Ibrahim Ozcelik

Building an interconnection between PROFIBUS and ATM networks

In this paper, a method describing connection between PROcess Field BUS (PROFIBUS) and asynchronous transfer mode (ATM) systems is presented. The proposed method reveals the usage of ATM at the cell level of the CIM architecture. This leads to the fact that a new bridge based on PROFIBUS and ATM features should be designed. This study is concerned with not only PROFIBUS and ATM interconnection requiring worst-case translation and solution issues (unmatched services, flow diagram, etc.) but also the performance analysis of the model provided CACI Network II.5.

A CAN/IEEE 802.11b wireless Lan local bridge design

Employing CAN in distributed real-time control applications sometimes critically requires increasing the size of distributed area, and communication with both other LANs and independent CAN segments. An interworking device with wireless support to extend CAN segments, utilizing an IEEE 802.11b WLAN is a practical solution for such an industrial environment. A key objective of this research work is to design and implement an interworking device called Wireless Interworking Unit (WIU) enabling remote CAN2.0A nodes to communicate over IEEE 802.11b WLAN using encapsulation method. Computer modeling and simulations of the proposed WIU are carried out using OPNET Modeler. The SAE Benchmark has been utilized in the networking models to evaluate the simulation results obtained. Considering the total end-to-end delay results of especially remote CAN messages for above 40 kbit/s bus rates, effect of the designed WIU is proved not causing to exceed the required arrival time deadline set by the SAE Benchmark.

Design, implementation and performance analysis of the PROFIBUS/ATM Local Bridge

Abstract PROcess Field BUS (PROFIBUS) has successfully proven itself in many thousands of applications in production, building and process automation. ATM LAN is a recently developed technology, and it is believed to be the ideal solution for B-ISDN. This type of network is so versatile that it can be used in any kinds of environment. Considering the fact that applications involving both a PROFIBUS and an ATM are to be commonly used, the need for a PROFIBUS to communicate with an ATM network attracts attentions. This leads to the fact that a new bridge based on PROFIBUS and ATM features should be designed. The new bridge is called PROFIBUS/ATM Local Bridge. This study is concerned with not only building an interface device that interconnects a PROFIBUS and an ATM LAN but also the performance analysis of the designed bridge.

Design, implementation and performance analysis of the CAN/ATM local bridge

In this paper, a method describing connection between CAN and ATM systems is presented. The proposed method reveals the usage of ATM at the cell level of the CIM architecture. This leads to the fact that a new bridge based on CAN and ATM features should be designed. The new bridge is called as CAN/ATM Local Bridge. This study is concerned with not only CAN and ATM interconnection requiring worst-case translation but also the performance analysis of the model provided CACI Network II.5.

Integration of a speech activated control system and a wireless interworking unit for a CAN-based distributed application

Ever increasing number of mobile devices in automation systems have revealed the requirement of utilizing wireless communication systems enabling interoperability between existing wired and wireless systems. Therefore, a wireless interworking unit (WIU) is usually employed to provide required interworking functionality. This work briefly exploits a controller area network (CAN)/IEEE 802.11b WIU and a speech activated control application to be used in a CAN-based industrial networking environment and presents its prototype. The WIU employed provides communication skills with the speech activated control system including a speech recognition process and CAN-based distributed control application over the wireless medium.

Topology discovery of PROFINET networks using Wireshark

Industrial communication networks become more complex and real-time networking protocols primarily developed for them become more common in our daily lives as technology evolves. As a result of this, topology discovery and diagnostic mechanisms developed for industrial communication networks come into prominence. One of the most well-known industrial communication networks, PROFINET is the basis of this study. In this paper we present an add-on to Wire-shark for the discovery of the topology of PROFINET networks. Wireshark is a network protocol analyzer tool and to our knowledge this is the first study which uses Wireshark in this context.

Development of the ECAT Preprocessor with the Trust Communication Approach

In the past several years, attacks over industrial control systems (ICS) have become increasingly frequent and sophisticated. The most common objectives of these types of attacks are controlling/monitoring the physical process, manipulating programmable controllers, or affecting the integrity of software and networking equipment. As one of the widely applied protocols in the ICS world, EtherCAT is an Ethernet-based protocol; thus, it is exposed to both TCP/IP and ICS-specific attacks. In this paper, we analyze EtherCAT field-level communication principles from the security viewpoint focusing on the protocol vulnerabilities, which have been rarely analyzed previously. Our research showed that it lacks the most common security parameters, such as authentication, encryption, and authorization, and is open to Media Access Control (MAC) spoofing, data injection, and other advanced attacks, which require superior skills. To prevent, detect, and reduce attacks over the EtherCAT-based critical systems, first, we improved the open-source Snort intrusion detection/prevention system (IDS/IPS) to support packets that are not processed over transport and network layers. Second, by incorporating a vulnerability analysis, we proposed the EtherCAT (ECAT) preprocessor. Third, we introduced a novel approach called trust-node identification and applied the approach as three rules into the preprocessor. In this sense, the ECAT preprocessor differs from other supported ICS preprocessors in the literature, such as DNP3 and Modbus/TCP. Besides supporting traditional rule expansion, it is also able to handle layer 2 packets and to apply deep packet inspection on EtherCAT packets using the trust-node approach. This method first identifies engineering-station approved nodes based on EtherCAT network information (ENI) configuration files and then deeply inspects incoming packets, considering protocol specifications. The improvements and approach have been tested on the physically developed testbed environment and we have proved that proposals can detect related attacks and provide a basic level of security over the EtherCAT-implemented systems.

Carrier-grade NAT — is it really secure for customers? A test on a Turkish service provider

Dramatic rise in the user amount yields increase in the number of internet accessed devices within the last decade. Since most of the devices have internet connection, IPv4 space becomes inadequate. In order to avoid this situation, internet service providers focus on using their IPs within their IP pool, optimally. The most preferred approach to handle this problem is called Carrier Grade Network Address Translation (CGN). In this technique, a city, a neighborhood or a group of users could be configured as if they are in the same Local Area Network (LAN) and they have IPv4 Network Address Translation (NAT) connections for Wide Area Network (WAN) accesses. By applying this approach, IP costs are reduced and number of IPs in the pool is optimized. However, implementations done in recent systems could cause vulnerabilities as well. This work focuses on examining a part of CGN applied network that acts as LAN, by scanning, exploring users, devices and vulnerabilities for a specific neighborhood in Turkey. Users and devices are determined and since they are considered in the same LAN most of them are easily gained access and the insecurity of the system is proved. Also it is also observed that a user could stop or slow down the traffic by Denial of Service (DoS) or Distributed DoS attacks.