Enterprise network configuration
Posted: Mon Feb 10, 2025 9:30 am
Public network deployment is a long-standing industry practice where a dedicated access point (APN) is dedicated to the enterprise.
Campus Network Deployment Options. Source (hereafter): Trend Micro
Campus Network Deployment Options. Source (hereafter): Trend Micro
Since the objective of the study was to identify vulnerabilities of campus networks, an isolated network based on its own equipment was deployed to build a model network of the steel plant. In order not to interfere with the operation of the telecommunications networks of telecom operators, all radio modules of the equipment were shielded.
The industrial network architecture for the study was built on the basis of the fairly common Purdue model. A distinctive feature of our configuration was the internal MQTT server, which ensures the interaction of Industrial Internet of Things (IIoT) devices. In the near future, MQTT servers will become a mandatory component of industrial IoT gateways, which means that their weak points can be used by attackers to carry out attacks.
To audit the communication exchange between IIoT devices, a second, external MQTT server was included in the network, which saved information received from the internal server to the cloud.
To control the plant equipment, programmable georgia mobile database controllers (PLCs) were used, the data from which was transmitted to a control computer accessible via RDP or VNC.
Wireless communications at the model steel mill were provided by a small base station.
Steel Mill Network Diagram
Steel Mill Network Diagram
Steel Mill Plant
A steel plant control system must control many different factors such as temperature, air flow and pressure in the furnaces, the composition of the ingredients needed to produce different alloys, etc.
Data from thermocouples, oxygen analyzers, and pressure sensors is fed to a PLC, which can control temperature, air flow, and pressure. The PLC transmits the received data to a control computer, whose operator monitors the state of the steelmaking complex.
Campus Network Deployment Options. Source (hereafter): Trend Micro
Campus Network Deployment Options. Source (hereafter): Trend Micro
Since the objective of the study was to identify vulnerabilities of campus networks, an isolated network based on its own equipment was deployed to build a model network of the steel plant. In order not to interfere with the operation of the telecommunications networks of telecom operators, all radio modules of the equipment were shielded.
The industrial network architecture for the study was built on the basis of the fairly common Purdue model. A distinctive feature of our configuration was the internal MQTT server, which ensures the interaction of Industrial Internet of Things (IIoT) devices. In the near future, MQTT servers will become a mandatory component of industrial IoT gateways, which means that their weak points can be used by attackers to carry out attacks.
To audit the communication exchange between IIoT devices, a second, external MQTT server was included in the network, which saved information received from the internal server to the cloud.
To control the plant equipment, programmable georgia mobile database controllers (PLCs) were used, the data from which was transmitted to a control computer accessible via RDP or VNC.
Wireless communications at the model steel mill were provided by a small base station.
Steel Mill Network Diagram
Steel Mill Network Diagram
Steel Mill Plant
A steel plant control system must control many different factors such as temperature, air flow and pressure in the furnaces, the composition of the ingredients needed to produce different alloys, etc.
Data from thermocouples, oxygen analyzers, and pressure sensors is fed to a PLC, which can control temperature, air flow, and pressure. The PLC transmits the received data to a control computer, whose operator monitors the state of the steelmaking complex.