Control de acceso remoto a redes industriales

  1. Díaz-Cacho Medina, Miguel 1
  2. Chaves Méndes, Andre 2
  3. Pereira, A. 1
  1. 1 Universidade de Vigo
    info

    Universidade de Vigo

    Vigo, España

    ROR https://ror.org/05rdf8595

  2. 2 Instituto Politécnico de Bragança
    info

    Instituto Politécnico de Bragança

    Bragança, Portugal

    ROR https://ror.org/00prsav78

Book:
XLIV Jornadas de Automática: libro de actas: Universidad de Zaragoza, Escuela de Ingeniería y Arquitectura, 6, 7 y 8 de septiembre de 2023, Zaragoza
  1. Ramón Costa Castelló (coord.)
  2. Manuel Gil Ortega (coord.)
  3. Óscar Reinoso García (coord.)
  4. Luis Enrique Montano Gella (coord.)
  5. Carlos Vilas Fernández (coord.)
  6. Elisabet Estévez Estévez (coord.)
  7. Eduardo Rocón de Lima (coord.)
  8. David Muñoz de la Peña Sequedo (coord.)
  9. José Manuel Andújar Márquez (coord.)
  10. Luis Payá Castelló (coord.)
  11. Alejandro Mosteo Chagoyen (coord.)
  12. Raúl Marín Prades (coord.)
  13. Vanesa Loureiro-Vázquez (coord.)
  14. Pedro Jesús Cabrera Santana (coord.)

Publisher: Servizo de Publicacións ; Universidade da Coruña

ISBN: 9788497498609

Year of publication: 2023

Pages: 795-800

Congress: Jornadas de Automática (44. 2023. Zaragoza)

Type: Conference paper

DIALNET GOOGLE SCHOLAR lock_openRUC editor

Abstract

Remote access to industrial networks is one of the contributions that Industry 4.0 has popularized by enabling integration of TCP/IP technologies in OT networks and, therefore, to make industrial networks reachable using the public Internet. Remote maintenance is one of the great beneficiaries of this functionality. However, this access increases the security risks because a new and important vulnerability is opened by the possibility of remote access from any computer connected to the Internet. In order to fficiently manage these remote accesses, this paper proposes the use of the industrial telemetry protocol MQTT in the exchange of access control commands between the involved devices. This allows an opportunistic access modality that quantitatively reduces the security levels required by the IEC62443 standard by up to four. The proposal includes a topology based on three elements, the Anchor, the UNet and the Nauta and on three di erent services offered in Open-Source format; the port-redirection service, the access service and the access control service.

Data source: Dialnet