Ann Arbor, Michigan, USA – April 1, 2019 – ODVA has released its first round of specification enhancements to its technologies for 2019, which included specific enhancements to The EtherNet/IP™ Specification, including key updates to the CIP Security™ technology. ODVA’s biannual update of its network specifications helps enable end-users and OEMs to address an ever-increasing scope of industrial automation applications.

The goal of cybersecurity enhancements to EtherNet/IP is to extend a defense-in-depth architecture to network communications with and between ICS systems – and with and between ICS systems and edge devices. ODVA’s realization of this goal is the enhancement of the potential defensive capability of ICS systems and devices using EtherNet/IP by providing cybersecurity mechanisms that are native to EtherNet/IP and the Common Industrial Protocol (CIP™). The initial CIP Security specification was published in 2015, providing vendors the ability to improve the security of EtherNet/IP-connected devices by adding support for device authentication, data integrity, and data confidentiality. 

Since then, ODVA has made several key updates to CIP Security. Most notably, to continue to fulfill the desire from end users for easier initial commissioning of devices, CIP Security was enhanced to allow devices to perform certificate enrollment directly. In contrast to the practice of pushing certificates out from a configuration tool, this “pulling” functionality will allow devices to actively request certificates, resulting in improved productivity. The pulling of a certificate is accomplished using standard and proven IT technologies, furthering the ability to integrate IT and OT systems. The April 2019 edition of the CIP Security Specification continues the progression of the technology to increase efficiency with timeout responses, increase protection by allowing for a mandatory CIP Security connection for changes, and expand behaviors for certificate verification.

Work is ongoing for the next phase of development of CIP Security, which will add support for user authentication, non-repudiation, and device authorization, strengthening secure end-to-end communications between CIP endpoints. The ultimate roadmap of CIP Security development is to enable EtherNet/IP devices, and potential other types of devices using CIP, to become autonomous, taking responsibility for their own security and effectively securing themselves from attack.

ODVA publishes its specifications within a group of publications entitled The CIP Networks Library. Each specification is made up of one or more volumes of The CIP Networks Library. To learn more about ODVA technologies, visit www.odva.org.

About ODVA
ODVA is an international standards development and trade organization with members from the world’s leading automation suppliers. ODVA’s mission is to advance open, interoperable information and communication technologies for industrial automation. Its standards include the Common Industrial Protocol or “CIP™,” ODVA’s media independent network protocol – and industrial communication technologies including EtherNet/IP, DeviceNet and others. For interoperability of production systems and their integration with other systems, ODVA embraces the adoption of commercial-off-the-shelf, standard Internet and Ethernet technologies as a guiding principle. This principle is exemplified by EtherNet/IP – today’s leading industrial Ethernet network. Visit ODVA online at www.odva.org.

For more information, contact:

Adrienne Meyer
ODVA
4220 Varsity Drive, Suite A, Ann Arbor, MI 48108-5006 USA
TEL +1 734 975 8840
Fax +1 734 922 0027
gro.avdo@reyema


EtherNet/IP and CIP Security are trademarks of ODVA, Inc. Other trademarks are property of their respective owners.

 

Read this ODVA press release in:

Deutsch   |   Chinese   |   Japanese    | Korean