Application filters for TCP/IP industrial automation protocols

  • Authors:

  • Aguinaldo B. Batista, Jr.;Tiago H. Kobayashi;João Paulo S. Medeiros;Agostinho M. Brito, Jr.;Paulo S. Motta Pires

  • Affiliations:

  • LabSIN-Security Information Laboratory, Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, Natal, RN, Brazil;LabSIN-Security Information Laboratory, Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, Natal, RN, Brazil;LabSIN-Security Information Laboratory, Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, Natal, RN, Brazil;LabSIN-Security Information Laboratory, Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, Natal, RN, Brazil;LabSIN-Security Information Laboratory, Department of Computer Engineering and Automation, Federal University of Rio Grande do Norte, Natal, RN, Brazil

  • Venue:
  • CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

The use of firewalls is a common approach usually meant to secure Automation Technology (AT) from Information Technology (TI) networks. This work proposes a filtering system for TCP/IP-based automation networks in which only certain kind of industrial traffic is permitted. All network traffic which does not conform with a proper industrial protocol pattern or with specific rules for its actions is supposed to be abnormal and must be blocked. As a case study, we developed a seventh layer firewall application with the ability of blocking spurious traffic, using an IP packet queueing engine and a regular expression library.