Based on the specification described in this link, I have tried to implement the features that will provide a security-focused variant of the Modbus/TCP protocol by utilizing the Transport Layer Security (TLS) protocol. Essentially, none of the main functionality of the original Modbus protocol has been changed as the TLS "wraps" Modbus (per Requirement 6.1 in the specification) provide confidentiality to the transported data, data integrity, anti-replay protection, endpoint authentication via X.509v3 certificates, and authorization via information embedded in each certificate such as user and device roles.
Everything regarding the Modbus/TCP security has been created as an extra project in the solution and can be adopted whenever the users of the library desire to do so. I have tried to create all the necessary features described in Appendix B of the specification. More info can be found in the following README. Peculiarities are also described in the same README.
Any comments about flaws or misconceptions are highly appreciated!
Based on the specification described in this link, I have tried to implement the features that will provide a security-focused variant of the Modbus/TCP protocol by utilizing the Transport Layer Security (TLS) protocol. Essentially, none of the main functionality of the original Modbus protocol has been changed as the TLS "wraps" Modbus (per Requirement 6.1 in the specification) provide confidentiality to the transported data, data integrity, anti-replay protection, endpoint authentication via X.509v3 certificates, and authorization via information embedded in each certificate such as user and device roles.
Everything regarding the Modbus/TCP security has been created as an extra project in the solution and can be adopted whenever the users of the library desire to do so. I have tried to create all the necessary features described in Appendix B of the specification. More info can be found in the following README. Peculiarities are also described in the same README.
Any comments about flaws or misconceptions are highly appreciated!