ODVA Announces CIP Security Enhancements to Support Resource-constrained ETHERNET/IP Devices – IEN Europe

ethernet odva ProxyEgg ODVA Announces CIP Security Enhancements to Support Resource-constrained ETHERNET/IP Devices - IEN Europe

On April 12, following the ODVA press conference, the organization announced a batch of three exciting news including the extension of EtherNet/IP network to in-cabinet resource-constrained devices, CIP Security Enhancements for resource-constrained devices, and ODVA moves to inclusive network and device terminology.

Despite the progress brought about by Industry 4.0 and the Industrial Internet of Things (IIoT), a large portion of the installed nodes in automation applications are still not using Ethernet. Limitations including cost, size, and power have historically been a hindrance to EtherNet/IP pushing out to the edge of the network. The recent integration of single pair Ethernet has opened up the door to overcoming lower-level device constraints and ultimately to expanding the footprint of EtherNet/IP. Adding simpler devices to EtherNet/IP allows for the benefits of additional remote diagnostics, asset information, and parameterization capability. The addition of more nodes to the network within the context of IT/OT convergence makes device level security a fundamental need to ensure that indispensable assets and people are protected from physical harm and monetary loss
 
The new CIP Security specification has added a Resource-constrained CIP Security Profile in addition to the EtherNet/IP Confidentiality and the CIP User Authentication Profiles. The Resource-constrained CIP Security Profile is similar to the EtherNet/IP Confidentiality Profile, but is streamlined for resource-constrained devices. The same basic security aspects of endpoint authentication, data confidentiality, and data authenticity remain. Access policy information is also included to allow a more capable device, such as a gateway, to be used as a proxy for user authentication and authorization of the resource constrained device. Implementation of CIP Security for resource-constrained devices requires only DTLS (Datagram Transport Layer Security) support instead of DTLS and TLS (Transport Layer Security), as it is used only with low-overhead UDP communication. 
 
“The continuous updating of CIP Security, including the recent addition of new security features for resource-constrained devices, provides EtherNet/IP devices an enhanced defensive posture to help protect against malicious industrial network intrusion”, stated Jack Visoky, EtherNet/IP System Architecture Special Interest Group (SIG) vice-chair. “The availability of CIP Security across more portions of the EtherNet/IP network helps end users to better safeguard vital automation applications. The addition of CIP Security for resource constrained EtherNet/IP devices is an essential step in securing the edge”, said Dr. Al Beydoun, President and Executive Director of ODVA.
 
The protections offered by CIP Security are now available for EtherNet/IP networks via a resource-constrained version of CIP Security that includes fewer mandatory features. This ensures that devices with the smallest power, size, and cost budgets can be secure and enjoy the communication and control advantages of being connected to an EtherNet/IP network. The latest CIP Security updates demonstrate the deep commitment of ODVA to maintain its position of device security leadership within the automation community. 

EtheNet/IP Network Extended to In-cabinet Resource-constrained Devices

 
Besides, ODVA announced that the EtherNet/IP Specification has been enhanced to allow vendors to bring the network to resource-constrained devices in-cabinet, including push buttons and contactors. Cost, size, and power restrictions have historically limited the usage of EtherNet/IP at the edge, where many nodes are still hardwired. However, the continued decrease in the cost of semiconductor chips has enabled increased connectivity of simple devices, as evidenced by the rapid expansion of the Industrial Internet of Things (IIoT). The sustained, strong growth of EtherNet/IP combined with accelerating IT/OT convergence has made it possible to deploy EtherNet/IP within cabinets on lower-level automation devices such as contactors and push buttons
 
The inclusion of resource-constrained devices within cabinets on an EtherNet/IP network is enabled by recently published enhancements to the EtherNet/IP Specification including the physical layer In-Cabinet Profile for EtherNet/IP along with low overhead UDP-only resource-constrained EtherNet/IP communication. Resource requirements have been reduced via enhancements such as an IT friendly LLDP node topology discovery mechanism, auto-commissioning support, and auto-device replacement support. Additionally, a specification for a new select line circuit facilitates the efficient delivery of system wide sequential commands. 
 
The EtherNet/IP in-cabinet bus solution reduces interface components through use of single pair Ethernet (IEEE Std 802.3cg-2019 10BASE-T1S) and reduces node cost via multidrop cabling that spans a single cabinet with one interface per device and one switch port that supports many devices. Cost is further reduced via cables that use composite network and control power to eliminate separate parallel runs. The select line for topology eliminates configuration switches by enabling discovery based on relative position and allows for direct connection with programming tools during assembly for parameterization. Assembly time is lowered by eliminating most wire or cable preparation with insulation displacement (piercing) connectors. Nodes will also be able to be replaced with compatible nodes of the same type during normal system operation without any engineering tools in a plug and play manner. 
 
“Expanding the connectivity of EtherNet/IP to include devices with the smallest physical footprint and most limited hardware resources opens up tremendous opportunity for further digital transformation within automation at the edge. The ability to obtain diagnostic, prognostic, and asset identity information remotely from more devices will further drive down incidents of unplanned downtime and improve the efficiency of existing assets“, said Dr. Al Beydoun, President and Executive Director of ODVA. “The connection of resource-constrained devices to EtherNet/IP increases the value of existing networks for end users and reduces the need for secondary lower-level networks and associated gateways.”
 
The extension of EtherNet/IP for in-cabinet resource-constrained devices will critically increase the return-on-investment of adding the simplest of in-panel devices to the digital network. This will be made possible through reduced hardware requirements enabled by UDP-only EtherNet/IP communication, usage of single pair Ethernet, and shared in-cabinet external power and cabling. Adding low-level in-panel devices to the network will allow the benefits of additional remote diagnostics, asset information and parameterization capability, automatic node topology discovery, and plug and play device replacement. The lowered cost and improved value of these devices along with the ability to use one seamless network for both constrained and non-constrained devices is a clear win for automation end users. 

 
ODVA Updates Terminology in Specifications to Help Create a more Inclusive Industry
 

Last, ODVA announced that the April 2021 publication of the DeviceNet® and ControlNet® Specifications have replaced the usage of the words ‘master’ and ‘slave’ within ODVA references. Developers of devices for ODVA networks will now utilize the words ‘client’ and ‘server’ (EtherNet/IP, including the integration of Modbus® devices), ‘controller’ and ‘device’ (DeviceNet), and ‘system time supervisor’ or ‘active keeper’ (ControlNet) to describe these functions. With the goal of eliminating terminology that is hurtful, these changes are the first in a series to update the entire library of ODVA specifications and documents to rectify the use of these terms. 
 
“ODVA strives to be on the cutting edge of open, interoperable information and communication technologies in industrial and process automation”, said Dr. Al Beydoun, President and Executive Director of ODVA. “ODVA’s intentional movement toward inclusive and accurate language throughout its specifications is a positive step in ensuring that industrial automation is a first choice for all professionals.”
 
As other organizations update terminology included in their publications, ODVA will update any normative references in the ODVA library of specifications. To obtain the April 2021 publication of any of the ODVA library of specifications and know more about CIP Security enhancements, visit www.odva.org.

Source of this news: https://www.ien.eu/article/odva-announces-cip-security-enhancements-to-support-resource-constrained-ethernetip-devices/

Related posts:

Migrate Lotus Notes to Office 365 in few steps - Best in Australia
Microsoft 365 aka Office 365 is getting the attention of many IT organizations due to the new advanced features and benefits it offers. It is continuously attracting small and large scale organizatio...
You know about 404 error codes, but what the heck is a 503? - CNET
Here's your guide to the sometimes mysterious world of 404s and beyond.  CNET Sure you've seen a 404 error code -- remember Twitter's infamous fail whale? -- but what about a 503? Or a 400 or 3...
Deposit - proxy utility by just STASH NETWORKS LIMITED instant AppAdvice
Put is a rule-based proxy program with multiple proxy method support. tutorial Handle TCP / UDP / ICMP traffic and simply forward to any proxy - Native UI dash to display HTTP / HTTPS / TCP re...
Detecting IcedID... Could It Be A Trickbot Copycat? - Marketscreener.com
IcedID is a banking trojan, it is designed to be stealthy and built to collect financial information. IcedID harvests user credentials and banking sessions to commit financial crimes, including ...
Top Cloud Computing Jobs in India to Apply This November - Analytics Insight
You can apply for these cloud computing  jobsCloud computing is the delivery of different services through the Internet. These resources include tools and applications like data storage, servers...
Contour S-1/A Caribou Biosciences, important StreetInsider. com
(3) Health, situation, and disability insurance to 401(k) retirement plan additions for which all regular full-time employees are eligible. Narrative Disclosure to Summary Réparation T...
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries - The Hacker News
A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japa...
"Human beings are cybersecurity's weakest link" - JAXenter
JAXenter: Considering recent security breaches, now more than ever, enterprises need to be focused on making security their first priority. What is the first action that companies should take when re...
3 Easy Steps to Hide Your Geo Location - GISuser.com
Reasons to Learn How Do I Hide My Geolocation? At present, Internet users often face difficulties while trying to access a certain resource or perform necessary action. Governments aim to restrict c...
Virus Concerns Complicate Capitol Hill's Return-to-Office Plans | Bloomberg Government - Bloomberg G...
Warnings that lawmakers should again don masks in response to the Covid-19 delta variant’s threat threw another monkey wrench into attempts to resume normal operations on Capitol Hill and raised fres...
Best VPN services to use in Thailand - The Thaiger
Due to a series of laws that censor websites and increase surveillance powers for local authorities, internet freedom has changed dramatically in Thailand. Over 100,000 websites are blocked in the co...
Credential Stuffing – Are You Doing Enough? - Infosecurity Magazine
Credentials stuffing attacks are nothing new, and are in fact one of the simplest attacks for hackers to launch. For script kiddies it can be one of the first things that they try for the thrill of s...
10 of the best Best (and Worst) Browsers for Privacy - WRCB-TV
Larger-than-life is a unique, secure web browser that streets ads, trackers, fingerprinting, cryptomining, and more. Epic routes every one of the web traffic through a proxy host that automatic...
Investigators Demonstrate New Way to Spot MITM Phishing Kits during Wild - The Hacker News
No fewer than 1, 230 Man-in-the-Middle (MitM) phishing world wide web have been discovered as looking for popular online services are fond of Instagram, Google, PayPal, Later on, Twitter, and L...
AgriFORCE Growing Systems Sets your dog's Sights on New Troublesome Agricultural IP in Proceed to Pu...
Imagine by Syahir Hakim within Pixabay Whether it be drought conditions, inefficiencies drawn from old classic practices or an incapability to gain the technical professor needed to c...
Apple will proxy Safe Browsing traffic on iOS 14.5 to hide user IPs from Google - ZDNet
Apple's upcoming iOS 14.5 release will ship with a feature that will re-route all Safari's Safe Browsing traffic through Apple-controlled proxy servers as a workaround to preserve user privacy and pr...
Cloud Foundry HTTP 2 Project Thwarted by GoLang Indifference - thenewstack.io
A project to bring HTTP/2 to the CloudFoundry application development platform ran into a roadblock when the keepers of the Go Language did not respond to requests, with sufficient swiftness anyway,...
What Is iCloud Private Relay and Is It Better than a VPN? - Beebom
When Apple announced iCloud+ at WWDC 2021 developer conference, one key feature that caught the attention of a lot of internet users was “iCloud Private Relay”. But what exactly is iCloud Private Rel...

IP Rotating Proxy Onsale

SPECIAL LIMITED TIME OFFER

00
Months
00
Days
00
Hours
00
Minutes
00
Seconds
First month free with coupon code FREE30