ARC's European Industry Forum, part of a series of successful global conferences in Europe, America and Asia, took place in Sitges (Barcelona), Spain, from 6 to 8 May 2024. The event offered 150 international participants from over 20 countries exclusive presentations and workshops on strategies and case studies aligned with this year's theme: “Managing Digital Transformation in the Era of AI, Open Architecture and Sustainability”.
APL & Cyber Security Panel
Network integration is a growing trend in the automation sector, with factory owners striving to integrate networks within their factories. This results in a seamless network structure, simplified monitoring, and reduced training efforts for personnel as they only need to deal with one integrated network technology. Integrated networks also bring benefits in terms of vertical integration within plants, where asset management systems, big data, and AI applications rely on accurate, time-stamped data from the field.
The Ethernet-Advanced Physical Layer (Ethernet-APL) is one piece of the puzzle for such converged networks, supporting various real-time protocols such as PROFINET, EtherNet, HART-IP, as well as the middleware protocol OPC UA. However, converged flat networks increase the attack surface: field devices with Ethernet interfaces have a small footprint in terms of memory size and computing power, making them an attractive target for cyber attackers. The panel will discuss a set of recommendations for the secure operation of converged networks in OT environments.
Professor Niemann gave a brief introduction to the APL topology, but the focus was on network convergence, where Ethernet protocols are extended to the sensor-actuator layer with APL. Both APL and PROFINET offer security mechanisms, although the specific features and implementations may differ. Because APL is a new technology that brings Ethernet connectivity to hazardous areas in the process industry, additional training is typically required for operators to understand and use APL safely.
When designing an APL topology, it is important to consider the relevant parts of the IEC 62443 standard related to network architecture, system integration, and security management. The specific chapters or parts of the IEC 62443 standard to consider will depend on the specific requirements of the APL topology being designed. Operational Technology (OT) security recommendations may differ when designing APL for greenfield and brownfield applications.
Integrity and authenticity of the boot process are important features to ensure that device firmware has not been tampered with by an attacker. Ethernet-APL field devices perform authenticity checks during the boot process to ensure that the device is not booted in an insecure or tampered state. APL field devices protect themselves against DoS attacks to maintain the critical functionality of the device.
ARC's European Industry Forum and Platform
We would like to thank our sponsors for supporting ARC EIF 2024 and all the speakers and presenters who made the event interesting, inspiring and memorable. The next Forum will take place in Sitges (Barcelona), Spain, from May 5th to 7th. For more information, please contact Ann-Kathrin Blech at mailto:ablech@arcweb.com.
