TitoloPerformance Evaluation and Modeling of an Industrial Application-Layer Firewall
Anno di pubblicazione2018
Autore/iM. Cheminod, L. Durante, L. Seno, A. Valenzano
Affiliazioni autoriCNR-IEIIT, Istituto di Elettronica e di Ingegneria dell'Informazione e delle Telecomunicazioni, Torino, Italy
AbstractThe availability of performance studies and simple models for firewalls able to deal with industrial application-layer communication protocols, such as Modbus/TCP, is crucial when the impact of these devices has to be estimated, even roughly, before their actual deployment in industrial networks. Unfortunately, most manufacturers do not provide this kind of information for commercial off-the-shelf available products. Thus, a viable solution is the development and experimental validation of simple models that can be used by designers to predict those firewall characteristics not explicitly related to their security capabilities. As an example, latency introduced on message forwarding is an aspect of significant interest in many industrial control systems, where delays and jitters in data delivery can severely impact on the effectiveness of the control actions. This paper reports on our experience in developing a performance model for a commercial device able to perform advanced application-layer filtering, in particular of Modbus/TCP traffic. A set of ad hoc designed experiments, performed by means of a purposely developed laboratory testbed, enabled both model development and validation, confirming a good correspondence of the estimated performance with the device actual behavior.
Pagine da2159
Pagine a2170
Pagine totali12
RivistaIEEE transactions on industrial informatics
Attiva dal 2005
Editore: Institute of Electrical and Electronics Engineers, - Piscataway, NJ
Paese di pubblicazione: Stati Uniti d'America
Lingua: inglese
ISSN: 1551-3203
Titolo chiave: IEEE transactions on industrial informatics
Titolo proprio: IEEE transactions on industrial informatics
Titolo abbreviato: IEEE trans. industr. inform.
Titoli alternativi:
  • Institute of Electrical and Electronics Engineers transactions on industrial informatics
  • Transactions on industrial informatics
  • Industrial informatics
Numero volume della rivista14
Fascicolo della rivista5
Verificato da refereeSì: Internazionale
Stato della pubblicazionePublished version
Parole chiaveperformance evaluation, cybersecurity, industrial communications, firewall
Link (URL, URI)
Strutture CNR
  • IEIIT — Istituto di elettronica e di ingegneria dell'informazione e delle telecomunicazioni
    • Performance Evaluation and Modeling of an Industrial Application-Layer Firewall