Industrial Network Protocol

Industrial network protocols are deployed throughout a typical ICS network architecture spanning wide-area networks, business networks, plant networks, supervisory networks, and fieldbus networks. Most of the protocols discussed have the ability to perform several functions across multiple network zones, and so will be referred to here more generically as industrial protocols. Industrial protocols are real-time communications protocols, developed to interconnect the systems, interfaces, and instruments that make up an industrial control system. Many were designed initially to communicate serially over RS-232/485 physical connections at low speeds (typ. 9.6 kbps to 38.4 kbps), but have since evolved to operate over Ethernet networks using routable protocols, such as TCP/IP and UDP/IP. Industrial protocols for the purposes of this book will be divided into two common categories: fieldbus and backend protocols. Fieldbus is used to represent a broad category of protocols that are commonly found in process and control. Beginning in the early 1980s, there was a push from ICS vendors and end users to establish a global fieldbus standard. This effort continued for over 20 years and resulted in the creation of a wide range of standards devoted to industrial protocols. The IEC 61158 standard was one of the early documents that established a base of eight different protocol sets called “types.” Some of the major protocols at that time (HART and Common Industrial Protocol or CIP to name a few) were missing from this list. The IEC 61784 standard was introduced in the early 2000s to amend the list originally contained in the IEC 61158 standard, and includes a total of nine protocol “profiles”:

FOUNDATION Fieldbus
PROFIBUS/PROFINET
CIP
P-NET
WorldFIP
INTERBUS
CC-Link
HART
SERCOS.1
Powerlink
RS232/RS485
I2C
FIPIO/FIPWAY
ControlNET
DeviceNET

Fieldbus protocols are commonly deployed to connect process-connected devices (e.g. sensors) to basic control devices (e.g. programmable logic controller or PLC), and control devices to supervisory systems (e.g. ICS server, human–machine interface or HMI, historian).

Backend protocols are those protocols that are commonly deployed on or above supervisory networks, and are used to provide efficient system-to-system communication, as opposed to data access. Examples of backend protocols include connecting a historian to an ICS server, connecting an ICS from one supplier to another supplier’s systems, or connecting two ICS operation control centers. There are literally dozens of industrial protocols, many developed by manufacturers for their specific purposes. The two fieldbus protocols analyzed include

Modicon Communication Bus (Modbus)
Distributed Network Protocol (DNP3)

OLE for Process Control (OPC) and the Inter-Control Center Protocol (ICCP, also referenced by standard IEC 60870-3 TASE.2 or Telecontrol Application Service Element). These particular protocols represent several unique qualities that are important to understand within the context of security. These unique qualities include the following:

Each is used in different (though sometimes overlapping) areas within an industrial network.
Each provides different methods of verifying data integrity and/or security.
The specialized requirements of industrial protocols (e.g. real-time, synchronous communication) often make them highly susceptible to disruption.

PROTOCOLS

Protocols allow information to be transmitted from one device or system to another device or system over the Internet, or over serial, Ethernet, or other local LANs for inter controller and controller to local application connectivity; they define the ways in which two separate connected entities may communicate with each other.

While HTTP is the standard protocol for the Web, there is no such standard for the Industrial Internet of Things. And it’s likely that no one protocol will emerge as a standard any time soon. The Web, at its most basic, needs only to communicate the location of information. But operational technology complicates communications because of the complexity of interacting with system-external environments, and the need for hi-speed transmission of signals. There are a number of protocols currently being used in Industrial IoT. Some of these include:

Protocol

Description

MQTT

A publish-subscribe protocol used over TCP/IP. Lightweight, low code footprint, minimal bandwidth.

CoAP

Constrained Application Protocol Application layer protocol used for constrained (low-power, low-memory, etc.) nodes and networks.

AMQP

Advanced Message Queuing Protocol Application layer, wire-level protocol that supports a variety of messaging patterns

HTTP/2

Updated version of Hypertext Transfer Protocol Built with HTTP 1.1 compatibility and performance enhancement in mind.

IPv6

Internet Protocol Version 6 Updated version of the Internet Protocol Version 4, necessary for assigning unique addresses to the rapidly growing number of machines connected to the Internet (due partially to the increase of Things and M2M connections).

6LoWPAN

IPv6 over Low power Wireless Personal Area Networks The 6LoWPAN group has defined encapsulation and header compression mechanisms that allow IPv6 packets to be sent and received over IEEE 802.15.4 based networks.