Increasing automation and external connectivity in industrial control systems
(ICS) demand a greater emphasis on software-level communication security. In
this article, we propose a secure-by-design development method for building ICS
applications, where requirements from security standards like ISA/IEC 62443 are
fulfilled by design-time abstractions called secure links. Proposed as an
extension to the IEC 61499 development standard, secure links incorporate both
light-weight and traditional security mechanisms into applications with
negligible effort. Applications containing secure links can be automatically
compiled into fully IEC 61499-compliant software. Experimental results show
secure links significantly reduce design and code complexity and improve
application maintainability and requirements traceability.

By admin