Rockwell announces first control devices to support CIP Security
Rockwell Automation has announced the first industrial control products that support CIP Security – the protocol developed by ODVA to protect critical industrial communications as part of a defence-in-depth security strategy
“CIP Security can protect devices and systems that use EtherNet/IP from some of the top risks in connected operations, such as unauthorised PCs,” explains Rockwell’s security portfolio manager, Tony Baker. “It does this in a few key ways. First, it limits device connectivity to only trusted PCs and devices. It also guards against packet-tampering to protect data integrity. Finally, it encrypts communications to avert unwanted data reading and disclosure.”
CIP Security is an extension to the Common Industrial Protocol (CIP), the application-layer protocol for EtherNet/IP. It is the first industrial automation protocol to support transport layer security (TLS), which Rockwell describes as “the most proven security standard” in widespread use on the Web.
Engineers will be able to implement CIP Security through new Rockwell Automation products and through firmware updates to existing products, such as Allen-Bradley ControlLogix controllers, communication modules and Kinetix servodrives.
In addition, the newly enhanced FactoryTalk Linx communications software allows FactoryTalk visualisation and information software running on a PC to communicate with CIP Security-enabled devices. The new FactoryTalk Policy Manager tool in the FactoryTalk software suite is used to implement and configure security policies between CIP Security-enabled devices.
CIP Safety is designed to to protect critical industrial communications
Rockwell has developed this new capability to work with existing industrial control devices whether or not they were designed to support CIP Security. This will allow industrial users to phase in security over time and to retrofit it to existing installations.
In addition, Allen-Bradley ControlLogix 5580 controllers will soon be certified as being compliant with the IEC 62443-4-2 security standard, building on the IEC 62443-4-1 certification that the Rockwell Automation Security Development Lifecycle has already received.
This latest certification means that the controllers will meet the global standard’s robust cybersecurity requirements to help companies secure their connected operations. The ControlLogix 5580 family of controllers is one of the first platforms to achieve this compliance.