The communication function in industrial automation systems changed from a minor function to a key function the last decades. Availability, scalability, maintainability etc. are new requirements because of the change to key function. New functions means new and usually more technologies. But also the industrial automation depends more and more on the network because of this change.

One of the drawbacks of the growing communication function is that industrial automation systems are increasingly more open. This openness means a higher risks of a cyber-attack and because of that a higher need for cyber security.

Engineers, technicians that are responsible for industrial automation systems needs more insight in the network communication. Otherwise it is hard to design and/or maintain an industrial automation system.

Content:

• Introduction of industrial network technology
• Ethernet technology
• Transmission media, access methods, MAC addressing, Ethernet message format, switching mechanisms
• Network infrastructure devices hub, switch, router and gateway
• Internet Protocol (IP), IP Adressierung, IP Subnetting, Routing, TCP, DNS
• Network protocols ARP, ICMP, BOOTP, DHCP, SNMP, (R)STP, VLAN
• Network diagnostics with Wireshark
• Dangers in industrial networks
• Security Concepts: Protection of end devices and networks; User-dependent network access; Encrypted communication in unprotected networks
• Network Address Translation (NAT): IP-Masquerading; Port Forwarding; 1:1 NAT
• Firewall: packet filter based on Mac addresses, IP addresses and port numbers; Stateful Package Inspection; Protection against denial-of-service attacks; Individual firewall rules for different users
• Operating modes; Stealth; Router
• Remote access via HTTPS
• Recovery procedure; support tools
• Virtual Private Network (VPN)
• Secured communication
• Authentication via pre-shared key (PSK) and X.509v3 certificates
• Practical exercises