ICS/SCADA Vulnerabilities | Securium Solutions Pvt Ltd

OT PROTOCOLS – #3

Hey Guys, Today we are going to discuss about the OT PROTOCOLS In our ICS/SCADA series of Blogs.

According to Purdue Model, We have Level 0, Level 1, Level 2, Level 3, Level 4, Level 5. Various Protocols works at various levels of OT Network over the Purdue Model.

Protocols Used in Level 4 and 5:

DCOM: Distributed Component Object Model
Microsoft’s proprietary Software that enables software components to communicate directly over a network reliably and securely.

DDE: Dynamic Data Exchange
It is used for IPC(Inter-Process Communication)

FTP/SFTP:
FTP Establishes a connection to the server or computer for sharing and transferring files. SFTP verifies the secured connection for information exchange.

GE-SRTP: Service Request Transport Protocol:
It is used to transfer data from PLCs, runs on a selected number of GE platforms PLCs that turns digital commands into physical actions.

IPv4/IPv6 : I think we don’t have to talk about this, hope everyone knows about these.

OPC: Open Platform Communications:
Set of Client/Server Protocols designed form the communication of real time data between data acquisition devices like PLCs and Interface devices like HMIs.

TCP/IP and Wi-FI:
TCP/IP for interconnection of networking devices over the network. Common Wi-Fi standard used in homes or companies.

PROTOCOLS USED IN LEVEL 3:
CC-LINK : Control and Communication Link, it enables devices from different manufacturers to communicate. It is used in Machine process control and building automation.

HSCP : Hybrid Secure Copy Protocol
Developed for transmitting larger file sizes at high speed on long distance and wideband infrastructure.

ICCP (IEC 60870-6) : Inter Control Center Communications Protocol provides set of standards and protocols for covering ICS or SCADA communication in power system automation.

IEC 61850 : Common protocol that enables interoperability and communications between the IEDs at electrical substations.

ISA/IEC 62443: Provides a flexible framework for addressing and mitigating current and future security vulnerabilities in industrial automation and control systems.

MODBUS: Serial Communication protocol that is used with PLCs and enables communication between many devices connected to the same network.

NTP: Network Time Protocol for clock synchronization between computer systems over packet switched and variable-latency data networks.

PROFINET : Communication protocol used to exchange data between controllers like PLCs and devices like RFID readers.

SuiteLink: Based on TCP/IP and runs as a service on Windows Operating systems. It is mostly used in industrial applications that value time, quality and high throughput.

Tase-2: Tase-2, also referred to as IEC60870-6 is an open communication protocol that enables the exchange of time-critical information between control systems through WAN and LAN.

Enough Theory for today, Will continue the Remaining levels in the Upcoming blogs.

Thank you so much for Reading, See you again in another blog.

Author:
Sam Nivethan V J
Security Analyst & Trainer


Leave a Comment

Your email address will not be published. Required fields are marked *