Modbus Security: New Protocol to Improve Control System Security

The Modbus Organization is today announcing the publication of the Modbus Security protocol. The use of secure protocols is a fundamental component in efforts to secure Industrial Control System (ICS) traffic. Secure protocols can mitigate many common cyber-attacks, including replay and man-in-the-middle exploits.

The new protocol provides robust protection through the blending of Transport Layer Security (TLS) with the traditional Modbus protocol. TLS was selected as it is a well-known, widely accepted internet standard. TLS will encapsulate Modbus packets to provide both authentication and message-integrity protection. The new protocol leverages X.509v3 digital certificates for authentication of the Server and Client.

The protocol also supports the transmission of role-based access control information using an X.509v3 extension to authorize the request of the Client. Modbus Security will use a new port; traditional Modbus uses port 502. The new Modbus Security protocol will utilize port 802.

Protocol interoperability was initially demonstrated in May of 2017 at an interoperability event attended by four Modbus.org member companies. Products leveraging the new protocol are expected to be available in the market in 2019.