Rohde & Schwarz Cyber-security has introduced a new Deep Packet Inspection (DPI) engine R&S PACE 2 Modbus protocol detection and extraction solution. The DPI engine delivers Modbus content and metadata extraction and also enables IT security equipment vendors to gain full visibility of Modbus protocol communication in order to detect vulnerabilities and provide protection for the IIoT.
Modbus is an application layer protocol that provides a client/server communication link between devices connected on different types of buses or networks. For instance, Supervisory Control and Data Acquisition (SCADA) systems or Industrial Control Systems (ICS) measure temperature and humidity and communicate the results to a computer with the help of Modbus protocol.
Because Modbus-based industrial systems were designed for isolated environments, their development centers are for reliability, availability, and speed – not security. Therefore, the Modbus protocol is lacking common security mechanisms such as authentication, confidentiality and integrity. This makes it inherently insecure and vulnerable to attacks.
As modern conveniences such as electricity, transportation and water systems are powered by SCADA or ICS; an attack on such systems and networks not only has the potential to shut down an entire region’s power grid and disrupt critical systems and production lines, but also can cost lives. With the new Modbus content and metadata extraction functionality, vendors of security products, such as firewalls or gateways, gain granular visibility and control of the Modbus protocol communication. This enables them to detect threats in the SCADA or ICS environment and enhance their IT security solutions by adding a further layer of security in their products.
Click here to know more about the usage of R&S PACE 2 for vendors.