Security on the factory floor:Why and How?Why and How?How is security handled by Automation EngineersHow is security handled by Automation Engineers in their in Industrial Wireless applications

Bruno ForgueProSoft Technology SAS - Marketing Manager EMEA

Why do they go wireless?Reducing engineering and installation time & costs

I i ti ti (hi h li bilit )

Reducing Environment Impact (less hardware, copper…)

Improvingmachine performances (speed)

Increasing operation times (higher reliability)

Network engineering simplifiedInstallation made easier

Reducing Environment Impact (less hardware, copper…)

♦ Less to buy, transport, handle, manipulate, install…Network Reliability!♦ Communication breaks liquidated

Maintenance reduced♦ Cables, contact-rails, slip-rings

Moving sub-architectures♦ Rotating, linear…

DistanceDistance♦ Last kilometer…

Flexibility…

2 ETSI 6th Security WorkshopA03E‐09 ‐ 2011‐01‐19&20

Why do they need security?Safety and security of persons♦ Example: NemaSystems (high speed cranes)

Competition – industrial espionage♦ Example: Procter & Gamble (high speed bottling)

Terrorism/vandalism♦ Example: Lyonnaise des Eaux (SUEZ Environnement)

3 ETSI 6th Security WorkshopA03E‐09 ‐ 2011‐01‐19&20

No collision riskThe challenge: Use new machines at full speed♦ Increase uploading and downloading operations♦ Transparent integration with existing control systems

The need: 2 automatic cranes♦ Both doing the same handling operations♦ Moving along 220 m at high speed♦ One above the other, with no load collision

The solution: Safe wireless network solution

220 m

network solution ♦ High and reliable traffic of control data

on both crane networks (cable not a good fit).g )The benefits:

♦ Lower hardware and installation costs♦ Productivity increased +5 to +10%y♦ Operation costs decreased Monthly

savings

4 Wireless Congress 2010, Systems & Applications | Munich | 10‐11 Nov.2010‐Q4

No sniffing risk (competition)Challenges:♦ Rotation causes constant and

t i ti f th Eth tsevere twisting of the Ethernet cables

– Results in fatigue and failure

♦ Significant downtime attributed to cable bl h i d i

Wiredtroubleshooting and repair

♦ Use of heavy duty cabling and creative cable securing did not alleviate problems

♦ High data traffic was considered as potential limitation 1 fixed PLC; 16 moving PLCs

80 EtherNet/IP messages per RPI; High Speed g pto Wireless before analysis and tests (500 pps: 2 ms per Ethernet packet).

Results:♦ No modification of PLC programming was required

80 EtherNet/IP messages per RPI; High Speed

♦ No modification of PLC programming was required♦ No more downtime associated with communication

errors (Improved Network Reliability)♦ Strong buy-in from plant technicians

Wireless

♦ Rolled out to all lines♦ Selected radios offering higher security (802.11i)

than imposed by P&G IT security specialists

5 Wireless Congress 2010, Systems & Applications | Munich | 10‐11 Nov.2010‐Q4

No intrusion riskFresh water pumpingT f d t b tTransfer data between remote pumping stations (water wells)(water wells)Prohibitive cost of the wired optionSecurity & Reliability No intrusion (anti terrorismSecurity & Reliability – No intrusion (anti-terrorism French Plan)Easy configuration and maintenance – Must for nonEasy configuration and maintenance Must for non RF-specialists24/24 & 7/7 & 365/36524/24 & 7/7 & 365/365Low paperwork, security

6 Wireless Congress 2010, Systems & Applications | Munich | 10‐11 Nov.2010‐Q4

Originally: What first strategies?Strategies that were first implemented:♦ Proprietary wireless protocols (FHSS) and encryption♦ Proprietary transported protocols with encryption

MAC ID hit li t♦ MAC-ID white lists♦ ARC4 / WEP

A03E‐09 ‐ 2011‐01‐19&207 ETSI 6th Security Workshop

What Standard?802.11i (2004)♦ WAP♦ WAP2 (FIPS 140-2 compliant AES)

RADIUS♦ RADIUS

A03E‐09 ‐ 2011‐01‐19&208 ETSI 6th Security Workshop

What are they still missing?Standard strategies for detecting and identifying♦ external RF sources ♦ rogue radios

A03E‐09 ‐ 2011‐01‐19&209 ETSI 6th Security Workshop