Analysis of security countermeasures in plants including Emerson AFC chiller units

Timeframe : 24/11/2015 23/07/2016

The main goals of the project are:

  • performance analysis: the quantitative evaluation of the bandwidth required by the current deployment of a network of AFC (Adiabatic Freecoling Chiller) units whose devices exchange control and diagnostic data through the Modbus/TCP protocol
  • security: individuation of security control(s) aimed at 1) protecting the process control network from useless and/or unallowed and possibly harmful traffic, 2) allowing the legitimate Modbus/TCP traffic to flow across different network segments
  • verification: the security control(s) achieve the above goals, without affecting the timing constraints of the communications.

To achieve the goals, the partner's network is emulated at CNR-IEIIT's premises by means of low cost PCs running ad-hoc developed tasks, then a measurement workbench, based on COTS devices and free software packages, is created. This allows to obtain the required performance and bandwidth measures, both without and with the selected security control(s). After this phase, both the security control(s) and the measurement workbench are moved to the partner's premises, where bandwidth and performance figures are obtained again, in order to verify that they match the ones gathered at the CNR-IEIIT's premises.

Keywords: Real-time communications, Performance evaluation, Security

Financial support by: Private company

Coordinator of the IEIIT unit in the project: Luca Durante