Working Group Established for Enhanced Security
Guideline Formulation based on International Standards
Aiming at enhanced CC-Link IE security, the CC-Link Partner Association has established an expert working group to formulate guidelines. The guidelines are intended to realize not only safety countermeasures for the network itself, but also a format of multi-layer defense, including physical control, while achieving highly secure communication on a general-purpose IP base.
The newly established Security Working Group includes members from Belden-Hirschmann, Cisco Systems, Hilscher, HMS, MIND, Mitsubishi Electric, MOXA, and Panduit. The initial work involves creating guidelines for access control, information completeness and increased confidentiality for the protocols that enable cyclic communication of field equipment with general-purpose IP communication, namely CC-Link IE Field Network Basic and SLMP (Seamless Message Protocol) used as a common protocol for connecting Ethernet devices with CC-Link IE.
Industrial Ethernet using general-purpose IP communication for industrial networks has provided great benefits from maintenance and cost perspectives, but is also more susceptible to external attacks compared to dedicated protocols, due to its widely known structure. The Working Group aims to secure industrial Ethernet to the same level of security found with dedicated protocols, while maximizing the benefits of open access for users.
Equivalent Security to Dedicated Protocols
The guidelines are to be formulated based on International Standard IEC62443. IEC62443 is a standard defined for control system security, not only for field equipment or controllers but also the coverage of entire control systems including upper-level management systems. To achieve total security, the Working Group is taking a multi-layer defense approach, combining several countermeasures including physical access control. Specific examples of routers and switches as well as organization of usage applications are also under consideration.
- CC-Link Partner Association (CLPA)