82 CHAPTER 4 Industrial Network Protocols and Linux platforms. The open nature of CANopen makes Ethernet Powerlink/ CANopen a desirable combination for industrial networks requiring inexpensive solutions in Linux environments. 32 Security Concerns Ethernet Powerlink is a real-time Ethernet protocol, and as such it is susceptible to any of the vulnerabilities of Ethernet. Ethernet Powerlink is designed for use over all IPs, including TCP, UDP, and HTTP, and it is therefore also susceptible to any corresponding IP vulnerabilities. As with many real-time Ethernet protocols, Ethernet Powerlink is sensitive and highly susceptible to DoS attacks. Ethernet Powerlink is easily disrupted via the insertion of rogue Ethernet frames into the network, requiring the separation of Ethernet Powerlink from other Ethernet systems. The protocol itself is sensitive and highly susceptible to DoS attacks. Security Recommendations Because sensitivity of the cyclic polling mechanism requires separation from other non­Powerlink Ethernet services, Ethernet Powerlink implementations will most likely have a clear demarcation from other networks. This demarcation can be lev- eraged to further isolate the industrial protocol, through the establishment of strong perimeter defenses at these boundaries. SERCOS III SERCOS (Serial Real-time Communications System) is a fieldbus specialized for digital motion control. SERCOS III is a real-time Ethernet communication protocol specifically designed for serial communications between PLCs and IEDs, operating at high speeds within closed loops. 33 SERCOS III is a Master/Slave protocol that operates cyclically, using a mecha- nism in which a single Master Synchronization Telegram is used to communicate to slaves, and the slave nodes are given a predetermined time (again synchronized by the master node) during which they can place their data on the bus. All messages for all nodes are packaged into a Master Data Telegram, and each node knows which portion of the MDT it should read based upon a predetermined byte allocation. 34 An interesting addition to SERCOS III is that, although SERCOS dedicates the use of the bus for synchronized real-time traffic during normal cycles, it allows unallocated time within a cycle to be freed up for other network protocols such as IP. This "IP Channel" allows the use of broader network applications from the same device--for example, a web-based management interface that would be accessible to business networks. 35 Security Concerns SERCOS III is a real-time Ethernet protocol, and as such it is susceptible to any of the vulnerabilities of Ethernet. SERCOS III introduces new security concerns through the option to support embedded, open TCP/IP communications. With this option enabled, a compromised RTU or PLC using SERCOS III could be used to