MRTC publications

Exploring Security in PROFINET IO

Authors:	Johan Åkerberg, Mats Björkman
Source:	33rd Annual IEEE International Computer Software and Applications Conference (COMPSAC), Seattle, USA

Abstract

In this paper we show that it is possible to attack and gain control over PROFINET IO nodes and also that this can be done without any of the communicating peers detecting the attack. Analysis of attacks in both shared and packet switched networks show that the attacker can control the process data and thus the state of the machines connected to the I/O modules. As the security risks are increasing in automation with the level of vertical and horizontal integration, the concept of security modules is proposed towards a method to retrofit security in PROFINET IO. The concept of security modules can be applied without changing anything in the underlying transmission system and is extendable if and when new security threats are identified.

BibTeX entry

@inproceedings{Åkerberg_1643:2009, author = {Johan {\AA}kerberg and Mats Bj{\"o}rkman}, title = {Exploring Security in PROFINET IO}, booktitle = {33rd Annual IEEE International Computer Software and Applications Conference (COMPSAC)}, month = {July}, year = {2009}, url = {http://www.mrtc.mdh.se/index.php?choice=publications&id=1643}, }

Mälardalen University |
Box 883 |
721 23 Västerås/Eskilstuna |
021-101300, 016-153600 |
webmaster |
Latest update: 2012.08.24