On the Security of IO-Link Wireless Communication in the Safety Domain
Publication date
2022-10-25
Document type
Conference paper
Author
Organisational unit
ISBN
Conference
2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA)
Book title
2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA 2022)
Part of the university bibliography
✅
Keyword
Cryptography and security
Computer science
Abstract
Security is an essential requirement of Industrial Control System (ICS)
environments and its underlying communication infrastructure. Especially the
lowest communication level within Supervisory Control and Data Acquisition
(SCADA) systems - the field level - commonly lacks security measures. Since
emerging wireless technologies within field level expose the lowest
communication infrastructure towards potential attackers, additional security
measures above the prevalent concept of air-gapped communication must be
considered. Therefore, this work analyzes security aspects for the wireless
communication protocol IO-LinkWireless (IOLW), which is commonly used for
sensor and actuator field level communication. A possible architecture for an
IOLW safety layer has already been presented recently. In this paper, the
overall attack surface of IOLW within its typical environment is analyzed and
attack preconditions are investigated to assess the effectiveness of different
security measures. Additionally, enhanced security measures are evaluated for
the communication systems and the results are summarized. Also, interference of
security measures and functional safety principles within the communication are
investigated, which do not necessarily complement one another but may also have
contradictory requirements. This work is intended to discuss and propose
enhancements of the IOLW standard with additional security considerations in
future implementations.
environments and its underlying communication infrastructure. Especially the
lowest communication level within Supervisory Control and Data Acquisition
(SCADA) systems - the field level - commonly lacks security measures. Since
emerging wireless technologies within field level expose the lowest
communication infrastructure towards potential attackers, additional security
measures above the prevalent concept of air-gapped communication must be
considered. Therefore, this work analyzes security aspects for the wireless
communication protocol IO-LinkWireless (IOLW), which is commonly used for
sensor and actuator field level communication. A possible architecture for an
IOLW safety layer has already been presented recently. In this paper, the
overall attack surface of IOLW within its typical environment is analyzed and
attack preconditions are investigated to assess the effectiveness of different
security measures. Additionally, enhanced security measures are evaluated for
the communication systems and the results are summarized. Also, interference of
security measures and functional safety principles within the communication are
investigated, which do not necessarily complement one another but may also have
contradictory requirements. This work is intended to discuss and propose
enhancements of the IOLW standard with additional security considerations in
future implementations.
Version
Not applicable (or unknown)
Access right on openHSU
Metadata only access