Multivendor demonstration to highlight benefits of integrating cybersecurity into EtherNet/IP installations

Ann Arbor, Michigan, USA — October 30, 2017 — ODVA announced that the organization will be debuting an EtherNet/IP™ demonstration with CIP Security™ in its exhibit at the SPS IPC Drives trade show in Nuremberg, Germany, to be held November 28-30, 2017.

The specifications for CIP Security were first published within The EtherNet/IP Specification in November 2015, allowing product manufacturers to begin designing solutions to allow users take additional steps to protect their industrial control systems with industry-proven techniques. CIP Security includes mechanisms to address spoofing of identity, tampering with data, and disclosing of information. Methods supported in CIP Security include device authorization, integrity of message transport and confidentiality of messages. To support these mechanisms, ODVA has adapted standards from the Internet Engineering Task Force (IETF) for encryption based on Transport Layer Security (TLS), Data Transport Layer Security (DTLS), and authentication based on the X.509v3 standard for certificate handling.

The CIP Security demonstration, built by ODVA members Danfoss, HMS Industrial Networks, and Rockwell Automation, shows this security mechanism working in a practical application. In this demonstration, the impact of a “man-in-the-middle” attack on both secured and unsecured EtherNet/IP nodes can be seen. The communication between a controller and the devices is intercepted and modifications to the transmitted data are attempted. The secured devices can defend against the attack and continue to operate as configured by the program in the controller. In contrast, the unsecured devices cannot differentiate between data coming from the original controller and data modified by the attacker. As a result, their function is disrupted. While the attack is in progress, an operator monitoring the machine continues to receive feedback that operation is within normal parameters.

“CIP Security provides an additional mechanism for machine builders to protect the intellectual property contained in their products and for end users to ensure that their assets continue to produce product in the face of an attack from a malicious party,” said Katherine Voss, ODVA president. “This mechanism can be seen – live – in this demonstration.”

The technology demonstrator can be viewed on the ODVA exhibit in Hall 2 at stand 410.  

About ODVA

Founded in 1995, ODVA is a global association whose members comprise the world’s leading automation companies. ODVA’s mission is to advance open, interoperable information and communication technologies in industrial automation. ODVA recognizes its media independent network protocol, the Common Industrial Protocol or “CIP” – and the network adaptations of CIP – EtherNet/IP, DeviceNet, CompoNet and ControlNet – as its core technology and the primary common interest of its membership. ODVA’s vision is to contribute to the sustainability and prosperity of the global community by transforming the model for information and communication technology in the industrial ecosystem. For future interoperability of production systems and the integration of the production systems with other systems, ODVA embraces the adoption of commercial-off-the-shelf (COTS) and standard, unmodified Internet and Ethernet technologies as a guiding principle wherever possible. This principle is exemplified by EtherNet/IP – the world’s number one industrial Ethernet network. For more information about ODVA, visit odva.org.

For more information, contact:

John Jackson
ODVA EMEA
gro.avdo@noskcajj

Adrienne Meyer
ODVA
+1 734.975.8840
gro.avdo@reyema

EtherNet/IP and CIP Security are trademarks of ODVA, Inc. All other trademarks are property of their respective owners.