Ethernet-based Control Systems Research Articles

Model-Based Stealth Attack to Networked Control System Based on Real-Time Ethernet

In this article, industrial control systems include networked control systems (NCS), which use real-time Ethernet (RTE) protocols since many years, well before the time sensitive networking initiative debut. Today, ethernet-based control systems are used all across Industry 4.0, including in critical applications, allowing for straight integration with information technology layers. Even if it is known that current RTE protocols do not have strong authentication or ciphering options, it is still very challenging to perform undetected cyber-attacks to these protocols while the NSC is in operation, in particular because such attacks must comply with very strict and small temporal constraints. In this article, a model-based attack is proposed for service degradation of NCS. The attack is carried out in real-time and it can remain undetected for the entire plant life. The attack can be applied to any RTE protocols and, without loss of generality, a detailed analysis of stealth techniques is provided for a specific real use case based on PROFINET. The experimental results demonstrate the feasibility of the proposed attack and its high effectiveness. The article also points out some possible future investigation directions in order to mitigate the attack.

Developing a New HSR Switching Node (SwitchBox) for Improving Traffic Performance in HSR Networks

High availability is crucial for industrial Ethernet networks as well as Ethernet-based control systems such as automation networks and substation automation systems (SAS). Since standard Ethernet does not support fault tolerance capability, the high availability of Ethernet networks can be increased by using redundancy protocols. Various redundancy protocols for Ethernet networks have been developed and standardized, such as rapid spanning tree protocol (RSTP), media redundancy protocol (MRP), parallel redundancy protocol (PRP), high-availability seamless redundancy (HSR) and others. RSTP and MRP have switchover delay drawbacks. PRP provides zero recovery time, but requires a duplicate network infrastructure. HSR operation is similar to PRP, but HSR uses a single network. However, the standard HSR protocol is mainly applied to ring-based topologies and generates excessively unnecessary redundant traffic in the network. In this paper, we develop a new switching node for the HSR protocol, called SwitchBox, which is used in HSR networks in order to support any network topology and significantly reduce redundant network traffic, including unicast, multicast and broadcast traffic, compared with standard HSR. By using the SwitchBox, HSR not only provides seamless communications with zero switchover time in case of failure, but it is also easily applied to any network topology and significantly reduces unnecessary redundant traffic in HSR networks.