Common
Distributed Network Protocol 3 (DNP3)
Provides features and functions missing from Modbus It is an open protocol, therefore numerous vendors support it Most often uses TCP, but also supports UDP Uses Port 20000 Traffic is sent in plain text Does not provide for authentication or authorization Originally designed to operate on serial communications, but has been migrated to work on IP
The field _________ consolidate the data and transmit it to the _________ stations where it is presented on displays.
controller, HMI
Multiple Topologies -
Fieldbus works on network structures such as daisy-chain, star, ring, branch, and tree topologies.
Output - Discrete
Like their input counterpart, discrete output devices are also binary appliances. For instance, the field controller issues a signal to an output device, such as a circuit breaker, to open or close a breaker. Discrete output devices can communicate directly with discrete input devices. Furthermore, they can make control decisions and are programmable like a field controller.
______ simplifies protocol development by eliminating the need for an ICS vendor to produce a client, foregoing the expense and effort of developing multiple protocols for their products.
OPC
Processes are designed to change the ___________ or __________ properties of upstream materials to more useful downstream products.
Chemical, physical
Output - Digital
A digital output allows you to control a voltage with a computer. If the computer instructs the output to be high, the output will produce a voltage (generally about 5 or 3.3 volts). If the computer instructs the output to be low, it is connected to ground and produces no voltage. As a result, they can communicate more quickly and reliably, thus enabling their use in environments that are more critical, covering a wider range of applications. Examples include: alarms, control relays, fans, lights, horns, valves, switches, motor starters, etc.
Because protocols are not encrypted, they are easy targets of what kind of attack?
Man-in-the-middle
____________________ controller was created to respond to the needs of the automobile industry.
PLC
Profibus
Profibus is a smart fieldbus technology. It is specifically designed for high-speed serial I/O in factory and building automation applications. It is recognized as the fastest fieldbus in operation. Profibus is an open-standard fieldbus defined by German DIN 19245 Parts 1 & 2. Devices on the system connect to a central line. Once connected, these devices can communicate in an efficient manner, but can go beyond automation messages to participate in self-diagnosis and connection diagnosis.
ICS networks require _________________ to ensure availability, which is not a common practice in IT.
Redundancy
Safety Systems
Safety systems provide protection to the process, physical equipment, or people from harmful situations that may arise during operations. It is a counter action critical in industrial operations in the case of a process goes beyond allowable control parameters. While this would result in a loss of productivity, it would spare the equipment and people harm. Safety systems are traditionally, designed to be separated from the control systems they protect. However, they frequently share some communications, field devices, alarms, etc.
Modbus
Simple protocol Low cost development Minimum hardware requirement to support Master/slave protocol Modbus is a serial communications protocol, which acts as a message structure to a establish a master/slave or client/server communication between intelligent devices. This means that a master device talks to all the other devices on the network. It can query them for information or tell them what to do. Unlike most other protocols, however, Modbus is used for both command and control and device level communications. Communicates with up to 247 devices Uses standard TCP/IP protocols
Assets (field controllers) are polled to verify they are still functioning as expected.
TRUE
DCS are usually single-vendor solutions, meaning the vendor includes everything from the field controllers to the software that runs on the servers and workstations.
TRUE
One of the key characteristics of an RTU is that it relays information from a remote location over long distances.
TRUE
Servers
Used to store configuration for the ICS and saves process data in historians for later retrieval. The servers connect to business networks to allow remote operations, configuration, or information exchanges to improve productivity.
A cascading control loop is the fundamental building block of industrial control systems.
FALSE
Authentication and authorization is required to communicate with a Modbus device.
FALSE
Which of the following consolidates inputs and ouputs, as well as receives instruction from the operators?
Field controllers
The ____________ is the point in the ICS system where information is collected about the process.
Field devices
There are three types of Profibus:
Fieldbus Message Specification (FMS), Profibus DP (Distributed Peripherals), and Profibus PA (Process Automation).
Fieldbus
Fieldbus is a generic term that describes not one protocol, but a collection or group of industrial computer, digital communication protocols. The idea behind Fieldbus was to eliminate any point-to-point links. Basically, Fieldbus works on a network that permits various topologies, such as the ring, branch, star, and daisy chain.
Which of the following are common sources of process data?
Flow,Level,Temperature,Pressure
Which protocol is based on client-server communication, where all data transfers orginate with a request from a control center (the client), are received by another control center that owns and manages the data (the server)?
ICCP
Which of the following field controllers do many owners/operators often leave in their "fresh out of the box" configurations?
IED
The structures of ICS architectures are ___________, and depend upon system requirements, process function, and business needs.
diverse
RS232
which is an older technology in the IT domain, is still commonly used for point-to-point communications in RTUs and PLCs.
Field Devices
The instruments and sensors that measure process parameters and the actuators that control the process. This is the interface between the ICS and the physical process, be it the mixing of chemicals, the management of trains, or measuring of pressures in a gas pipeline. This is the point in the system where information is collected about the process, modifications are made, and the process is controlled. The sensors or measuring instruments are often referred to as input devices because they "input" data into the ICS. In contrast, switches, valves, and other types of actuators that control the process are called output devices. This input and output information is often referred to as I/O.
Polling Methods
The master station will send a request for updates whereby a field controller, such as an RTU or PLC, responds by sending back the requested information.
Human-Machine Interface (HMI)
The user interface in a manufacturing or process control system. It provides a graphics-based visualization of an industrial control and monitoring system. Previously called an "MMI" (man-machine interface), an HMI typically resides on a computer that communicates with a specialized computer in the plant, such as a programmable automation controller (PAC), programmable logic controller (PLC) or remote terminal unit (RTU). The HMI generally comes in two forms: either a touch panel or a software-based application that is loaded on a personal computer, workstation, tablet, or smart phone.
Inter-Control Center Communications Protocol (ICCP)
"Inter-Control Center Communications Protocol (ICCP), also known as the Telecontrol Application Service Element 2 (TASE.2), is a vendor-independent standard protocol. It is designed specifically for real-time data exchange between ISO (Independent System Operator) control centers, power pools, regional control centers, transmission utilities, distribution utilities, and generation facilities over LAN and WAN. ICCP is based on client-server communication. All data transfers originate with a request from a control center (the client) to another control center that owns and manages the data (the server). ICCP also provides services for data transfer, depending on the type of request. For example, if the client makes a one-time request, the data will be returned as a response"
Fieldbus - Levels
"Level 4 - The most complex level where all computers and departments are located. This computer-driven level allows data monitoring, file management, and file transfer at a large scale. Level 3 - This is where high-level data communication happens. Controllers, such as PLC, are connected to each other alongside HMI for complete control of the networ" Level 2 - Increased complexity scale. All sensor bus networks are connected to this network. Variable speed drives and motor control centers are connected to these for individual control over elements. Level 1 - This level is the least complex and includes all isolated field devices.
Open Platform Communication (OPC)
"PC (Open Platform Communication, formerly OLE for Process Control) is a series of standard, manufacturer-independent programming interfaces through which an automation application client such as an HMI can access data coming from remote devices such as PLC, Fieldbus devices, or real-time databases. OPC has become the most versatile way to communicate in the automation layer in all types of industry. OPC is a client/server-based communication"
Engineering Workstations
A specialized type of HMI, typically interface with the servers to modify the database or controllers to ensure the critical process runs properly. As we gain an understanding of the similarities between IT and ICS architectures, we will have greater success mapping traditional cybersecurity issues into the ICS domain.
Input - Analog
Analog input sensors (transmitters) measure continuous processes such as flow, level, or pressures within a range; 0-100%, empty to full, 0 to 100 mph. Typically, they transmit this information to field controllers using an analog signal such as a 4 to 20-mA.
Input - Digital
Digital input sensors are similar to both discrete and analog instruments in that they measure continuous processes (such as flows) and support binary events. However, instead of using an analog loop signal or clean contacts, digital sensors use a digitally encoded ICS communications protocol format (representing an equivalent to 1s and 0s) signal to relay the data.
Input - Discrete
Discrete input sensors support binary events including alarms and states. For example, the tank is full, the door is closed, the pressure is too high, or the pump is turned on.
Sensor Types
Discrete, Analog, Digital
ICS Component - Relationship
Machines installed in industrial plants use a variety of field devices for control and monitoring. These devices connect to field controllers, which connect to Human Machine Interface (HMI). Notice the communication flow of the devices to each other. We will examine each of these segments in-depth on the following pages.
Output - Analog
The analog output transmits analog signals (voltage or current) that operate controls. Analog outputs are predominantly used to control actuators, valves, and motors in industrial environments. In this case, the field controller will send a varying electrical signal that can open or close the valve as needed.
OPC Unified Architecture (UA
The biggest difference between OPC classic and OPC UA is that OPC UA doesn't rely on OLE or DCOM technology (windows), making it possible to implement OPC UA on any platform, such as Apple, Linus, or Windows. Another important UA feature is its ability to use structures and models, so data tags or points can be grouped and given context, making governance and maintenance easier.
Multi-drop -
This is also referred to as multi-access and can be interpreted as a single bus with many nodes connected to it.
Bi-directional -
This means it is a duplex port; the data can be transmitted in two directions at the same time.
Serial-bus -
This means the data is transmitted in small packets in a sequential manner.
Which of the following physical media is used extensively because it is fast, reliable, and inexpensive?
Wired media
RS485
is the foundation for many proprietary control networks used at site facilities
A control loop, single-loop control
is the fundamental building block of industrial control systems. It is communication used to regulate the process. It consists of a group of components working together as a system to achieve and maintain a desired value of a system variable by manipulating the value of another variable in the control loop.
Initially, ICS were _________ systems running proprietary control protocols using specialized hardware and software.
isolated
Some field controllers are assigned a higher priority where they are polled _____ frequently than other field controllers.
more