PROFIBUS International (PI), together with GMA, NAMUR, VDMA and ZVEI, established an initiative under the name ?Security in Automation?. Its objective is to establish a practical and cost-effective data security concept for securing new as well as existing systems and devices that meets the special requirements of automation technology. This initiative allows the experiences and ideas of users and manufacturers of networked automation technology to be included in the work. The results are introduced into the international standardization as a joint position by DKE (German Commission for Electrical, Electronic & Information Technologies of DIN and VDE).
In the framework of its PROFINET activities, PROFIBUS International started working on the topic ?IT Security? in September 2003 and published the ?PROFINET Security Guideline? in November 2004. This guideline is available as base document for further joint action of the security initiative. During a two-day workshop in May 2005 in Karlsruhe, 50 experts have worked in 4 working groups on topics such as ?Generally accepted security practices ? top-down approach? and ?Security concept from a user?s perspective ? bottom-up approach?. The ?PROFINET Security Guideline? was compared against studied security goals and examined for completeness. The working groups established that the guideline represents an excellent foundation with respect to network security and already covers a large number of user requirements. Nevertheless, the workshop also gave stimuli in which direction the PROFINET Security Guideline should be expanded or which topics should be incorporated in case of an addition.
The participating associations introduce the compiled results in the relevant standardization plans. In particular, the results will enter directly into the ?IT Security? working group DKE 914.0.1. Additional co-ordinations and sessions are planned to reach a uniform and strong position in the interest of the users and manufacturers in the international standardization environment.