Skip to Main Content
In this paper we show that it is possible to attack and gain control over PROFINET IO nodes and also that this can be done without any of the communicating peers detecting the attack. Analysis of attacks in both shared and packet switched networks show that the attacker can control the process data and thus the state of the machines connected to the I/O modules. As the security risks are increasing in automation with the level of vertical and horizontal integration, the concept of security modules is proposed towards a method to retrofit security in PROFINET IO. The concept of security modules can be applied without changing anything in the underlying transmission system and is extendable if and when new security threats are identified.