Endress+Hauser Establishes Internet Security Standards

  Enquiry / contact me

The cryptography working group within the IETF standards organization (Internet Engineering Task Force) has chosen the Endress+Hauser-developed CPace protocol as a recommended method for use in internet standards.

Endress+Hauser Establishes Internet Security Standards
Endress+Hauser Establishes Internet Security Standards

Secure access to field instruments is of the highest priority for operators across all branches of the process industry. Modern plants contain hundreds or thousands of measurement and control instruments that must be accessed remotely with growing frequency. These field instruments also have to be installed, monitored or serviced on a regular basis. Secure password-based user authentication plays a special role today, especially when devices with digital interfaces are involved.

Security with user-friendly password lengths 

In order to utilize Bluetooth communications technology in industrial environments, security experts at Endress+Hauser identified a need for additional protection. The result was the development of a solution called CPace, which belongs to the class of PAKE (password-authenticated key exchange) methods. Among other things, PAKE technology is used with the German electronic ID cards as a means of largely decoupling the cryptographic security level from the length of the password. The advantage of CPace is that the processing power of even the smallest of field instruments is sufficient to provide devices, and thus the industrial systems, with the best level of protection against cyberattacks. At the same time CPace enjoys a high degree of acceptance among users given that the desired level of security can be achieved without relying on long passwords.

“We had to look internally to find a solution for establishing secure connections to the instruments. Previously available secure methods could not be used because of the limited processing power and storage capacity of field instruments. Password verification would have meant a login delay of two minutes or more,” explains Dr Björn Haase, head of the project at Endress+Hauser.

Making life difficult for hackers

The security of the PAKE-based solution with Bluetooth technology from Endress+Hauser was previously verified in 2016 as part of an analysis by the Fraunhofer Institute for Applied and Integrated Security (AISEC). The institute classified the protection level of the Endress+Hauser security layer, the core component of which is recommended for use in internet environments, as ‘high’.
 

Posted on October 28, 2020 - (87 views)
Related articles
Pinch Valves for Single-Use Applications
Rotary Lobe Pump with High Volumetric Efficiency
Digital Toroidal Conductivity-Sensor
Cobot for the Packaging Industry
Italian Project for Decarbonisation of the Glass Industry
High-Shear Granulator
Applying ISO/IEC 27001/2 and the ISA/IEC 62443 Series for Operational Technology Environments
Clean Parts – Safe Processes
First GC Analyzers Installed Directly in a Natural Gas Pipeline
User-Friendly and Versatile Flowmeter Line
The Ultimate Solution for Temperature and Gas Monitoring
Handle with... CO.RA.
Shaping the Future of Process Industries
Handle with CO.RA
Absolutely Efficient. JUMO dTRANS T09 Cable transmitter for temperature.
SPSConnect: The Digital Automation Hub
Inspiring Sustainable Connections
FLIR GF 77. The Groundbreaking, Affordable OGI Camera
Our Solutions, as Individual as You.
handle with... CO.RA
External Powder Flow Sensor
Pressure Sensing with Functional Safety
Commercial Food Processing
Glass vial and syringe production
Critical Asset and Safety Solutions
Thermal Profiling Systems
Infrared Temperature Solutions
Smart Safety Valve for Technical Gases
MODBUS Transmitter With Dual Universal Inputs
Dome Pressure Regulator with Integrated Digital Sensor Technology
Fixed Acoustic Imager Announced
Shaping the Future—the Ethernet-APL Field Switch
Commercial Food Processing
Glass vial and syringe production
Critical Asset and Safety Solutions
Thermal Profiling Systems
Infrared Temperature Solutions
More Safety with Top Lockout Procedures and Custom Shadowboards
Strenghten Factory Resilience with Unique Solution for Predictive Maintenance
Protect Machines Using Sound, IoT and AI