security for Industrial Automation Secure Automation Cells (Zones) Complete plant security Secure automation cells Internet
23 Peter Brown / IT Security for Industrial Automation Connecting to the Outside World When connecting to the outside world, think about Security against Wrong address allocations Unauthorized access Spying Manipulation Different requirements in industrial applications in Networks architectures Performance and functions PROFINET leverages effective and certified security standards (VPN) e.g. IPSec
24 Peter Brown / IT Security for Industrial Automation Methods for Network Security Security issues and vulnerabilities need to be addressed There are many methods How can we address these vulnerabilities using these techniques: Firewall Protect against unauthorized access VLAN (Virtual Local Area Network) Logical network that operates on the basis of a physical network DMZ (De-Militarized Zone) Exchange data with external partners via safe areas VPN (Virtual Private Network) Secure tunnel between authenticated users
25 Peter Brown / IT Security for Industrial Automation Industrial Security – Everyone? ManagementOperators OEM/System integrators Component suppliers Requirements that operators of industrial automation systems must meet: Security guidelines and processes, Risk management in terms of security Information and document mgmt. etc. System-side requirements in terms of . Access protection, user control Data integrity and confidentiality Controlled data flow, etc. Requirements that components of an automation system must meet in terms of Product development processes Product functionalities Measures and processes that prevent unauthorized access of persons to the surrounding area of the plant Physical access protection for critical automation components (e.g. locked control cabinets)
26 Peter Brown / IT Security for Industrial Automation Industrial Security for Controllers / HMIs Logon Control – Central, plant-wide user administration. Deactivation of services – Most network services deactivated in our products in their basic configuration. Deactivation of hardware interfaces – The unused interfaces of HMI / Controller / Device can be deactivated via the configuration. Robust Communication – One of the system properties of our PROFINET devices is their robustness against large volumes of network traffic or faulty network packets. Encryption of the user program – Application code for the PLC / controller can be encrypted. Copy protection – Encryption protection can be supplemented with copy protection that prevents duplication of application code.
27 Peter Brown / IT Security for Industrial Automation Example of a “Cell” (Machine?)
28 Peter Brown / IT Security for Industrial Automation Passwords! Various Passwords are set by default: HMI: web server; default password = “100”. HMI: user “Administrator”; default password = “administrator”. Switches : user “Administrator”; default password = “administrator”.
29 Peter Brown / IT Security for Industrial Automation Monitoring of PROFINET / Networks for: Detection of changes Load monitoring Security monitoring Event-forwarding TAP BANY Agent (integrated TAP) BANY Agent (external TAP) MRP Industrial Service Station Continuous Network / Security Monitoring
30 Peter Brown / IT Security for Industrial Automation DCS/ SCADA* *DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition Plant Security Physical Security • Physical access to facilities and equipment Policies & procedures • Security management processes • Operational Guidelines • Business Continuity Management & Disaster Recovery Network Security Security cells & DMZ • Secure architecture based on network segmentation Firewalls and VPN • Implementationof Firewalls as the only access point to a security cell System Integrity System hardening • Adapting system to be secure by default User Account Management • Access control based on user rights and privileges Patch Management • Regular implementation of patches and updates Malware detection and prevention • Anti Virus and Whitelisting SecurityServices Industrial IT Security Any Questions?
31 Author / Title of the presentation Questions? 31

Recommandé

PROFIsafe and Trends - Pete Brown
PROFIsafe and Trends - Pete BrownPROFIsafe and Trends - Pete Brown
PROFIsafe and Trends - Pete BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Engineering with PROFIsafe - Peter Brown
Engineering with PROFIsafe - Peter BrownEngineering with PROFIsafe - Peter Brown
Engineering with PROFIsafe - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
PROFIsafe and Trends - Pete Brown - Siemens
PROFIsafe and Trends - Pete Brown - SiemensPROFIsafe and Trends - Pete Brown - Siemens
PROFIsafe and Trends - Pete Brown - SiemensPROFIBUS and PROFINET InternationaI - PI UK
 
Profisafe update - Pete Brown
Profisafe update - Pete BrownProfisafe update - Pete Brown
Profisafe update - Pete BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Safety for Automation and Control Networks - Peter Brown
Safety for Automation and Control Networks - Peter BrownSafety for Automation and Control Networks - Peter Brown
Safety for Automation and Control Networks - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
PROFINET of Things, IIoT and Industry 4 - Derek Lane
PROFINET of Things, IIoT and Industry 4 - Derek LanePROFINET of Things, IIoT and Industry 4 - Derek Lane
PROFINET of Things, IIoT and Industry 4 - Derek LanePROFIBUS and PROFINET InternationaI - PI UK
 
IIoT, Security and Ethernet Design - Peter Brown
IIoT, Security and Ethernet Design - Peter BrownIIoT, Security and Ethernet Design - Peter Brown
IIoT, Security and Ethernet Design - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Profinet system design - Andy Verwer
Profinet system design - Andy VerwerProfinet system design - Andy Verwer
Profinet system design - Andy VerwerPROFIBUS and PROFINET InternationaI - PI UK
 

Recommandé

PROFIsafe and Trends - Pete Brown
PROFIsafe and Trends - Pete BrownPROFIsafe and Trends - Pete Brown
PROFIsafe and Trends - Pete BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Engineering with PROFIsafe - Peter Brown
Engineering with PROFIsafe - Peter BrownEngineering with PROFIsafe - Peter Brown
Engineering with PROFIsafe - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
PROFIsafe and Trends - Pete Brown - Siemens
PROFIsafe and Trends - Pete Brown - SiemensPROFIsafe and Trends - Pete Brown - Siemens
PROFIsafe and Trends - Pete Brown - SiemensPROFIBUS and PROFINET InternationaI - PI UK
 
Profisafe update - Pete Brown
Profisafe update - Pete BrownProfisafe update - Pete Brown
Profisafe update - Pete BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Safety for Automation and Control Networks - Peter Brown
Safety for Automation and Control Networks - Peter BrownSafety for Automation and Control Networks - Peter Brown
Safety for Automation and Control Networks - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
PROFINET of Things, IIoT and Industry 4 - Derek Lane
PROFINET of Things, IIoT and Industry 4 - Derek LanePROFINET of Things, IIoT and Industry 4 - Derek Lane
PROFINET of Things, IIoT and Industry 4 - Derek LanePROFIBUS and PROFINET InternationaI - PI UK
 
IIoT, Security and Ethernet Design - Peter Brown
IIoT, Security and Ethernet Design - Peter BrownIIoT, Security and Ethernet Design - Peter Brown
IIoT, Security and Ethernet Design - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Profinet system design - Andy Verwer
Profinet system design - Andy VerwerProfinet system design - Andy Verwer
Profinet system design - Andy VerwerPROFIBUS and PROFINET InternationaI - PI UK
 
Profibus system engineering and monitoring - Andy Verwer
Profibus system engineering and monitoring - Andy VerwerProfibus system engineering and monitoring - Andy Verwer
Profibus system engineering and monitoring - Andy VerwerPROFIBUS and PROFINET InternationaI - PI UK
 
PROFIBUS and PROFINET device configuration - Phil Waterworth
PROFIBUS and PROFINET device configuration - Phil WaterworthPROFIBUS and PROFINET device configuration - Phil Waterworth
PROFIBUS and PROFINET device configuration - Phil WaterworthPROFIBUS and PROFINET InternationaI - PI UK
 
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...PROFIBUS and PROFINET InternationaI - PI UK
 
C11 PROFIsafe, considerations for functional safety and security - Pete Bro...
C11 PROFIsafe, considerations for functional safety and security - Pete Bro...C11 PROFIsafe, considerations for functional safety and security - Pete Bro...
C11 PROFIsafe, considerations for functional safety and security - Pete Bro...PROFIBUS and PROFINET InternationaI - PI UK
 
Industry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter BrownIndustry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
Profibus and Profinet system design - Andy Verwer
Profibus and Profinet system design - Andy VerwerProfibus and Profinet system design - Andy Verwer
Profibus and Profinet system design - Andy VerwerPROFIBUS and PROFINET InternationaI - PI UK
 
System design for the process industry - Andy Verwer
System design for the process industry - Andy VerwerSystem design for the process industry - Andy Verwer
System design for the process industry - Andy VerwerPROFIBUS and PROFINET InternationaI - PI UK
 
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...PROFIBUS and PROFINET InternationaI - PI UK
 
Profibus PA device configuration - Andy Smith
Profibus PA device configuration - Andy SmithProfibus PA device configuration - Andy Smith
Profibus PA device configuration - Andy SmithPROFIBUS and PROFINET InternationaI - PI UK
 
PROFINET network diagnostics and support - May 2020 - Peter Thomas
PROFINET network diagnostics and support - May 2020 - Peter ThomasPROFINET network diagnostics and support - May 2020 - Peter Thomas
PROFINET network diagnostics and support - May 2020 - Peter ThomasPROFIBUS and PROFINET InternationaI - PI UK
 
Profinet implementation and testing - Dave Tomlin and Xing Ye
Profinet implementation and testing - Dave Tomlin and Xing YeProfinet implementation and testing - Dave Tomlin and Xing Ye
Profinet implementation and testing - Dave Tomlin and Xing YePROFIBUS and PROFINET InternationaI - PI UK
 
Profibus network health checking and monitoring andy verwer
Profibus network health checking and monitoring andy verwerProfibus network health checking and monitoring andy verwer
Profibus network health checking and monitoring andy verwerPROFIBUS and PROFINET InternationaI - PI UK
 
PROFIBUS commissioning and maintenance - Richard Needham
PROFIBUS commissioning and maintenance - Richard NeedhamPROFIBUS commissioning and maintenance - Richard Needham
PROFIBUS commissioning and maintenance - Richard NeedhamPROFIBUS and PROFINET InternationaI - PI UK
 
EMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
EMC in Industrial Automation Systems webinar - May 2020 - Peter ThomasEMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
EMC in Industrial Automation Systems webinar - May 2020 - Peter ThomasPROFIBUS and PROFINET InternationaI - PI UK
 
Profinet in process automation - Peter Brown
Profinet in process automation - Peter BrownProfinet in process automation - Peter Brown
Profinet in process automation - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
PROFIBUS and PROFINET system design for the process industry - Andy Verwer
PROFIBUS and PROFINET system design for the process industry - Andy VerwerPROFIBUS and PROFINET system design for the process industry - Andy Verwer
PROFIBUS and PROFINET system design for the process industry - Andy VerwerPROFIBUS and PROFINET InternationaI - PI UK
 
Introduction to Profibus & Profinet - Mark Freeman
Introduction to Profibus & Profinet - Mark FreemanIntroduction to Profibus & Profinet - Mark Freeman
Introduction to Profibus & Profinet - Mark FreemanPROFIBUS and PROFINET InternationaI - PI UK
 
10 Good Reasons to use PROFINET
10 Good Reasons to use PROFINET10 Good Reasons to use PROFINET
10 Good Reasons to use PROFINETPROFIBUS and PROFINET InternationaI - PI UK
 
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...PROFIBUS and PROFINET InternationaI - PI UK
 
PI Technologies for Process Automation
PI Technologies for Process AutomationPI Technologies for Process Automation
PI Technologies for Process AutomationPROFIBUS and PROFINET InternationaI - PI UK
 
W4 profinet frame analysis handout, peter thomas
W4 profinet frame analysis handout, peter thomasW4 profinet frame analysis handout, peter thomas
W4 profinet frame analysis handout, peter thomasPROFIBUS and PROFINET InternationaI - PI UK
 
C4 small scale pa application, james powell
C4 small scale pa application, james powellC4 small scale pa application, james powell
C4 small scale pa application, james powellPROFIBUS and PROFINET InternationaI - PI UK
 

Contenu connexe

Tendances

Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...PROFIBUS and PROFINET InternationaI - PI UK
 
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...PROFIBUS and PROFINET InternationaI - PI UK
 
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...PROFIBUS and PROFINET InternationaI - PI UK
 

Tendances (20)

Profibus system engineering and monitoring - Andy Verwer
Profibus system engineering and monitoring - Andy VerwerProfibus system engineering and monitoring - Andy Verwer
Profibus system engineering and monitoring - Andy Verwer
 
PROFIBUS and PROFINET device configuration - Phil Waterworth
PROFIBUS and PROFINET device configuration - Phil WaterworthPROFIBUS and PROFINET device configuration - Phil Waterworth
PROFIBUS and PROFINET device configuration - Phil Waterworth
 
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
Introduction to PROFIBUS international and the basics of PROFIBUS and PROFINE...
 
C11 PROFIsafe, considerations for functional safety and security - Pete Bro...
C11 PROFIsafe, considerations for functional safety and security - Pete Bro...C11 PROFIsafe, considerations for functional safety and security - Pete Bro...
C11 PROFIsafe, considerations for functional safety and security - Pete Bro...
 
Industry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter BrownIndustry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter Brown
 
Profibus and Profinet system design - Andy Verwer
Profibus and Profinet system design - Andy VerwerProfibus and Profinet system design - Andy Verwer
Profibus and Profinet system design - Andy Verwer
 
System design for the process industry - Andy Verwer
System design for the process industry - Andy VerwerSystem design for the process industry - Andy Verwer
System design for the process industry - Andy Verwer
 
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
Practical aspects of PROFIBUS, PROFINET and IO-Link seminar introduction - Ma...
 
Profibus PA device configuration - Andy Smith
Profibus PA device configuration - Andy SmithProfibus PA device configuration - Andy Smith
Profibus PA device configuration - Andy Smith
 
PROFINET network diagnostics and support - May 2020 - Peter Thomas
PROFINET network diagnostics and support - May 2020 - Peter ThomasPROFINET network diagnostics and support - May 2020 - Peter Thomas
PROFINET network diagnostics and support - May 2020 - Peter Thomas
 
Profinet implementation and testing - Dave Tomlin and Xing Ye
Profinet implementation and testing - Dave Tomlin and Xing YeProfinet implementation and testing - Dave Tomlin and Xing Ye
Profinet implementation and testing - Dave Tomlin and Xing Ye
 
Profibus network health checking and monitoring andy verwer
Profibus network health checking and monitoring andy verwerProfibus network health checking and monitoring andy verwer
Profibus network health checking and monitoring andy verwer
 
PROFIBUS commissioning and maintenance - Richard Needham
PROFIBUS commissioning and maintenance - Richard NeedhamPROFIBUS commissioning and maintenance - Richard Needham
PROFIBUS commissioning and maintenance - Richard Needham
 
EMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
EMC in Industrial Automation Systems webinar - May 2020 - Peter ThomasEMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
EMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
 
Profinet in process automation - Peter Brown
Profinet in process automation - Peter BrownProfinet in process automation - Peter Brown
Profinet in process automation - Peter Brown
 
PROFIBUS and PROFINET system design for the process industry - Andy Verwer
PROFIBUS and PROFINET system design for the process industry - Andy VerwerPROFIBUS and PROFINET system design for the process industry - Andy Verwer
PROFIBUS and PROFINET system design for the process industry - Andy Verwer
 
Introduction to Profibus & Profinet - Mark Freeman
Introduction to Profibus & Profinet - Mark FreemanIntroduction to Profibus & Profinet - Mark Freeman
Introduction to Profibus & Profinet - Mark Freeman
 
10 Good Reasons to use PROFINET
10 Good Reasons to use PROFINET10 Good Reasons to use PROFINET
10 Good Reasons to use PROFINET
 
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
2. Digital Communications Networks - PROFIBUS and PROFINET technologies - Phi...
 
PI Technologies for Process Automation
PI Technologies for Process AutomationPI Technologies for Process Automation
PI Technologies for Process Automation
 

En vedette

Industrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesIndustrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesStephane Potier
 
IEEE Conference - Industrial Ethernet
IEEE Conference - Industrial EthernetIEEE Conference - Industrial Ethernet
IEEE Conference - Industrial EthernetMike Nager
 

En vedette (20)

W4 profinet frame analysis handout, peter thomas
W4 profinet frame analysis handout, peter thomasW4 profinet frame analysis handout, peter thomas
W4 profinet frame analysis handout, peter thomas
 
C4 small scale pa application, james powell
C4 small scale pa application, james powellC4 small scale pa application, james powell
C4 small scale pa application, james powell
 
Updates on Profibus and Profinet technology karsten schneider
Updates on Profibus and Profinet technology karsten schneiderUpdates on Profibus and Profinet technology karsten schneider
Updates on Profibus and Profinet technology karsten schneider
 
State of the nation keynote address by brian holliday
State of the nation keynote address by brian hollidayState of the nation keynote address by brian holliday
State of the nation keynote address by brian holliday
 
C5 wimes and spd, david bray
C5 wimes and spd, david brayC5 wimes and spd, david bray
C5 wimes and spd, david bray
 
W5a profibus pa device configuration using fdt, andy smith
W5a profibus pa device configuration using fdt, andy smithW5a profibus pa device configuration using fdt, andy smith
W5a profibus pa device configuration using fdt, andy smith
 
W2 profibus health monitoring dale fittes, hitex
W2 profibus health monitoring dale fittes, hitexW2 profibus health monitoring dale fittes, hitex
W2 profibus health monitoring dale fittes, hitex
 
C3 profibus profiles, steffen ochsenreither
C3 profibus profiles, steffen ochsenreitherC3 profibus profiles, steffen ochsenreither
C3 profibus profiles, steffen ochsenreither
 
Profibus device configuration and commissioning using fdtdtm and eddl tools ...
Profibus device configuration and commissioning using fdtdtm and eddl tools ...Profibus device configuration and commissioning using fdtdtm and eddl tools ...
Profibus device configuration and commissioning using fdtdtm and eddl tools ...
 
Industrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologiesIndustrial Ethernet Facts - The 5 major technologies
Industrial Ethernet Facts - The 5 major technologies
 
W1 profibus configuration, andy verwer
W1 profibus configuration, andy verwerW1 profibus configuration, andy verwer
W1 profibus configuration, andy verwer
 
PROFIBUS frame analysis - Peter Thomas of Control Specialists
PROFIBUS frame analysis - Peter Thomas of Control SpecialistsPROFIBUS frame analysis - Peter Thomas of Control Specialists
PROFIBUS frame analysis - Peter Thomas of Control Specialists
 
Profibus project management, design and component selection andy smith
Profibus project management, design and component selection andy smithProfibus project management, design and component selection andy smith
Profibus project management, design and component selection andy smith
 
C1 profinet design, pete brown
C1 profinet design, pete brownC1 profinet design, pete brown
C1 profinet design, pete brown
 
IEEE Conference - Industrial Ethernet
IEEE Conference - Industrial EthernetIEEE Conference - Industrial Ethernet
IEEE Conference - Industrial Ethernet
 
C6 profibus system design, andy verwer
C6 profibus system design, andy verwerC6 profibus system design, andy verwer
C6 profibus system design, andy verwer
 
Profibus and Profinet system design - Andy Verwer
Profibus and Profinet system design - Andy VerwerProfibus and Profinet system design - Andy Verwer
Profibus and Profinet system design - Andy Verwer
 
PROFIBUS and PROFINET update - Mark Freeman of Siemens A&D
PROFIBUS and PROFINET update - Mark Freeman of Siemens A&DPROFIBUS and PROFINET update - Mark Freeman of Siemens A&D
PROFIBUS and PROFINET update - Mark Freeman of Siemens A&D
 
W4 profinet frame analysis, peter thomas
W4 profinet frame analysis, peter thomasW4 profinet frame analysis, peter thomas
W4 profinet frame analysis, peter thomas
 
Introduction to PROFINET - Derek Lane of Wago
Introduction to PROFINET - Derek Lane of WagoIntroduction to PROFINET - Derek Lane of Wago
Introduction to PROFINET - Derek Lane of Wago
 

Similaire à PROFIsafe and IT security - Peter Brown of Siemens A&D

The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended Larry Vandenaweele
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Key Tips for Using and Operating Safety Networks
Key Tips for Using and Operating Safety NetworksKey Tips for Using and Operating Safety Networks
Key Tips for Using and Operating Safety NetworksDesign World
 
Taking a closer look at level 0 and level 1 security
Taking a closer look at level 0 and level 1 securityTaking a closer look at level 0 and level 1 security
Taking a closer look at level 0 and level 1 securityMatt Loong
 
Brochure industrial security-en
Brochure industrial security-enBrochure industrial security-en
Brochure industrial security-enVahid RG-zadeh
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Schneider Electric
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Follow Electrical Safety ,Networking andAutomation (Guide)
Follow Electrical Safety ,Networking andAutomation (Guide)Follow Electrical Safety ,Networking andAutomation (Guide)
Follow Electrical Safety ,Networking andAutomation (Guide)Mahesh Chandra Manav
 
Link vue system pvt ltd Offer Electrical Safety and Building Automation
Link vue system pvt ltd Offer Electrical Safety and Building AutomationLink vue system pvt ltd Offer Electrical Safety and Building Automation
Link vue system pvt ltd Offer Electrical Safety and Building AutomationMahesh Chandra Manav
 
IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)
IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)
IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)sequi_inc
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Brochure network security-en
Brochure network security-enBrochure network security-en
Brochure network security-ensandeep1721
 
Link vue system pvt ltd product catalouge 2021 -
Link vue system pvt ltd product catalouge 2021 -Link vue system pvt ltd product catalouge 2021 -
Link vue system pvt ltd product catalouge 2021 -Mahesh Chandra Manav
 

Similaire à PROFIsafe and IT security - Peter Brown of Siemens A&D (20)

Current trends involving PROFIsafe - Peter Brown
Current trends involving PROFIsafe - Peter BrownCurrent trends involving PROFIsafe - Peter Brown
Current trends involving PROFIsafe - Peter Brown
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Profinet security and safety update - Peter Brown
Profinet security and safety update - Peter BrownProfinet security and safety update - Peter Brown
Profinet security and safety update - Peter Brown
 
Key Tips for Using and Operating Safety Networks
Key Tips for Using and Operating Safety NetworksKey Tips for Using and Operating Safety Networks
Key Tips for Using and Operating Safety Networks
 
Taking a closer look at level 0 and level 1 security
Taking a closer look at level 0 and level 1 securityTaking a closer look at level 0 and level 1 security
Taking a closer look at level 0 and level 1 security
 
Brochure industrial security-en
Brochure industrial security-enBrochure industrial security-en
Brochure industrial security-en
 
Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls Are your industrial networks protected...Ethernet Security Firewalls
Are your industrial networks protected...Ethernet Security Firewalls
 
W02 Profinet benefits workshop - Andy Williams, Siemens
W02 Profinet benefits workshop - Andy Williams, SiemensW02 Profinet benefits workshop - Andy Williams, Siemens
W02 Profinet benefits workshop - Andy Williams, Siemens
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Follow Electrical Safety ,Networking andAutomation (Guide)
Follow Electrical Safety ,Networking andAutomation (Guide)Follow Electrical Safety ,Networking andAutomation (Guide)
Follow Electrical Safety ,Networking andAutomation (Guide)
 
Link vue system pvt ltd Offer Electrical Safety and Building Automation
Link vue system pvt ltd Offer Electrical Safety and Building AutomationLink vue system pvt ltd Offer Electrical Safety and Building Automation
Link vue system pvt ltd Offer Electrical Safety and Building Automation
 
IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)
IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)
IEEE Standard for Securing Legacy Scada Protocols (Sequi, Inc)
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Brochure network security-en
Brochure network security-enBrochure network security-en
Brochure network security-en
 
Link vue system pvt ltd product catalouge 2021 -
Link vue system pvt ltd product catalouge 2021 -Link vue system pvt ltd product catalouge 2021 -
Link vue system pvt ltd product catalouge 2021 -
 
PROFIBUS maintenance & monitoring in Process Automation - Andy Verwer and Da...
PROFIBUS maintenance & monitoring in Process Automation - Andy Verwer and Da...PROFIBUS maintenance & monitoring in Process Automation - Andy Verwer and Da...
PROFIBUS maintenance & monitoring in Process Automation - Andy Verwer and Da...
 
Kerberos
KerberosKerberos
Kerberos
 

Plus de PROFIBUS and PROFINET InternationaI - PI UK

Plus de PROFIBUS and PROFINET InternationaI - PI UK (20)

11. PI_Ford_Dunton_IOLINK_Safety.pdf
11. PI_Ford_Dunton_IOLINK_Safety.pdf11. PI_Ford_Dunton_IOLINK_Safety.pdf
11. PI_Ford_Dunton_IOLINK_Safety.pdf
 
7. Ford_Dunton_TSN_CRM.pdf
7. Ford_Dunton_TSN_CRM.pdf7. Ford_Dunton_TSN_CRM.pdf
7. Ford_Dunton_TSN_CRM.pdf
 
6. SRCI Profibus International v2.pdf
6. SRCI Profibus International v2.pdf6. SRCI Profibus International v2.pdf
6. SRCI Profibus International v2.pdf
 
13. CEMA - AUTOMOTIVE.pdf
13. CEMA - AUTOMOTIVE.pdf13. CEMA - AUTOMOTIVE.pdf
13. CEMA - AUTOMOTIVE.pdf
 
12. PI_OPC_UK.pdf
12. PI_OPC_UK.pdf12. PI_OPC_UK.pdf
12. PI_OPC_UK.pdf
 
4. APL PI Presentation 2023.pdf
4. APL PI Presentation 2023.pdf4. APL PI Presentation 2023.pdf
4. APL PI Presentation 2023.pdf
 
10. PI_Dunton - OT Security.pdf
10. PI_Dunton - OT Security.pdf10. PI_Dunton - OT Security.pdf
10. PI_Dunton - OT Security.pdf
 
9. PA DIM presentation.pdf
9. PA DIM presentation.pdf9. PA DIM presentation.pdf
9. PA DIM presentation.pdf
 
3. Ford Dunton Mark Freeman.pdf
3. Ford Dunton Mark Freeman.pdf3. Ford Dunton Mark Freeman.pdf
3. Ford Dunton Mark Freeman.pdf
 
2. Ford_Dunton_Introductions_CRM.pdf
2. Ford_Dunton_Introductions_CRM.pdf2. Ford_Dunton_Introductions_CRM.pdf
2. Ford_Dunton_Introductions_CRM.pdf
 
PI UK Seminar (Nov 2021) - Online Certified Training Courses
PI UK Seminar (Nov 2021) - Online Certified Training CoursesPI UK Seminar (Nov 2021) - Online Certified Training Courses
PI UK Seminar (Nov 2021) - Online Certified Training Courses
 
PI UK Seminar (Nov 2021) - PROFINET Implementation and Testing
PI UK Seminar (Nov 2021) - PROFINET Implementation and TestingPI UK Seminar (Nov 2021) - PROFINET Implementation and Testing
PI UK Seminar (Nov 2021) - PROFINET Implementation and Testing
 
PI UK Seminar (Nov 2021) - PROFINET Design Basics
PI UK Seminar (Nov 2021) - PROFINET Design BasicsPI UK Seminar (Nov 2021) - PROFINET Design Basics
PI UK Seminar (Nov 2021) - PROFINET Design Basics
 
PI UK Seminar (Nov 2021) - PROFINET Gateways
PI UK Seminar (Nov 2021) - PROFINET GatewaysPI UK Seminar (Nov 2021) - PROFINET Gateways
PI UK Seminar (Nov 2021) - PROFINET Gateways
 
PI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device Configuration
PI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device ConfigurationPI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device Configuration
PI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device Configuration
 
PI UK Seminar (Nov 2021) - PROFINET of Things
PI UK Seminar (Nov 2021) - PROFINET of ThingsPI UK Seminar (Nov 2021) - PROFINET of Things
PI UK Seminar (Nov 2021) - PROFINET of Things
 
PI UK Seminar (Nov 2021) - Update on APL
PI UK Seminar (Nov 2021) - Update on APLPI UK Seminar (Nov 2021) - Update on APL
PI UK Seminar (Nov 2021) - Update on APL
 
PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020
PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020
PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020
 
PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020
PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020 PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020
PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020
 
Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0
 

Dernier

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 

Dernier (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

PROFIsafe and IT security - Peter Brown of Siemens A&D

  • 1. What is PROFIsafe and how does it work? Pete Brown Siemens I CS
  • 2. 2 Author / Title of the presentation “The condition of being safe; freedom from danger, risk, or injury.” In the UK (and Europe) this can cover many areas and industries, for example: Supply of Machinery (Safety) Regulations Electromagnetic Compatibility Regulations Electrical Equipment (Safety) Regulations Pressure Equipment Regulations Simple Pressure Vessels (Safety) Regulations Equipment and Protective Systems Intended for Use in Potentially Explosive Atmospheres Regulations Lifts Regulations Medical Devices Regulations Gas Appliances (Safety) Regulations Important: It is essential to have some form of risk assessment / risk analysis e.g. HAZAN / HAZID / HAZOP / RA to ISO 12100 What do we mean by “Safety”
  • 3. 3 Author / Title of the presentation Profibus DP Standard-Host/PLC F-Gate- way other Safety- Bus Repeater Standard-I/O Master-Slave Assignment F-Field- Device DP/PA Coexistence of standard and failsafe communication F-Host/FPLC Standard-I/O F-I/O Engineering Tool PG/ES with secure access e.g. Firewall TCP/IP F = Failsafe F-Sensor F-Actuator PROFIsafe – The Vision
  • 4. 4 Author / Title of the presentation "Black Channel": ASICs, Links, Cables, etc. Not safety relevant "PROFIsafe": Safety critical communications systems: Addressing, Watch Dog Timers, Sequencing, Signature, etc. Safety relevant, Not part of the PROFIsafe: Safety I/O / Safety Control Systems Non safety critical functions, e.g. diagnostics Standard- I /O Standard Control 1 2 7 1 2 7 1 2 7 1 2 7 1 2 7 Safety Input Safety Control Safety Output Safety-LayerSafety-LayerSafety-Layer e.g.. Diagnostics PROFIsafe – ISO/OSI Model
  • 5. 5 Author / Title of the presentation PROFIsafe – Add-on Strategy Standard engineering tool STEP 7 Standard CPU Standard PROFIBUS DP Standard Remote I/O Failsafe engineering Tool Distributed Safety Failsafe I/O Modules PROFIsafe Failsafe Application ProgramF-Hardware
  • 6. 6 Author / Title of the presentation Coexistence of standard program and safety- related program on one CPU Changes to the standard program have no effect on the integrity of the safety-related program section Standard program Safety program Standard program Back-up PROFIsafe - Program
  • 7. 7 Author / Title of the presentation Time redundancy and diversity replace complete redundancy Time redundancy Time Diverse Operation Operation Coding Comparison Diverse Operators Operators Diverse Output Output Stop by D /C D = /C CA, B /A, /B OR AND PROFIsafe – Coded Processing Coded Processing
  • 8. 8 Author / Title of the presentation “Blackchannel" PROFIsafe layer PROFIsafe layer Standard data Fail-safe data Standard bus protocol Standard data Fail-safe data Standard bus protocol PROFIBUS PROFINET PROFIsafe - Introduction Safety-oriented communication via PROFIsafe First standard of communication in accordance with safety standard IEC 61508 PROFIsafe supports safe communication for the open standard PROFIBUS and PROFINET The PROFIsafe meets possible faults like address error, delay, data loss with Serial numeration of PROFIsafe-telegram Time monitoring Authenticity monitoring via unique addresses Optimized CRC-checking PROFIsafe supports standard- and failsafe Communication by one medium
  • 9. 9 Author / Title of the presentation Failure type: Remedy: Consecutive Number Time Out with Receipt Codename for Sender and Receiver Data Consistency Check Repetition Deletion Insertion Resequencing Data Corruption Delay Masquerade (standard message mimics failsafe) Revolving memory failure within switches Overview: Possible Errors and detection mechanism PROFIsafe - Introduction
  • 10. 10 Author / Title of the presentation Which protocol must be supported ? IO- C F D O Actuator PROFINET -IO Device F D I F D O Sensor PROFIBUS. PROFIBUS DeviceModular Device Local bus F- Host PROFINET- PROFIBUS Link Encapsulation Encapsulation Encapsulation F-DI Fail-safe digital input F-DO Fail-safe digital output IO-C PROFINET IO-Controller PROFINET SWITCH PROFIsafe - Introduction
  • 11. 11 Author / Title of the presentation Which protocol version applies when ? PROFIsafe V2 Slave used in Protocol with 8Bit-Counter (= PROFIsafe V1 mode) Protocol with 24Bit-Counter (= PROFIsafe V2 mode) PROFIBUS network only mandatory mandatory PROFINET network only - mandatory PROFIBUS / PROFINET network mandatory mandatory Goal: 100% compatability A PROFIsafe slave which supports the v2 mode must be able to replace an older version of this PROFIsafe slave which only supports the v1 mode without the need of any adaption PROFIsafe - Introduction
  • 12. 12 Author / Title of the presentation DP MasterDP Master PROFINET – PROFIsafe V2 PROFIBUS – PROFIsafe V1 or V2 DP Slave V2DP Slave V2 I/OI/O--Device V2Device V2 DP Slave V1DP Slave V1 DP Slave V1DP Slave V1 Proxy OnlyOnly DP Slave V2DP Slave V2 V1 = PROFIsafe Profil V1V1 = PROFIsafe Profil V1 V2 = PROFIsafe Profil V2V2 = PROFIsafe Profil V2 Which protocol version applies when ? PROFIsafe - Introduction
  • 14. 14 Peter Brown / IT Security for Industrial Automation DCS/ SCADA* *DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition Potential Attack Plant Security Physical Security • Physical access to facilities and equipment Policies & Procedures • Security management processes • Operational Guidelines • Business Continuity Management & Disaster Recovery Network Security Security Zones & DMZ • Secure architecture based on network segmentation Firewalls and VPN • Implementationof Firewalls as the only access point to a security cell System Integrity System Hardening • Adapting system to be secure by default User Account Management • Access control based on user rights and privileges Patch Management • Regular implementation of patches and updates Malware Detection and Prevention • Anti Virus and Whitelisting Industrial IT Security
  • 15. 15 Peter Brown / IT Security for Industrial Automation What is IT Security? (Cyber/Network) Protection of computers and networks from intrusion and disruption With so many systems relying on networks this is critical The internet allows global connectivity and all its advantages These advantaged lead to vulnerability Security
  • 16. 16 Peter Brown / IT Security for Industrial Automation Why do I need IT Security? Intrusion can be malicious or accidental Governments are concerned by terrorist acts Business is concerned by industrial espionage and theft Ex employees may have a grudge Current employees can be careless Computer viruses can attack PLCs Network intrusions are on the increase – The damage can be catastrophic
  • 17. 17 Peter Brown / IT Security for Industrial Automation How do I implement IT Security? CPNI recommendations Risk analysis and policies Industrial grade equipment PROFINET / PROFINET Security Guideline (ICS CERT recommendations) Industrial Security Homepage: http://www.industry.siemens.com/topics/global/en/industrial-security
  • 18. 18 Peter Brown / IT Security for Industrial Automation PROFINET Security Concept The PROFINET Security Concept From the PROFINET Security Guideline Network Architecture – Security Zones Trust Concept – within Zones Perimeter Defence – Firewall/VPN Provision of Confidentiality and Integrity Transparent Integration of Firewalls www.AllThingsPROFINET.com
  • 19. 19 Peter Brown / IT Security for Industrial Automation Security Zones Security Zone Communication based on trust within zone Trusted networks should be able to talk with each other Perimeter defense Local Security Measures E.g. Locked Ethernet ports, Networking equipment in cabinets Trusted Network Firewall
  • 20. 20 Peter Brown / IT Security for Industrial Automation …Using Industrial Firewalls Monitor incoming and outgoing data packets on the basis of predefined rules Only authorized connections are accepted Help to keep unwanted traffic out (e.g. Office Broadcasts) Rugged industrial design “Industrial like” administration Built-in VPN capabilities How to secure the Network…
  • 21. 21 Peter Brown / IT Security for Industrial Automation Linking Security Zones Data traffic control between network using security modules Encrypted data transmission between security modules Firewalls help to keep unwanted office traffic out as well ted Network Firewall Trusted Netw Firewall Corporate Network/Backbone VPN
  • 22. 22 Peter Brown / IT Security for Industrial Automation Secure Automation Cells (Zones) Complete plant security Secure automation cells Internet
  • 23. 23 Peter Brown / IT Security for Industrial Automation Connecting to the Outside World When connecting to the outside world, think about Security against Wrong address allocations Unauthorized access Spying Manipulation Different requirements in industrial applications in Networks architectures Performance and functions PROFINET leverages effective and certified security standards (VPN) e.g. IPSec
  • 24. 24 Peter Brown / IT Security for Industrial Automation Methods for Network Security Security issues and vulnerabilities need to be addressed There are many methods How can we address these vulnerabilities using these techniques: Firewall Protect against unauthorized access VLAN (Virtual Local Area Network) Logical network that operates on the basis of a physical network DMZ (De-Militarized Zone) Exchange data with external partners via safe areas VPN (Virtual Private Network) Secure tunnel between authenticated users
  • 25. 25 Peter Brown / IT Security for Industrial Automation Industrial Security – Everyone? ManagementOperators OEM/System integrators Component suppliers Requirements that operators of industrial automation systems must meet: Security guidelines and processes, Risk management in terms of security Information and document mgmt. etc. System-side requirements in terms of . Access protection, user control Data integrity and confidentiality Controlled data flow, etc. Requirements that components of an automation system must meet in terms of Product development processes Product functionalities Measures and processes that prevent unauthorized access of persons to the surrounding area of the plant Physical access protection for critical automation components (e.g. locked control cabinets)
  • 26. 26 Peter Brown / IT Security for Industrial Automation Industrial Security for Controllers / HMIs Logon Control – Central, plant-wide user administration. Deactivation of services – Most network services deactivated in our products in their basic configuration. Deactivation of hardware interfaces – The unused interfaces of HMI / Controller / Device can be deactivated via the configuration. Robust Communication – One of the system properties of our PROFINET devices is their robustness against large volumes of network traffic or faulty network packets. Encryption of the user program – Application code for the PLC / controller can be encrypted. Copy protection – Encryption protection can be supplemented with copy protection that prevents duplication of application code.
  • 27. 27 Peter Brown / IT Security for Industrial Automation Example of a “Cell” (Machine?)
  • 28. 28 Peter Brown / IT Security for Industrial Automation Passwords! Various Passwords are set by default: HMI: web server; default password = “100”. HMI: user “Administrator”; default password = “administrator”. Switches : user “Administrator”; default password = “administrator”.
  • 29. 29 Peter Brown / IT Security for Industrial Automation Monitoring of PROFINET / Networks for: Detection of changes Load monitoring Security monitoring Event-forwarding TAP BANY Agent (integrated TAP) BANY Agent (external TAP) MRP Industrial Service Station Continuous Network / Security Monitoring
  • 30. 30 Peter Brown / IT Security for Industrial Automation DCS/ SCADA* *DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition Plant Security Physical Security • Physical access to facilities and equipment Policies & procedures • Security management processes • Operational Guidelines • Business Continuity Management & Disaster Recovery Network Security Security cells & DMZ • Secure architecture based on network segmentation Firewalls and VPN • Implementationof Firewalls as the only access point to a security cell System Integrity System hardening • Adapting system to be secure by default User Account Management • Access control based on user rights and privileges Patch Management • Regular implementation of patches and updates Malware detection and prevention • Anti Virus and Whitelisting SecurityServices Industrial IT Security Any Questions?
  • 31. 31 Author / Title of the presentation Questions? 31