The introduction of Ethernet Advanced Physical Layer (Ethernet-APL) products is revolutionizing automation by extending Internet Protocol (IP) networks down to field device levels. Unlike traditional sensor-level (fieldbus) networks, packet-based IP networks can handle greater data volumes and offer enhanced functionality and visibility for Ethernet-APL devices.
However, as nearly all networks, including the Internet, rely on packet-based communications, they inherit vulnerabilities that can have severe consequences beyond simple device reformatting, a contributing editor wrote in a recent article from partner publication Control.
Joe Weiss, a cybersecurity expert, emphasizes the critical need to address Level 0 vulnerabilities as packet-level communications become more integrated into operational technology. Implementing robust cybersecurity practices, such as those outlined in IEC 62443, is essential for protecting these advanced networks.
The alignment between emerging Ethernet-APL products and the development of security standards is promising for the industry. Organizations like the Industrial Ethernet Security Harmonization Group, comprising major standards bodies, are actively working to mitigate security risks.
Documents such as the OPC UA Security Model (IEC 62541-2) and OPC UA Role-Based Security (IEC 62541-18) are nearing completion, with publication targeted for early 2025. Additionally, regulatory frameworks, such as the European Union's NIS2 directive, mandate enhanced cybersecurity measures for entities operating critical infrastructures.