A Review of PROFIBUS Protocol Vulnerabilities - Considerations for Implementing Authentication and Authorization Controls

Venesa Watson, Xinxin Lou, Yuan Gao

2017

Abstract

PROFIBUS is a standard for fieldbus communication, used in industrial networks to support real-time command and control. Similar to network protocols developed then, availability is the security objective prioritized in the PROFIBUS design. Confidentiality and integrity were of lesser importance, as industrial protocols were not intended for public access. However, the publicized weaknesses in industrial technologies, including the inclusion of publicly available technology and protocols in industrial networks, presents major risks to industrial networks. This paper investigates the security risks of and provides suggested security solutions for PROFIBUS. The objective is to review the PROFIBUS protocol, to establish the purposefulness of the design and its suitability for the applications where it forms a core part of the infrastructure. The security risks of this protocol are then assessed from successful and possible attacks, based on the vulnerabilities. Proposed security solutions are reviewed and additional recommendations made concerning the use of OPC UA, accompanied by an analysis of the cost of these solutions to the efficiency and safety of the PROFIBUS. The findings of this paper indicate that a defense-in-depth approach is more feasible security solution, with strong security controls being implemented at networks interconnecting with the PROFIBUS networks.

Download


Paper Citation


in Harvard Style

Watson V., Lou X. and Gao Y. (2017). A Review of PROFIBUS Protocol Vulnerabilities - Considerations for Implementing Authentication and Authorization Controls . In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 444-449. DOI: 10.5220/0006426504440449


in Bibtex Style

@conference{secrypt17,
author={Venesa Watson and Xinxin Lou and Yuan Gao},
title={A Review of PROFIBUS Protocol Vulnerabilities - Considerations for Implementing Authentication and Authorization Controls},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)},
year={2017},
pages={444-449},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006426504440449},
isbn={978-989-758-259-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
TI - A Review of PROFIBUS Protocol Vulnerabilities - Considerations for Implementing Authentication and Authorization Controls
SN - 978-989-758-259-2
AU - Watson V.
AU - Lou X.
AU - Gao Y.
PY - 2017
SP - 444
EP - 449
DO - 10.5220/0006426504440449