Performance Evaluation and Modeling of an Industrial Application-Layer Firewall

The availability of performance studies and simple models for firewalls able to deal with industrial application-layer communication protocols, such as Modbus/TCP, is crucial when the impact of these devices has to be estimated, even roughly, before their actual deployment in industrial networks. Un...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on industrial informatics 2018-05, Vol.14 (5), p.2159-2170
Main Authors: Cheminod, Manuel, Durante, Luca, Seno, Lucia, Valenzano, Adriano
Format: Article
Language:English
Subjects:
Application-layer filtering
Commercial off-the-shelf technology
Control systems
Filtration
Firewalls
Industrial applications
Industrial electronics
industrial firewall (IFW)
Informatics
Inspection
Integrated circuits
Modbus/TCP
Model testing
modeling
performance analysis
Performance evaluation
Ports (Computers)
Protocols
Security
security of industrial systems
Traffic models
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The availability of performance studies and simple models for firewalls able to deal with industrial application-layer communication protocols, such as Modbus/TCP, is crucial when the impact of these devices has to be estimated, even roughly, before their actual deployment in industrial networks. Unfortunately, most manufacturers do not provide this kind of information for commercial off-the-shelf available products. Thus, a viable solution is the development and experimental validation of simple models that can be used by designers to predict those firewall characteristics not explicitly related to their security capabilities. As an example, latency introduced on message forwarding is an aspect of significant interest in many industrial control systems, where delays and jitters in data delivery can severely impact on the effectiveness of the control actions. This paper reports on our experience in developing a performance model for a commercial device able to perform advanced application-layer filtering, in particular of Modbus/TCP traffic. A set of ad hoc designed experiments, performed by means of a purposely developed laboratory testbed, enabled both model development and validation, confirming a good correspondence of the estimated performance with the device actual behavior.
ISSN:1551-3203
1941-0050
DOI:10.1109/TII.2018.2802903