EtherNet/IP

EtherNet/IP是由罗克韦尔自动化公司开发的工业以太网通讯协定,由开放DeviceNet厂商协会(ODVA)管理,可应用在程序控制及其他自动化的应用中,是通用工业协定(CIP)中的一部份

EtherNet/IP名称中的IP是“Industrial Protocol”(工业协议)的简称,和网际协议没有关系。

EtherNet/IP是应用层的协定,将网络上的设备视为许多的“物件”。EtherNet/IP为通用工业协定为基础而架构,可以存取来自ControlNet及DeviceNet网络上的物件。

EtherNet/IP使用以太网的物理层网络,也架构在TCP/IP的通讯协定上,用微处理器上的软件即可实现,不需特别的ASIC或FPGA。EtherNet/IP可以用在一些可容许偶尔出现少量非决定性的自动化网络。

EtherNet/IP很容易误解为Ethernet(以太网)及Internet Protocol(网际协议)的组合。不过EtherNet/IP是一个工业使用的应用层通讯协定,可以使控制系统及其元件之间建立通讯,例如可编程逻辑控制器、I/O模组等,EtherNet/IP中的IP是指工业协定。

历史

EtherNet/IP是在1990年后期由洛克威尔自动化公司开发.是洛克威尔工业以太网络方案的一部份。后来洛克威尔就和EtherNet/IP交给ODVA管理,ODVA管理EtherNet/IP通讯协定,并确认不同厂商开发的EtherNet/IP设备都符合EtherNet/IP通讯协定,确保多供应商的EtherNet/IP网络仍有互操作性。

技术细节

EtherNet/IP将以太网的设备以预定义的设备种类加以分类,每种设备有其特别的行为,此外,EtherNet/IP设备可以:

用用户数据报协议(UDP)的隐式报文传送基本I/O资料。
用传输控制协议(TCP)的显式报文上传或下载参数、设定值、程式或配方。
用主站轮询、从站周期性更新或是状态改变(COS)时更新的方式,方便主站监控从站的状态,讯息会用UDP的报文送出。
用一对一、一对多或是广播的方式,透过用TCP的报文送出资料。
EtherNet/IP使用TCP端口44818作为显式报文的处理,UDP端口2222作为隐式报文的处理。
EtherNet/IP的应用层协定是以使用在DeviceNet、CompoNet及ControlNet的通用工业协定(CIP)为基础。

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

最新工业控制系统漏洞

ICS-CERT Advisory Feed
Advantech WebAccess

This advisory includes mitigations for stack-based buffer overflow, external control of file name or path, improper privilege management, and path tra. . . read more Tue, 23 Oct 2018 10:10:09 EDT

GAIN Electronic Co. Ltd SAGA1-L Series

This advisory includes mitigations for authentication bypass by capture-relay, improper access control, and improper authentication vulnerabilities in. . . read more Tue, 23 Oct 2018 10:05:48 EDT

Telecrane F25 Series

This advisory includes mitigations for an authentication bypass by capture-replay vulnerability in the Telecrane F25 Series software.. . . read more Tue, 23 Oct 2018 10:00:54 EDT

Omron CX-Supervisor

This advisory includes mitigations for improper restriction of operations within the bounds of a memory buffer, out-of-bounds read, use-after-free, an. . . read more Wed, 17 Oct 2018 08:55:45 EDT

LCDS – Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

This advisory includes mitigations for untrusted pointer dereference, out-of-bounds read, integer overflow to buffer overflow, path traversal, out-of-. . . read more Tue, 16 Oct 2018 14:44:39 EDT

NUUO NVRmini2 and NVRsolo

This advisory includes mitigations for stack-based buffer overflow and leftover debug code vulnerabilities in NUUO's NVRmini2 and NVRsolo network. . . read more Thu, 11 Oct 2018 10:10:11 EDT

NUUO CMS

This advisory includes mitigations for use of insufficiently random values, use of obsolete function, incorrect permission assignment for critical res. . . read more Thu, 11 Oct 2018 10:05:11 EDT

Delta Industrial Automation TPEditor

This advisory includes mitigations for out-of-bounds write and stack-based buffer overflow vulnerabilities in the Delta Industrial Automation TPEditor. . . read more Thu, 11 Oct 2018 10:00:20 EDT

GE iFix

This advisory includes mitigations for an unsafe ActiveX control marked safe for scripting vulnerability in a Gigasoft component affecting GE’s iFix. . . read more Tue, 09 Oct 2018 10:30:34 EDT

Siemens SCALANCE W1750D

This advisory includes mitigations for a cryptographic issues vulnerability in Siemens' SCALANCE W1750D direct access point hardware.. . . read more Tue, 09 Oct 2018 10:25:37 EDT

Siemens ROX II

This advisory includes mitigations for improper privilege management vulnerabilities in the Siemens ROX II products.. . . read more Tue, 09 Oct 2018 10:20:19 EDT

Siemens SIMATIC S7-1200 CPU Family Version 4

This advisory includes mitigations for a cross-site request forgery vulnerability in the Siemens SIMATIC S7-1200 CPU products.. . . read more Tue, 09 Oct 2018 10:15:18 EDT

Siemens SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP Open Controller

This advisory includes mitigations for a denial of service from improper input validation vulnerability in the Siemens SIMATIC S7-1500, SIMATIC S7-150. . . read more Tue, 09 Oct 2018 10:10:22 EDT

Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server

This advisory includes information on the predictable from observable state, hidden functionality, and missing encryption of sensitive data vulnerabil. . . read more Tue, 09 Oct 2018 10:05:48 EDT

Fuji Electric Energy Savings Estimator

This advisory includes mitigations for an uncontrolled search path element (DLL Hijacking) vulnerability in the Fuji Electric Energy Savings Estimator. . . read more Tue, 09 Oct 2018 10:00:12 EDT

Carestream Vue RIS

This advisory includes mitigations for an information exposure through an error message vulnerability in the Carestream Vue RIS, a web-based radiology. . . read more Thu, 04 Oct 2018 10:10:11 EDT

Change Healthcare PeerVue Web Server

This advisory includes mitigations for an information exposure through an error message vulnerability in the Change Healthcare PeerVue Web Server.. . . read more Thu, 04 Oct 2018 10:05:49 EDT

WECON PI Studio

This advisory includes information on stack-based buffer overflow, out-of-bounds write, and out-of-bounds read vulnerabilities in WECON’s PI Studio. . . read more Thu, 04 Oct 2018 10:00:35 EDT

Delta Electronics ISPSoft

This advisory includes mitigations for a stack-based buffer overflow vulnerability in the Delta Electronics ISPSoft software.. . . read more Tue, 02 Oct 2018 10:10:16 EDT

GE Communicator

This advisory includes mitigations for a heap-based buffer overflow vulnerability in GE's Communicator, an application for programming and monito. . . read more Tue, 02 Oct 2018 10:05:06 EDT