Intrusion Detection System for wide Automation Network Based on the Ethernet Compatible Communication Protocols

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F11%3APU93833" target="_blank" >RIV/00216305:26220/11:PU93833 - isvavai.cz</a>

Výsledek na webu

—

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

Intrusion Detection System for wide Automation Network Based on the Ethernet Compatible Communication Protocols

Popis výsledku v původním jazyce

This paper is focused on the description of importance, design, and implementation of the Intrusion Detection Systems for a new automation system based on the Ethernet communication protocol. Newly developed and designed automation networks for complex factory control are composed from several types of automation communication links with different communication protocols, but most of the factory middle layer and top layer communication networks are based on Ethernet communication protocol. Wide use of Ethernet communication protocol not only in IT, but also in automation field, brings not only advantages of easy implementation and interoperability between different automation communication networks, but also brings risks and vulnerabilities, well known form IT. Therefore security incidents are becoming more serious and more common not only in computer networks, but also in automation networks. Actual trends in automation networks are among others wide automation networks covering several manufacture divisions or remote controlling of automation networks through the Internet. Necessity of a remote connection to the automation networks covers all security vulnerabilities and risks, which originate from the Internet. Analogically with IT, an automation network can be secured by the conventional way through firewalls and VPN tunnels, but automation networks have several specific requirements on the QoS, against the IT networks. For this reason a new automation firewall device was defined, designed and tested. The new automation firewall includes messaging system for logging all events and alerts originates form automation network. IDMEF (Intrusion Detection Message Exchange Format) is used, as a basis for automation firewall messaging system.

Název v anglickém jazyce

Intrusion Detection System for wide Automation Network Based on the Ethernet Compatible Communication Protocols

Popis výsledku anglicky

This paper is focused on the description of importance, design, and implementation of the Intrusion Detection Systems for a new automation system based on the Ethernet communication protocol. Newly developed and designed automation networks for complex factory control are composed from several types of automation communication links with different communication protocols, but most of the factory middle layer and top layer communication networks are based on Ethernet communication protocol. Wide use of Ethernet communication protocol not only in IT, but also in automation field, brings not only advantages of easy implementation and interoperability between different automation communication networks, but also brings risks and vulnerabilities, well known form IT. Therefore security incidents are becoming more serious and more common not only in computer networks, but also in automation networks. Actual trends in automation networks are among others wide automation networks covering several manufacture divisions or remote controlling of automation networks through the Internet. Necessity of a remote connection to the automation networks covers all security vulnerabilities and risks, which originate from the Internet. Analogically with IT, an automation network can be secured by the conventional way through firewalls and VPN tunnels, but automation networks have several specific requirements on the QoS, against the IT networks. For this reason a new automation firewall device was defined, designed and tested. The new automation firewall includes messaging system for logging all events and alerts originates form automation network. IDMEF (Intrusion Detection Message Exchange Format) is used, as a basis for automation firewall messaging system.

Druh

D - Stať ve sborníku

CEP obor

JA - Elektronika a optoelektronika, elektrotechnika

OECD FORD obor

—

Projekt

<a href="/cs/project/2C08002" target="_blank" >2C08002: Výzkum univerzální a komplexní autentizace a autorizace pro pevné a mobilní počítačové sítě</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>Z - Vyzkumny zamer (s odkazem do CEZ)

Rok uplatnění

2011

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

ICONS 2011, The Sixth International Conference on Systems Proceedings

ISBN

978-1-61208-114-4

ISSN

—

e-ISSN

—

Počet stran výsledku

4

Strana od-do

95-98

Název nakladatele

Neuveden

Místo vydání

St. Maarten, The Netherlands Antilles

Místo konání akce

St. Maarten

Datum konání akce

23. 1. 2011

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—