TechnologyMarch 21, 2022
IEC 62443 security enables next-generation industrial networking
Next-generation industrial networking solutions help provide futureproof industrial automation leveraging robust hardware, as well as high-performance and dependable networks. IEC 62443-4-1 offers security technology to unite networking and OT cybersecurity using a layered defense-in-depth approach.
IEC 62443-4-2 certification for industrial networking devices, as per the International Electrotechnical Commission for Electrical Equipment (IECEE) Certification Body Scheme is key technology in Moxa’s next-generation networking solution, EDS-4000/G4000 Series, which has just been introduced in March 2022.
As recognized by IEC 62443-4-2 and IEC 62443-4-1 certifications, Moxa’s technology solution aim to unite networking and OT cybersecurity with layered defense-in-depth approach. The solutions cover security-hardened networking devices based on the IEC 62443-4-2 cybersecurity standard, advanced IT and OT network segmentation with threat prevention, and tailored OT deep packet inspection (DPI) realizing industrial intrusion prevention system (IPS). These offerings allow Industrial Automation and Control Systems (IACS) to be built with reliable end-to-end connectivity to provide robust hardware, as well as high-performance and dependable networks.
“The IEC 62443 series of standards cover all aspects of secty requirements, thus providing a common language for component suppliers, system integrators and asset owners”, said Steve Mustard, 2021 President of International Society of Automation (ISA), the Standards Development Organization responsible for IEC 62443. “The standards outline a secure-by-design approach and provide requirements through to product manufacturing. This significantly simplifies the procurement and integration processes for network devices, applications, and automation control devices that make up industrial control systems.”
“When we pursued the certification of the IEC 62443 standards, the journey was transformational for Moxa,” said Samuel Chiu, general manager of Moxa Networking. “We demonstrated that security is part of the DNA of Moxa’s product and solution portfolios by complying with the internationally recognized standards related to the process and product requirements for the secure development of an IACS. This benefits our customers who must now utilize these solutions to enjoy undisrupted operations during every step of their digital transformation.”
According to IDC’s Worldwide IT/OT Convergence 2022 Predictions, 75% of new operational applications deployed at the edge will leverage containerization by 2024. This will enable a more open and composable architecture, which will be necessary for resilient operations. The rise in edge devices and expanded connectivity represent a pathway into operations. They are being deployed at a high rate and utilize more open architectures and capabilities compared to the isolated automation systems of the past. These devices must have both their software and hardware elements developed securely to last throughout their product lifecycle, integrate seamlessly into the network overall, and have security management capabilities.
“Networking and cybersecurity have strong synergies in operations settings, yet they both must be purpose- built for OT environments. With the digital future and increased connectedness of operations, new industry requirements and standards will be put in place to ensure providers can keep up with these requirements,” said Jonathan Lang, research director of IDC with a focus on Worldwide IT/OT Convergence Strategies. “These specialized industry requirements can be overlooked by many IT cybersecurity solutions, and combining subject matter expertise and capabilities from operations is critical to ensure integrity of security systems.”
To create a foundation for futureproof operations, many system integrators require that component suppliers comply with the subsections of the IEC 62443 standard that pertain to their devices. The software development process-related IEC 62443-4-1 and the product-related IEC 62443-4-2 standards highlight the importance of selecting vendors that provide hardened hardware components built with a “secure by design” approach.
EDS-4000/G4000 series
The EDS-4000/G4000 Series includes 68 models that will help Moxa’s customers build futureproof industrial networks to strengthen operational resilience in industrial spaces such as power, transportation, maritime, and factory automation.
“Recently, we have observed that our customers find it more challenging to connect their devices while fulfilling a variety of requirements for critical infrastructure,” said Gary Chang, Product Manager at Moxa Networking Co. Ltd.
“Critical infrastructure requires advanced networking solutions that strengthen operational resilience and futureproof networks. The EDS-4000/G4000 Series portfolio of switches transforms the networking-evolved concept into tangible networking capabilities in order to empower customers to build secure, reliable, and high-bandwidth industrial networks with ease.”
Evolved networking solutions strengthen operational resilience
While OT/IT convergence is accelerating, enhanced network security, high performance, strong reliability, and advanced usability become paramount to building next-generation industrial networks that strengthen operational resilience.
Industry-standard Network Security: The EDS-4000/G4000 Series was the world’s first IEC 62443-4-2 certified Ethernet switches to be certified by IECEE due to the built-in hardened security that was developed by following the stringent software development lifecycle described in the standard. Along with Moxa’s extensive network security portfolio, Moxa helps create a secure network foundation to safeguard and futureproof industrial operations.
Performance for Mass Deployments: As the number of connected devices in industrial operations grows exponentially, the EDS-4000/G4000 Series provides multiple interface combinations with up to 14 ports and a range of options including fast Ethernet, Gigabit, 2.5GbE uplinks, SFP, and IEEE 802.3bt PoE connectivity. This enables customers to connect more devices especially in applications such as intelligent transportation systems that require high-power and high-bandwidth networking.
Multiple Industrial Certifications: The EDS-4000/G4000 Series is certified for NEMA TS2, EN 50121-4, IEC 61850-3/IEEE 16132, DNV2, ATEX Zone 23, Class I Division 23, to fulfill the needs of a wide variety of industrial applications. The EDS-4000/G4000 Series also features Turbo Ring and Turbo Chain fast network recovery to ensure smooth operations.
Advanced Usability: The improved web GUI provides a more intuitive way for users to perform configurations and network management. The rotatable power module offers flexibility to field engineers when they are installing devices and maintaining the network.
In addition, the LED indicators on two sides of the device help engineers easily identify the status of networking devices, making their job easier.
Customer feedback
According to Christian M. Skytte, Head of Product Management, Automation, at Wärtsilä Lyngsø Marine A/S who evaluated the new technology, “we particularly appreciated the intuitive user interface, the innovative mechanical design with the rotatable power supply module, and the robust DIN-rail mounting kit. The EDS-4000/G4000 Series gives us more confidence to provide futureproof, robust, and secure industrial automation and navigation solutions.”
Industrial Ethernet solution
Key pieces of technology in the new products include:
- Multiple interface combinations including fast Ethernet, Gigabit, 2.5GbE, SFP, and IEEE 802.3bt PoE
- Turbo Ring and Turbo Chain (recovery time < 20 ms @ 250 switches4), and RSTP/STP for network redundancy
- Rotatable power module to simplify installation and maintenance
- Wide range of power input options for flexible deployment
- Compact and flexible housing that fits into confined spaces
- Supports MXstudio for easy installation, operation, maintenance, and diagnostics