1
Q
What is an industrial control system (ICS)?
A
An ICS is a set of computing, control, and communication components used to monitor and control industrial processes.
2
Q
What is the role of sensors in an ICS?
A
Sensors measure physical process variables and provide feedback to controllers.
3
Q
What is the role of actuators in an ICS?
A
Actuators execute control commands and influence the physical process.
4
Q
What are the main tasks of controllers in an ICS?
A
Controllers collect and process sensor readings, issue commands to actuators based on control logic, and report aggregated process data to supervisory systems.
5
Q
What is a control loop?
A
A control loop consists of sensor input, a controller algorithm, and actuator output, with feedback from the process sent back to the controller.
6
Q
What is data concentration in industrial control?
A
Data concentration means collecting process data in one place and exposing it via a single communication protocol, even if the controller does not directly control the process.
7
Q
What is a programmable logic controller (PLC)?
A
A PLC is a self-contained computing device geared mostly for general-purpose industrial applications.
8
Q
What is a remote terminal unit (RTU)?
A
An RTU forwards sensor readings and commands between controllers and field devices over longer distances.
9
Q
What is a master terminal unit (MTU)?
A
An MTU is the main controller of an industrial system and collects data from RTUs.
10
Q
What is an intelligent electronic device (IED)?
A
An IED realizes communication between MTU/RTU components and polling field devices.
11
Q
What is a safety instrumented system (SIS)?
A
An SIS is an independent and isolated control system used to ensure physical safety.
12
Q
What is the purpose of safety controllers or SIS components?
A
They detect hazardous conditions and restore the system to a safe state, including shutdown if necessary.
13
Q
Which kinds of failures can a safety controller override?
A
Sensor and actuator failures, control loop failures, and failures caused by cyber attacks.
14
Q
What is a human-machine interface (HMI)?
A
An HMI is the local graphical or textual interface between an operator and an industrial process.
15
Q
What does an HMI typically do?
A
It supervises and controls a subprocess, exchanges data with the controller, displays alarms and status information, and allows operators to set control points or issue commands.
16
Q
Where can an HMI be located?
A
It can run on a remote machine or be physically attached to part of the system.
17
Q
What is a supervisory workstation?
A
A supervisory workstation collects process data for oversight and high-level process management, usually with little or no direct control of controller control points.
18
Q
How does a supervisory workstation differ from an HMI?
A
It is more centralized, covers the complete ICS, and is usually more read-oriented with less direct control.
19
Q
What is a data historian?
A
A data historian records and stores time-tagged ICS data such as sensor readings and actuator commands for long-term use.
20
Q
Why is a data historian important?
A
It enables long-term storage, reporting, and exporting of process data to higher-level systems such as MES or ERP.
21
Q
What is an engineering workstation?
A
An engineering workstation is used for configuration, maintenance, diagnostics, and developing, testing, and updating control software.
22
Q
Why is an engineering workstation security-critical?
A
Because it often has direct access to controller software and configuration.
23
Q
What are key characteristics of PLCs?
A
PLCs are real-time digital computers for industrial control, provide analog and/or digital I/O, and communicate with HMIs or other PLCs over industrial protocols.
24
Q
Why are PLCs considered rugged devices?
A
They are designed to operate in harsh environments with vibration, electrical noise, temperature variation, and dust.
25
Which standard defines common PLC programming languages?
IEC 61131-3 defines common PLC programming languages.
26
Name common PLC programming languages from IEC 61131-3.
Function block diagram, instruction list, sequential function chart, ladder diagram, and structured text.
27
Why is ladder logic historically important?
It was the first PLC programming language and mimics relay logic circuit diagrams.
28
What are the three broad types of industrial control systems?
Process Control Systems (PCS), Distributed Control Systems (DCS), and Supervisory Control and Data Acquisition (SCADA) systems.
29
What is a process control system (PCS)?
A PCS monitors and controls a single industrial process and aims to keep a controlled variable at a steady state.
30
Give examples of PCS application domains.
Chemical plants, manufacturing factories, and water or wastewater treatment.
31
Which operation modes are mentioned for PCS?
Derivative, integral, on-off, and proportional modes.
32
What is a distributed control system (DCS)?
A DCS is a larger-scale process control system with multiple integrated control subsystems monitored by distributed control devices.
33
What is characteristic of control in a DCS?
Control follows the distributed nature of the process, so there is no single central controller for the complete system.
34
What is SCADA?
SCADA stands for Supervisory Control and Data Acquisition and provides high-level supervisory control and plant-wide or geographically distributed data acquisition.
35
What is the typical scope of SCADA?
SCADA is used for large geographic areas such as pipelines and electric transmission or distribution systems.
36
What is the main operational difference between DCS and SCADA?
DCS is process-driven, while SCADA is event- and data-driven.
37
What is the main scope difference between DCS and SCADA?
DCS is mostly local, while SCADA is more geographically dispersed.
38
How does process control capability differ between DCS and SCADA?
DCS can implement advanced process control techniques, while SCADA typically has more limited process control capability.
39
What is an industrial network?
An industrial network is any network that supports connectivity and communication between devices that make up or support an ICS.
40
How do DCS and SCADA commonly differ in network scope?
DCS commonly uses local-area switched networks, while SCADA commonly uses wide-area routed networks.
41
Which legacy serial interfaces may still appear in industrial networks?
RS-232, RS-422, and RS-485.
42
What is the industrial automation pyramid?
It is a layered model from field level up to control, supervision, planning, and management, often represented by sensors/actuators, PLCs, HMI/SCADA, MES, and ERP.
43
What is the role of ERP in the automation pyramid?
ERP supports enterprise planning, materials, delivery, orders, and other business-level processes.
44
What is the role of MES in the automation pyramid?
MES tracks and coordinates manufacturing execution between enterprise planning and plant-floor supervision/control.
45
Why is the Purdue 95 reference model important?
It organizes industrial functions into levels and is widely used as a reference model for industrial network security planning.
46
Why is the automation pyramid relevant for security?
Because it helps structure zones, conduits, and segmentation between field, control, supervision, planning, and management functions.
47
What is a bus topology?
A bus topology connects a small number of devices linearly on a shared medium, is inexpensive, and often uses non-IP communication.
48
What are typical disadvantages of bus topologies?
Limited performance and limited reliability because all connected nodes share network resources.
49
What is a mesh topology?
A mesh topology connects devices to each other for maximum uptime and performance, often used for critical infrastructure nodes.
50
What is a wireless mesh topology?
A wireless mesh uses radio links instead of wires, so the available paths are determined by wireless connectivity.
51
What is a star topology?
A star topology is a point-to-multipoint network centered around one central device, such as an Ethernet switch.
52
What is a ring topology?
A ring topology connects endpoints in a circle and is often used to interconnect devices or access switches.
53
What is information technology (IT) in this context?
IT refers to traditional computing, networking, and software systems that process information to support enterprise business objectives.
54
What is operational technology (OT)?
OT refers to computing, control, and communication devices and software used to monitor and control industrial processes.
55
Why is IT/OT convergence a cybersecurity problem?
Because IT technologies and connectivity bring standard IT vulnerabilities into OT environments and expose OT systems to Internet-connected networks.
56
What are the overarching goals in industrial networks according to the lecture?
Safety and system availability.
57
What does determinism mean in industrial communication?
It means packet transmission times are predictable and effectively constant, i.e., no jitter.
58
What is short cycle time?
It is the time needed to pass information through the system, so it reflects low latency.
59
Why is low data loss important in industrial networks?
Because lost messages can disrupt control quality, timing, and availability.
60
What is real-time communication?
Real-time communication means that correctness depends not only on producing the right result but also on producing it at the right time.
61
What is soft real-time in ICS?
In soft or firm real-time systems, missed deadlines reduce process quality or usefulness but do not immediately stop the process.
62
What is hard real-time in ICS?
In hard real-time systems, missing a deadline can interrupt the process and may have catastrophic consequences.
63
What practical wireless ICS requirements are named in the lecture?
Latency as low as 1 ms, reliability up to 10^-9, and support for many sensors and actuators despite bandwidth limits.
64
What device constraints are common in industrial environments?
Limited memory, limited computation, limited power, and strong heterogeneity ranging from constrained controllers to full servers.
65
What network constraints are common in industrial environments?
Low data rates, high and unstable latency, limited reachability, missing advanced features such as multicast, unusual routing, and unstable topologies.
66
How do field/control networks differ from office networks?
Field/control networks are highly real-time and reliability-critical with low, consistent latency and few explicitly defined sessions, unlike best-effort office networks.
67
What lifecycle issue is typical in industrial systems?
Devices often remain in operation for 20 to 25 years or longer.
68
Why is robust hardware especially important in OT?
Because industrial environments require mechanical and electrical robustness of devices and connections.
69
Why do industrial environments often need special communication protocols and hardware?
Because traditional IT networking does not satisfy industrial requirements such as determinism, robustness, longevity, and special topologies.
70
What does the fine blanking line example mainly illustrate?
It illustrates that production networks need robust real-time communication and can generate very high data rates.
71
What is the key balancing constraint in power grids?
Generated power must match consumption.
72
What does the smart grid idea add compared to traditional grids?
It enables more dynamic operation and decentralized power generation and use.
73
What does an RTU do in a power grid?
It monitors and controls substations, including values such as current, voltage, power, and breaker states.
74
Which interfaces may a power-grid RTU use?
It may interface with substation devices via IEC 61850, Modbus, or serial communication.
75
What communication properties are highlighted for power grids?
Redundant links are required, communication often uses private WAN or mobile links, and VPN/IPsec may be used, but application-level integrity and encryption are often still missing.
76
What does SCADA do in a power grid?
It visualizes and archives the grid state, collects RTU data, and sends commands to RTUs to steer generation and distribution.
77
Which protocols are highlighted for SCADA communication in power grids?
IEC 60870-5-104 and DNP3.
78
What do maritime systems use sensors for?
They sense the environment for safe navigation, using components such as GNSS, radar, AIS, echo sounders, and related bridge systems.
79
What is the Integrated Bridge System (IBS)?
It is a modern maritime integration platform combining navigation displays, steering components, and sensor information.
80
What was the traditional communication style in maritime systems?
Closed-network serial communication using NMEA 0183 or CAN-based NMEA 2000.
81
What does IEC 61162-450 do in maritime networking?
It encapsulates NMEA 0183 data in IP/UDP broadcast to integrate nautical data into modern bridge networks.
82
What are fieldbus-based industrial protocols?
They are protocols that connect sensors and actuators with PLCs or RTUs over serial bus systems for distributed real-time control.
83
What are key advantages of fieldbus-based protocols?
Low to medium cabling cost, simple commissioning, rapid transmission over one physical connection, robustness, and high availability.
84
What are key disadvantages of fieldbus-based protocols?
Insufficient standardization and heterogeneous communication structures.
85
What is the main advantage of Manchester coding?
It provides automatic clock synchronization because every bit includes a level transition.
86
What is the main disadvantage of Manchester coding?
Only half of the capacity is effectively used.
87
What is the key idea of differential Manchester coding?
The presence of a transition matters more than polarity, so it still works even if the signal is inverted.
88
Where is CAN bus commonly used?
CAN is widely used in passenger vehicles, trucks, buses, and also in areas such as elevators and building automation.
89
What are basic CAN bus properties?
CAN uses a two-wire differential bus, supports 8-byte data exchanges, and has maximum speeds around 500 kbit/s in the lecture example.
90
Why is bit stuffing used in CAN?
A bit of opposite polarity is inserted after five consecutive identical bits to support synchronization.
91
How does CAN provide data integrity?
By using a cyclic redundancy check (CRC).
92
What is the basic idea of CRC?
The sender appends redundant bits so the transmitted polynomial is divisible by a generator polynomial, and the receiver checks whether the remainder is zero.
93
How does CAN resolve bus contention?
It uses Carrier Sense Medium Access/Collision Resolution (CSMA/CR) with identifier-based arbitration.
94
How do arbitration identifiers determine priority in CAN?
Lower identifier values have higher priority, so 00...0 is highest and 11...1 is lowest.
95
Why is CAN vulnerable to denial-of-service?
Because any compromised node on the bus can abuse arbitration and continuously occupy the medium.
96
Why are Ethernet-based industrial protocols used?
They connect PLCs to supervisory networks and help replace isolated serial or fieldbus systems while leveraging common Ethernet and IP technologies.
97
Why is ordinary Ethernet problematic for industrial control?
Because standard IT Ethernet is high-latency, non-deterministic, uses stochastic medium access, and lacks robustness for harsh environments.
98
What improves when using Industrial Ethernet?
Industrial Ethernet adds hardened hardware, prioritization, reduced collision effects, and often uses UDP to support real-time and deterministic communication.
99
What is Industrial Ethernet?
Industrial Ethernet is an umbrella term for Ethernet used in industrial environments with added mechanisms for determinism, real-time control, and robustness.
100
What are advantages of Industrial Ethernet over proprietary fieldbuses?
It supports common communication technology across the automation pyramid, standard interfaces, efficient commissioning, and easier remote monitoring via Internet technologies.
101
What are the three principal protocol stack realizations in Industrial Ethernet?
A software bypass for real-time traffic, a hardware bypass for real-time traffic, or carrying both real-time and non-real-time traffic over the traditional stack with application-layer encapsulation.
102
What is the purpose of switched Ethernet in industrial networks?
It creates non-collision domains so each entity gets its own physical bus segment.
103
What is segmentation in Industrial Ethernet?
It separates time-critical and non-critical traffic or network parts.
104
What is the role of IEEE 802.1p in Industrial Ethernet?
It provides priority slots so high-priority packets can be transmitted preferentially.
105
Why is synchronization so important in Industrial Ethernet?
Because determinism and short cycle times require tightly aligned clocks and low jitter.
106
Why are NTP and SNTP not sufficient for many ICS timing needs?
Because they do not provide the required timing accuracy and can introduce too much overhead.
107
What is Precision Time Protocol (PTP)?
PTP is a synchronization protocol for Ethernet-based local networks that distributes precise time information hierarchically.
108
What are the advantages of PTP over NTP/SNTP or GPS-based schemes?
PTP offers higher accuracy than NTP/SNTP and does not require a dedicated synchronization network or an outdoor GPS antenna.
109
What is EtherCAT mainly used for?
EtherCAT is used to manage sensors and actuators through a PLC in real-time industrial environments.
110
How does EtherCAT communication work in principle?
A master sends one frame through a ring of minions, and each minion extracts or inserts its own data while the frame passes through.
111
Why is EtherCAT efficient?
Because one frame can serve many devices, minions process frames on the fly, and host microprocessors are not involved in normal frame processing.
112
What trade-off does EtherCAT make to achieve real-time performance?
It needs special hardware in the devices to process frames on the fly.
113
What are the two main PROFINET performance classes mentioned?
PROFINET RT for soft or no strict real-time needs and PROFINET IRT for hard real-time applications.
114
What are key features of PROFINET IRT?
It uses PTP for synchronization, a producer-consumer model, and mechanisms such as fast forwarding, dynamic frame packing, and preemption/fragmentation support.
115
What is fast forwarding in PROFINET?
It moves the frame ID to the beginning of the frame so devices can process and forward it faster.
116
What is dynamic frame packing in PROFINET?
It packs data for several devices into one frame that gets shortened as data is extracted along the path.
117
What is frame preemption in PROFINET?
Express frames with hard real-time data can interrupt transmission of preemptable frames.
118
What is Modbus?
Modbus is a de facto industrial standard originally designed for serial-line communication with a master/minion request-response model.
119
How is data addressed in Modbus?
Modbus addresses data through memory areas such as coils, contacts, input registers, and holding registers.
120
What are coils, contacts, input registers, and holding registers in Modbus?
Coils are 1-bit read/write, contacts are 1-bit read-only, input registers are 16-bit read-only, and holding registers are 16-bit read/write.
121
Name important Modbus variants.
Modbus RTU, Modbus ASCII, Modbus TCP, Modbus UDP, Modbus Plus, and custom extensions such as Enron or Pemex Modbus.
122
How does Modbus RTU communicate?
It uses serial communication in a bus topology with one master and addressed minions.
123
What is the Modbus RTU frame structure?
A Modbus RTU frame contains start, address, function, data, CRC, and end/wait structure.
124
What addressing range is used for Modbus RTU minions in the lecture?
Minion addresses range from 1 to 247.
125
What changes in Modbus TCP compared to Modbus RTU?
Serial communication is replaced by Ethernet and TCP/IP, and an MBAP header is added.
126
What is the purpose of the MBAP header in Modbus TCP?
It adds fields such as transaction ID, protocol ID, and length to match responses with requests and structure TCP-based communication.
127
How are roles typically mapped in Modbus TCP?
The master acts as a client and minions listen as servers.
128
What is CIP in this chapter?
CIP is a peer-to-peer protocol family used to connect control and supervisory networks.
129
Name CIP implementations mentioned in the lecture.
EtherNet/IP, ControlNet, and DeviceNet.
130
What is DNP3 used for?
DNP3 connects control and supervisory networks, especially in electric, oil and gas, and water or wastewater sectors.
131
Which OSI layers are mainly defined by DNP3 according to the lecture?
DNP3 mainly defines the application and data-link layers.
132
What is a key communication feature of DNP3?
It improves bandwidth efficiency through event-oriented data reporting instead of only periodic polling.
133
What identifies the start of a DNP3 frame?
Two sync bytes, 0x0564.
134
How does DNP3 protect data inside its data-link frame?
It divides data into blocks and includes a CRC for each block of 16 data octets, except the last shorter block.
135
What is IEC 60870-5?
It is a family of telecontrol protocols for electrical engineering and power system automation.
136
What are the main IEC 60870-5 variants named in the lecture?
IEC 101 for serial communication, IEC 103 for slower transmission media, IEC 104 for Ethernet/TCP-based transport of IEC 101 messages, and IEC TS 60870-5-7 for security extensions.
137
What is IEC 101?
IEC 101 is a serial protocol with a TCP-like structure using U-frames, S-frames, and I-frames and power-grid-specific functions such as unsolicited and spontaneous messages.
138
What power-grid-specific features are highlighted for IEC 101?
Unsolicited periodic updates, spontaneous messages, general interrogation, and timestamping.
139
What is IEC 104?
IEC 104 ports IEC 101 to TCP/IP with minimal changes, keeping compatibility while using MTUs as clients and RTUs as servers.
140
Which frame types exist in IEC 104?
U-format for control and keepalive, S-format for acknowledgments, and I-format for carrying ASDUs with application data.
141
What is an ASDU in IEC 104?
The Application Service Data Unit carries information objects, values, quality indicators, and optional time tags.
142
What happens during a high-level IEC 104 connection sequence?
After TCP and IEC-104 handshakes, the MTU performs general interrogation, synchronizes clocks, and then exchanges periodic measurements, spontaneous messages, or control commands.
143
What is the main chapter-wide summary about industrial protocols?
There is a huge variety of industrial protocols, many are driven by process requirements, documentation is often limited, and vendor support is fragmented.
144
Why does adopting Ethernet and TCP/IP increase cyber risk in industry?
Because replacing only the communication medium without redesigning security exposes formerly isolated industrial communication to common network attacks.
145
Why is simply replacing legacy industrial protocols unrealistic?
Because legacy systems are long-lived, heterogeneous, operationally sensitive, and often difficult to update or replace.
146
What are the two basic approaches for retrofitting security to legacy industrial protocols?
Custom security extensions or transport-layer security added below the application protocol.
147
What is AUTOSAR SecOC?
It is a custom security approach for CAN that adds authenticity using a message authentication code combined with a freshness value.
148
What is the main limitation of AUTOSAR SecOC on regular CAN?
The MAC has to be truncated heavily, which increases brute-force risk.
149
What is Modbus TLS?
Modbus TLS is Modbus TCP protected by TLS, adding authentication, integrity, and encryption through transport-layer security.
150
What practical limitation of Modbus TLS is highlighted?
Many existing Modbus TCP devices are not easy to update and may struggle with storage and cryptographic overhead.
151
How does Industrial IoT differ from consumer IoT?
Industrial IoT is machine-centered, mission-critical, longer-lived, more structured, and often involves more devices and higher data volumes than consumer IoT.
152
Why is IP used as a common denominator in IoT networking?
Because it hides link-layer diversity, enables end-to-end addressability, and allows interconnection of heterogeneous subnetworks.
153
What is the basic IoT stack idea presented in the lecture?
Re-use and optimize IPv6 for constrained environments and use a concise HTTP-like protocol such as CoAP at the application layer.
154
What is 6LoWPAN?
6LoWPAN is an adaptation layer that enables IPv6-compatible communication over constrained IEEE 802.15.4 networks.
155
Which functions does 6LoWPAN provide?
Addressing support, neighbor discovery optimization, topology support, fragmentation, and IPv6/UDP header compression.
156
Why is header compression important in 6LoWPAN?
Because it reduces overhead dramatically and increases goodput on small constrained frames.
157
What is DTLS?
DTLS is TLS adapted for UDP, providing transport security over unreliable datagram communication.
158
How does DTLS differ from TLS in principle?
It adds mechanisms for loss, reordering, and fragmentation, uses retransmission timers, and includes stateless cookies against denial-of-service attacks.
159
Why is elliptic-curve cryptography often used with DTLS in constrained settings?
Because it provides comparable security with shorter keys and lower computational cost.
160
What is CoAP?
CoAP is a RESTful web protocol tailored to constrained devices and usually runs over UDP, often with 6LoWPAN and optionally DTLS.
161
How is CoAP related to HTTP?
It follows the same REST style with methods such as GET, PUT, POST, and DELETE, but is a lightweight subset designed for constrained devices.
162
Which four CoAP message types are defined?
Confirmable (CON), Non-confirmable (NON), Acknowledgment (ACK), and Reset (RST).
163
What communication features does CoAP provide besides low overhead?
Reliability without TCP, asynchronous communication, multicast, and congestion control.
164
What are the three 5G service scenarios mentioned?
Enhanced Mobile Broadband (eMBB), massive Machine Type Communications (mMTC), and Ultra-Reliable Low-Latency Communication (URLLC).
165
What are the three broad components of 5G architecture?
User Equipment (UE), Radio Access Network (RAN), and the 5G Core (5GC).
166
What is the difference between the 5G control plane and user plane?
The control plane handles signaling and control functions such as authentication, while the user plane carries end-user traffic.
167
Which key 5G technologies are emphasized?
Modularity, virtualization and network slicing, independent control/user planes, and PHY/MAC improvements such as Massive MIMO, beamforming, carrier aggregation, and mmWave.
168
Which 5G security enhancements are highlighted?
Support for strong security controls across interfaces, 256-bit algorithms, multiple authentication levels, and stronger user privacy using public-key techniques.
169
What important limitation of 5G security usage is discussed?
Many security controls are only mandatory to implement, not mandatory to enable, except integrity protection on UE-5GC control-plane data.
170
Why is 5G security a trade-off in industrial deployments?
Because enabling cryptographic protection increases latency and may conflict with strict real-time requirements.
171
What are private 5G networks?
They are enterprise-dedicated 5G deployments that can be locally managed and support industrial use cases with sensitive data and low-latency requirements.
172
What advantages of private 5G are mentioned?
Local management, reduced exposure of sensitive data, interoperability, flexible spectrum use, and ultra-reliable low-latency networking.
173
Why is 5G described as enormously complex?
Because of new functions and backward compatibility with earlier generations such as 2G, 3G, and 4G.
174
What 6G-related security concerns are mentioned?
Open-RAN and intelligent architectures introduce risks such as ML poisoning, more open interfaces to attack, malicious RAN components, and new challenges in non-terrestrial networks.
175
Why does industrial communication increasingly move toward publish/subscribe?
Because many-to-many communication with many devices and services becomes too complex and expensive with pure one-to-one communication.
176
What is a messaging broker system?
It is a hub-and-spoke publish/subscribe system in which clients communicate indirectly through a central broker.
177
What does decoupling in space and time mean in a broker system?
Clients do not need to know each other's addresses and do not need to be online at the same time.
178
How does publish/subscribe communication work at a high level?
Subscribers subscribe to topics, publishers publish messages to topics, and the broker forwards matching messages to interested subscribers.
179
What is MQTT?
MQTT is a lightweight machine-to-machine publish/subscribe messaging protocol designed for unreliable or high-latency networks.
180
What design goals of MQTT are named in the lecture?
Simple implementation, lightweight bandwidth-efficient messaging, QoS-based delivery, data-agnostic payloads, and continuous session awareness.
181
How are MQTT topics organized?
They form a tree-like namespace separated by slashes, for example factory/machine03/speed.
182
What wildcards does MQTT support?
The single-level wildcard + and the multi-level wildcard # at the end of a topic filter.
183
What are the three MQTT QoS levels?
QoS 0 at most once, QoS 1 at least once, and QoS 2 exactly once.
184
What is a durable MQTT subscription?
A durable subscription survives disconnects and buffers messages at the broker for later delivery.
185
What are retained messages in MQTT?
They are persistent last-known-good publications stored by the broker and sent to new subscribers immediately.
186
What is the MQTT Last Will and Testament (LWT)?
It is a message published by the broker when a client disconnects unexpectedly so other clients can detect the failure.
187
What problem does OPC UA try to solve?
OPC UA tries to unify industrial communication by abstracting heterogeneous devices and data sources behind a common interface.
188
Why is OPC UA important in industrial communication?
It supports vertical and horizontal integration and is one of the first industrial protocols described as secure by design.
189
What does the OPC UA stack contain conceptually?
An API above a UA stack with encoding, secure channel, and transport functionality between client and server.
190
What do OPC UA stack mappings define?
They define how abstract OPC UA concepts are implemented with specific encodings, security mechanisms, and transport protocols such as UA Binary, JSON, UA TCP, HTTP(S), or AMQP.
191
What is the OPC UA address space?
It is a semantic, tree-like representation of variables, functions, and objects that allows interoperable access to industrial data.
192
What are OPC UA information models?
They are standardized namespaces and companion specifications that define semantics and interoperability for specific domains.
193
How does OPC UA support interoperability across vendors?
By representing data semantically in a standardized address space and allowing domain-specific information models with possible vendor extensions.
194
What security options are highlighted for OPC UA connection establishment?
Optional certificate exchange, secure-channel creation with different security modes and policies, and authentication using anonymous access, credentials, certificates, or tokens.
195
What do OPC UA security modes control?
They enable or disable integrity and confidentiality, for example Sign&Encrypt, Sign, or None.
196
How does OPC UA support authorization?
It allows fine-grained access control with access rights per node in the address space.
Industrial Network Security
flashcards
Decks in class (6)
# Cards
