APPENDIX B
SECURITY STANDARDS IN USE IN ETHERNET INSTALLATIONS
The protocols and standards listed below are readily available components that can be used to
implement secure Ethernet networks in factories, power substations and other industrial sites.
SNMP
Simple Network Management Protocol, introduced in 1988, is a standard for gathering and managing
statistical data about network traffic and the behavior of network components such as switches, hubs,
routers and any device which is SNMP enabled. It is based on the manager/agent model and is used in
TCP/IP and other networks to monitor and control network devices, and manage configurations,
statistics collection, and performance. It is easy to implement, install, and use, and does not place
undue burden on the network. Even better, SNMP modules from different vendors work together with
minimal effort. However, early versions of SNMP did not adequately address the issue of security.
Basic security, in the form of authentication and encryption, was first proposed in 1998 with SNMPv3.
Accepted as a full Internet standard in 2002, SNMPv3 assures that a received message was transmitted
by the entity whose identifier appears as the source in the message header, it assures that the message
was not altered in transit and that there was not artificial delay or replay. It also provides for the
ability to update configuration parameters in SNMP agents, thus enabling complete remote
management of SNMP devices, which is an added convenience as Web management comes into play.
It is important to note that SNMPv3 adds several levels of capability, and increasing complexity, to an
SNMP implementation. Unless an implementation requires security features, most SNMP
deployments will remain at SNMPv1 or SNMPv2. Perhaps the wisest approach for a vendor of
Ethernet switches is to continue to offer these earlier versions, as well as SNMPv3, in its network
management package to accommodate users with various levels of security requirements.
Communicating SNMPv3 engines share a secret authentication key that is provided by the sending
entity. When the receiving entity gets the message, it uses the same secret key to calculate the
message authentication code again. If the receiver’s version of the code matches the value appended to
the incoming message, then the receiver knows that the message can only have originated from the
9