Secure access to field instruments is of the highest priority for operators across all branches of the process industry. Modern plants contain hundreds or thousands of measurement and control instruments that must be accessed remotely with growing frequency. These field instruments also have to be installed, monitored or serviced on a regular basis. Secure password-based user authentication plays a special role today, especially when devices with digital interfaces are involved.
Security with user-friendly password lengths
In order to utilise Bluetooth communications technology in industrial environments, security experts at Endress+Hauser identified a need for additional protection. The result was the development of a solution called CPace, which belongs to the class of PAKE (password-authenticated key exchange) methods. Among other things, PAKE technology is used with the German electronic ID cards as a means of largely decoupling the cryptographic security level from the length of the password. The advantage of CPace is that the processing power of even the smallest of field instruments is sufficient to provide devices, and thus the industrial systems, with the best level of protection against cyberattacks. At the same time, CPace enjoys a high degree of acceptance among users given that the desired level of security can be achieved without relying on long passwords.
“We had to look internally to find a solution for establishing secure connections to the instruments,” explains Dr Björn Haase, project head at Endress+Hauser. “Previously available secure methods could not be used because of the limited processing power and storage capacity of field instruments. Password verification would have meant a login delay of two minutes or more.”
CPace makes life difficult for hackers
The security of the PAKE-based solution with Bluetooth technology from Endress+Hauser was previously verified in 2016 as part of an analysis by the Fraunhofer Institute for Applied and Integrated Security. The institute classified the protection level of the Endress+Hauser security layer, the core component of which is recommended for use in Internet environments, as high.
Reinstatement opportunity for ECSA registration
News
In 2023 the Engineering Council of South Africa (ECSA) announced a special opportunity for engineers in South Africa to reinstate their registration status if it had been cancelled. This exclusive offer is available until the end of August 2024.
Read more...Comtest calibration user group seminar Comtest
News
Comtest invites metrology and calibration professionals to a focused technical seminar series aimed at demystifying some of the most common hurdles in inter-laboratory comparisons.
Read more...Functional safety explained
News
The SAIMC supports Pepperl+Fuchs, a National Member, in a free four-part online seminar series focused on Functional Safety.
Read more...The Future of manufacturing in Africa
News
The future and development of African manufacturing will be discussed extensively at the upcoming Manufacturing Indaba conference, to be hosted on 15 to 16 July 2025 at Johannesburg’s Sandton Convention Centre.
Read more...Hot topics at IFAT Africa and analytica Lab Africa 2025
News
Burning issues such as climate-smart infrastructure, sustainability in waste and water management, the circular economy and Extended Producer Responsibility will come under discussion at the three-day conference and forum presented by analytica Lab Africa and IFAT Africa at Gallagher Convention Centre in Midrand, Johannesburg from 8 to 10 July 2025.
Read more...From the editor's desk: Riding the hype cycle Technews Publishing (SA Instrumentation & Control)
News
The other day I came across an entertaining article on the ten biggest tech failures of the last decade. Google Glass, 3D TV and Elon Musk’s hyperloop have faded into obscurity. Others, like the metaverse, ...
While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.
printer friendly version