The increased exposure of industrial control systems to cyber threats and attacks demands for the deployment of adequate security countermeasures. Specialised firewalls, able to recognise and inspect traffic concerning special-purpose communication protocols adopted in industrial environments, are one of the basic solutions that have started spreading on the market. This paper deals with the performance evaluation of two commercial firewalls designed for industrial applications. Our analysis is mainly based on the measurement of typical parameters that are relevant for the considered application scenario. A more conventional device has also been considered in the experimental campaign so as to provide a reference comparison with a well-assessed and general-purpose product. In particular, the paper focuses on the firewall packet inspection capabilities for the Modbus/TCP protocol.
Performance of Firewalls for Industrial Applications
M Cheminod;L Durante;M Maggiora;A Valenzano;C Zunino
2016
Abstract
The increased exposure of industrial control systems to cyber threats and attacks demands for the deployment of adequate security countermeasures. Specialised firewalls, able to recognise and inspect traffic concerning special-purpose communication protocols adopted in industrial environments, are one of the basic solutions that have started spreading on the market. This paper deals with the performance evaluation of two commercial firewalls designed for industrial applications. Our analysis is mainly based on the measurement of typical parameters that are relevant for the considered application scenario. A more conventional device has also been considered in the experimental campaign so as to provide a reference comparison with a well-assessed and general-purpose product. In particular, the paper focuses on the firewall packet inspection capabilities for the Modbus/TCP protocol.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
