Editorial: I think the abstract is too big. The Introduction fails to connect why the increased lengths possible for MODBUS/485 is of concern. I think it is because, the longer the wire is, the more opportunities there are for unauthorized taps in places nobody can see.
1. This work, as is, seems to belong with the EIA/Modbus. 2. There seems to be a huge uplift in functionality required to establish L2 security. If doing such a huge uplift, then: 3. Why not just run RFC8163? I understand that MS/TP is *not* MODBUS, as MODBUS includes many layers. Replace the lowest layer. 4. then run diet-esp (with SCHC and IKEv2) if the TLS part of MODBUS TCP isn't enough. 5. If MODBUS is being bridged over other transports, then those "VPN" transports should provide security for that part. This document seems to invent another AKE. Pick one of IKEv2, TLS, cTLS or EDHOC. -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ 6lo mailing list -- [email protected] To unsubscribe send an email to [email protected]
