Protocol gateways, also known as protocol translators, are small non-descript devices that mainly function as translators for various protocols and physical layers (i.e., Transmission Control Protocol (TCP) and serial lines). This allows machinery, sensors, actuators, and computers that operate industrial facilities such as factories, dams, power plants, and water processing facilities to communicate with one another.
In an industrial facility, several devices function together in one seamless process. To do this, they must effectively communicate or transmit information to one another. In an ideal scenario, all these devices use the same protocol. However, such a homogeneous setup is not always possible given the variety of devices a facility may need and the different manufacturers that provide them.
The process of creating industrial-internet-of-things (IIoT) environments and adapting for Industry 4.0 present protocol challenges because it merges operational technology (OT) and information technology (IT), wherein traditional OT networks are connected to IT networks. These two networks do not use the same protocols, with OT communicating over serial cables and IT communicating through the Ethernet, Wi-Fi, and mobile networks.
Protocol gateways help bridge the disparity in protocols in both scenarios. The diagram in figure 1 shows the typical position of protocol gateways.
Figure 1. The typical position of a protocol gateway, at the bottom of the control network
Protocol gateways work at the very edge of the control network, just before the process network that starts with the programmable logic controllers (PLC). PLCs, as its name suggests, helps control complex industrial processes and are connected to other devices, such as sensors, switches, and motors, that make up the process network. These devices collect data, such as temperature readings and the RPM of a motor, which they need to send to a human-machine interface (HMI) through the PLC. In turn, engineers can also send instructions to different machines through the HMI. Being in different networks, the HMI and other devices use different protocols (Modbus TCP and Modbust RTU, respectively). These protocols are bridged by the protocol gateway, allowing the devices to communicate information to the HMI and the HMI to send commands by engineers or operators to different machinery.
Protocol gateways are small, router-sized devices, with prices that range from US$300 to more advanced models that cost US$1,200. Most well-known vendors of industrial equipment also manufacture protocol gateways.
Protocol gateways can be classified by the way they translate protocols and the kind of protocols and layers they can translate.
We have identified two ways different protocol gateways translate protocols:
They can also be classified according to the type of protocols and layers they can convert. We have identified three categories using this classification.
Understanding what might happen should such devices fail can help explain the importance of protocol gateways. If the protocol gateway fails, the communication between the control systems and the machines stop leading to complications in the operations and process.
Our research on protocol gateways identified security risks involved in the use of such devices. Protocol gateways can be the weak link among the interconnected devices of an industrial facility. They may lack the security reserved for other critical devices, making them an attractive target for attackers. As with any device, vulnerabilities are also an area of concern, as it can present an opportunity for cybercriminals to exploit the protocol gateway or use the device for a larger attack.
Our research found that an attacker can use protocol gateways to Inhibit Response Function or Impair Process Control through:
An abused protocol gateway, being instrumental in an Inhibit Response Function or Impair Process Control conditions, could lead to the following:
All these threats result in a communication breakdown within the industrial environment, facilitated by a weakness or an attack on protocol gateways.
Given the critical role protocol gateways play in industrial operations, security measures should be in place to protect these devices from attacks that could take advantage of its functions. Here are summarized strategies for protecting protocol gateways, based on our research:
Overall, operators should treat protocol gateways as critical OT devices. Considering it as such can better frame the necessary security measures in consideration of the threats that may take advantage of its important function.