logo
Skip to main content

security

IT Security in PROFIBUS and PROFINET International

The increasing networking of production facilities increases the risk of cyber-attacks. The communication technologies specified and supported by PROFIBUS and PROFINET International (PI) are also exposed to this risk. To address this risk, PROFIBUS and PROFINET International operates a Cyber Security Incident and Response Team (CSIRT).

 

·      The PNO-CSIRT provides information and support to PI member companies and users of PI's technologies. This includes assistance in implementing proactive measures to reduce the risk of computer security breaches and to respond to such breaches or incidents as soon as they occur. The PNO-CSIRT is also intended to serve as a contact for the regional PROFIBUS and PROFINET organizations (RPAs).

·      The PNO-CSIRT sees itself as an intermediary between technology suppliers, component manufacturers, system manufacturers and users of the technologies of PROFIBUS and PROFINET International (PI).

·      The PNO-CSIRT serves as a contact for other CSIRTs / CERTs as well as other national and international institutions (e.g. BSI, ENISA) in questions concerning the technologies of the PROFIBUS User Organization (PI) and maintains corresponding contacts with these institutions.

The special role of the PNO as a manufacturer association means that the PNO-CSIRT sees its focus on the handling of weaknesses in the specifications of the technologies of the PROFIBUS User Organization (PI) and that the handling of product-dependent weaknesses is the responsibility of the respective technology, component or system suppliers. In this case, the PNO-CIRT will provide the necessary support to forward incoming vulnerability reports to the appropriate addressees and to provide appropriate feedback to the reporting person / company.

 

Click here for the details:

 

·      IT security policy of the PROFIBUS user organization
<Link to policy document Englisch, separate pdf document for download>

·      Form for reporting IT security incidents
<Link to subordinate page 1 with registration form>

·      E-mail communication with the PNO
<Link to subordinate page 2 with email address and PGP key >

·      Security Advisories of the PROFIBUS user organization
<Link to subordinate page 3 with Security Advisories>

·      Subscription to the PNO Security Advisories mailing list
<Link to subordinate page 4 with registration form>

security
security
security
security
security
security
security