In recent years, several important initiatives have appeared worldwide, aimed at bringing significant innovation in industrial networked systems (INSs). As an example, the Industry 4.0 and Factory of the Future frameworks are paving the way to modern intelligent factories, where issues such as the communication complexity between smart devices and system on-the-fly reconfiguration are dealt with in efficient and cost-effective manner. However, global connectivity also implies constant increase of cyber threats targeting industrial systems, so security must be considered since the very beginning when new appealing solutions need to be conceived. In this paper, we exploit the innovative Software Defined Networking (SDN) paradigm to introduce improvements in managing the network infrastructure of INSs, as this can help in reducing the management costs and complexity. In par- ticular, enhanced SDN functionalities are adopted, which are able to provide security support in additions to their native switching/routing functionalities. The paper also shows how this approach can overcome some limitations of many current INS security architectures. The feasibility of the proposed solution is confirmed by the development of a simple laboratory prototype based on commodity hardware, and used to obtain some prelim- inary evaluation of the achievable functionality and performance benefits.
Leveraging SDN To Improve Security in Industrial Networks
M Cheminod;L Durante;L Seno;F Valenza;A Valenzano;C Zunino
2017
Abstract
In recent years, several important initiatives have appeared worldwide, aimed at bringing significant innovation in industrial networked systems (INSs). As an example, the Industry 4.0 and Factory of the Future frameworks are paving the way to modern intelligent factories, where issues such as the communication complexity between smart devices and system on-the-fly reconfiguration are dealt with in efficient and cost-effective manner. However, global connectivity also implies constant increase of cyber threats targeting industrial systems, so security must be considered since the very beginning when new appealing solutions need to be conceived. In this paper, we exploit the innovative Software Defined Networking (SDN) paradigm to introduce improvements in managing the network infrastructure of INSs, as this can help in reducing the management costs and complexity. In par- ticular, enhanced SDN functionalities are adopted, which are able to provide security support in additions to their native switching/routing functionalities. The paper also shows how this approach can overcome some limitations of many current INS security architectures. The feasibility of the proposed solution is confirmed by the development of a simple laboratory prototype based on commodity hardware, and used to obtain some prelim- inary evaluation of the achievable functionality and performance benefits.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
