Intente buscar por palabras clave, código de producto/pedido o número de serie, por ejemplo, "CM442" o "información técnica"
Introduzca por lo menos 2 caracteres para iniciar la búsqueda.
  • Historial

Endress+Hauser establishes internet security standards

IETF recommends the SmartBlue CPace protocol for password-protected access to instruments

Fecha de publicación: 27.10.2020

Secure access to field instruments is of the highest priority for operators across all branches of the process industry. Modern plants contain hundreds or thousands of measurement and control instruments that must be accessed remotely with growing frequency. These field instruments also have to be installed, monitored or serviced on a regular basis. Secure password-based user authentication plays a special role today, especially when devices with digital interfaces are involved.

Security with user-friendly password lengths

In order to utilize Bluetooth communications technology in industrial environments, security experts at Endress+Hauser identified a need for additional protection. The result was the development of a solution called CPace, which belongs to the class of PAKE (password-authenticated key exchange) methods. Among other things, PAKE technology is used with the German electronic ID cards as a means of largely decoupling the cryptographic security level from the length of the password.

The advantage of this method is that the processing power of even the smallest of field instruments is sufficient to provide devices, and thus the industrial systems, with the best level of protection against cyberattacks. At the same time CPace enjoys a high degree of acceptance among users given that the desired level of security can be achieved without relying on long passwords.

“We had to look internally to find a solution for establishing secure connections to the instruments. Previously available methods were out of the question because they provide an inadequate level of security given that field instruments have limited processing power and storage capacity. Password verification would have meant a login delay of two minutes or more,” explains Dr Björn Haase, head of the project at Endress+Hauser.

CPace makes life difficult for hackers

The security of the PAKE-based solution with Bluetooth technology from Endress+Hauser was previously verified in 2016 as part of an analysis by the Fraunhofer Institute for Applied and Integrated Security (AISEC). The institute classified the protection level of the Endress+Hauser security layer, the core component of which is recommended for use in internet environments, as “high”.

Descargas

    EH_27-10-2020_CPace.zip

Press list

Reciba los próximos comunicados de prensa y noticias directamente en su bandeja de entrada. Asegúrese de estar al día y suscríbase al listado de prensa de Endress+Hauser.

Lista de prensa de Endress+Hauser

Endress+Hauser envía periódicamente comunicados de prensa sobre temas actuales e información de la compañía a los profesionales de los medios de comunicación.

Seleccione los temas que le interesan:  *
Seleccione las industrias que le interesan: *

Datos personales

Los campos marcados con un asterisco (*) son obligatorios. Recibirá un mensaje de correo electrónico con la confirmación de su suscripción. La información proporcionada es voluntaria y sus datos solo se usarán para personalizar los boletines informativos y no se transferirán a terceras partes. Por razones estadísticas, realizaremos un seguimiento anónimo de los enlaces.

Contacto