Please use this identifier to cite or link to this item: https://doi.org/10.21256/zhaw-5010
Title: PROFINET Real-time protection layer : performance analysis of cryptographic and protocol processing overhead
Authors : Müller, Thomas
Doran, Hans
Published in : Proceedings of the 23rd International Conference on Emerging Technologies and Factory Automation (ETFA)
Conference details: 23rd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Torino, Italy, 4-7 September 2018
Publisher / Ed. Institution : IEEE
Issue Date: 25-Oct-2018
License (according to publishing contract) : Licence according to publishing contract
Type of review: Peer review (Publication)
Language : English
Subjects : Real-Time Ethernet; Automation Systems; Cryptography; Message Authentication
Subject (DDC) : 004: Computer science
Abstract: Recent times have seen an increasing demand for access to process-data from the field level through to the Internet. This vertical integration of industrial control systems into the IT infrastructure exhibits major drawbacks in the context of security. Such systems now suffer exposure to cyber security attacks well-known from the IT environment. Successful attacks on industrial control systems can lead to downtimes, malfunction of production machinery, cause financial damage and may present a hazard for human life and health. Current automation communication systems generally lack a comprehensive security concept. PROFINET is a widespread Industrial Ethernet standard, fulfilling general communication requirements on automation systems as well as explicit real-time requirements. We elaborate the challenges of protecting the realtime component of PROFINET. We specify the requirements and a concept for ensuring integrity and authenticity using a keyed-hash message authentication code (HMAC) in combination with the cryptographic hash algorithm SHA-3. With a proof of concept implementation of a PROFINET RT protection layer, the performance overhead for generation and transmission of this HMAC and other required data fields, e.g. to prevent replay attacks, could be analyzed. Based on these data the limitations of security technology on real-time systems were explored as was the optimization potential of hardware acceleration.
Departement: School of Engineering
Organisational Unit: Institute of Embedded Systems (InES)
Publication type: Conference Paper
DOI : 10.1109/ETFA.2018.8502670
10.21256/zhaw-5010
ISBN: 978-1-5386-7108-5
978-1-5386-7107-8
978-1-5386-7109-2
ISSN: 1946-0759
1946-0740
URI: https://digitalcollection.zhaw.ch/handle/11475/14879
Appears in Collections:Publikationen School of Engineering

Files in This Item:
File Description SizeFormat 
2018_Müller_PROFINET_Real_time_protection_layer.pdf432.09 kBAdobe PDFThumbnail
View/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.