Visible to the public On the Security of IO-Link Wireless Communication in the Safety Domain

TitleOn the Security of IO-Link Wireless Communication in the Safety Domain
Publication TypeConference Paper
Year of Publication2022
AuthorsDoebbert, Thomas Robert, Fischer, Florian, Merli, Dominik, Scholl, Gerd
Conference Name2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA)
Keywordsactuator security, composability, industrial wireless networks, IO-Link Wireless, measurement uncertainty, Metrics, Protocols, pubcrawl, resilience, Resiliency, Safety, safety and security, SCADA systems, SCADA Systems Security, security, wireless networks, Wireless sensor networks
Abstract

Security is an essential requirement of Industrial Control System (ICS) environments and its underlying communication infrastructure. Especially the lowest communication level within Supervisory Control and Data Acquisition (SCADA) systems - the field level - commonly lacks security measures.Since emerging wireless technologies within field level expose the lowest communication infrastructure towards potential attackers, additional security measures above the prevalent concept of air-gapped communication must be considered.Therefore, this work analyzes security aspects for the wireless communication protocol IO-Link Wireless (IOLW), which is commonly used for sensor and actuator field level communication. A possible architecture for an IOLW safety layer has already been presented recently [1].In this paper, the overall attack surface of IOLW within its typical environment is analyzed and attack preconditions are investigated to assess the effectiveness of different security measures. Additionally, enhanced security measures are evaluated for the communication systems and the results are summarized. Also, interference of security measures and functional safety principles within the communication are investigated, which do not necessarily complement one another but may also have contradictory requirements.This work is intended to discuss and propose enhancements of the IOLW standard with additional security considerations in future implementations.

DOI10.1109/ETFA52439.2022.9921464
Citation Keydoebbert_security_2022