Comparative Analysis of Threat Assumptions in Field Level Protocol Security

As the digitization of the manufacturing sector steadily accelerates, fieldbus protocol cybersecurity gains in significance. This paper presents a comparative analysis of the security assumptions of three prominent fieldbus communication protocols: OPC UA FX, PROFINET, and EtherCAT. Utilizing the STRIDE model, we reflect on the relevance of the chosen analysis criteria in comparison to the current state of security in the cyberspace. We focus on the current and evolving threat landscape for fieldbus networks and infrastructures in our modern world. Our findings suggest that there is a significant difference between the three protocols, in respect to their threat assumptions and readiness to face our current security challenges. As future work we aim to assess the sufficiency and effectiveness of the countermeasures in the protocols’ specifications.