The communication function in industrial automation systems changed from a minor function to a key function the last decades. Availability, scalability, maintainability etc. are new requirements because of the change to key function. New functions means new and usually more technologies. But also the industrial automation depends more and more on the network because of this change.
One of the drawbacks of the growing communication function is that industrial automation systems are increasingly more open. This openness means a higher risks of a cyber-attack and because of that a higher need for cyber security.
Engineers, technicians that are responsible for industrial automation systems needs more insight in the network communication. Otherwise it is hard to design and/or maintain an industrial automation system.
Introduction of industrial network technology
Transmission media, access methods, MAC addressing, Ethernet message format, switching mechanisms
Network infrastructure devices hub, switch, router and gateway
Internet Protocol (IP), IP Adressierung, IP Subnetting, Routing, TCP, DNS
Network protocols ARP, ICMP, BOOTP, DHCP, SNMP, (R)STP, VLAN
Network diagnostics with Wireshark
Dangers in industrial networks
Security Concepts: Protection of end devices and networks; User-dependent network access; Encrypted communication in unprotected networks
Network Address Translation (NAT): IP-Masquerading; Port Forwarding; 1:1 NAT
Firewall: packet filter based on Mac addresses, IP addresses and port numbers; Stateful Package Inspection; Protection against denial-of-service attacks; Individual firewall rules for different users
Operating modes; Stealth; Router
Remote access via HTTPS
Recovery procedure; support tools
Virtual Private Network (VPN)
Authentication via pre-shared key (PSK) and X.509v3 certificates