The reason is that Ethernet/IP includes standard functions for pulling metadata from devices. If you thought Ethernet/IP was only there to deliver process values and setpoints, you missed the show. Ethernet/IP can also tell you about device make and model, firmware version, and hardware configuration. In other words, all the data that you want to keep in an OT asset inventory. Rather than trying to extract this information from deep packet inspection (a.k.a. protocol dumpster diving), we simply query the device using a legitimate protocol function.
This capability was not even invented with Ethernet/IP but is built into CIP. CIP is the Common Industrial Protocol which has nothing to do with NERC CIP, in case you wonder. The CIP that we’re talking about is a standardized application layer protocol that is not limited to Ethernet/IP but can also be found in ControlNet and DeviceNet — something we’ll get back to later.
But is it safe to use?
If you are using Allen-Bradley controllers, you will most likely already be aware of Ethernet/IP’s ability to discover PLCs, RTUs, and their configuration details. This is exactly the feature that Rockwell’s RSLinx software uses when you browse a control network with RSWho. If you are using RSLinx, you are using Ethernet/IP asset discovery.
Beyond proprietary software applications
But then there are some major differences between both software products:
– in OT-BASE Asset Discovery, dialog mode is rather the exception than the norm. In production use, Ethernet/IP networks are selectively probed automatically every 24 hours by a background software process, implemented as a Windows service.
– Besides Ethernet/IP, OT-BASE Asset Discovery supports other protocols such as Profinet and Modbus for a more complete coverage of your installed base. It even offers WMI and SNMP so that you can also enumerate your Windows software applications and network topology.
– All discovery data is consolidated in a central database, the OT-BASE Asset Center. In the Asset Center, you can visualize, analyze, search and share asset data.
Enter CIP Route Browsing
But wait, it even gets better.
One of the most overlooked features in CIP is the so-called route browsing. Route browsing means that you can jump across media segments as long as CIP is used. (For a technical description of CIP route browsing, read this paper.) For example, you can discover components in a network segment “behind” a controller without installing any dedicated discovery gear in that network segment.
That means a huge boost in efficiency for asset discovery, because a single software instance can be sufficient to traverse complex, layered control networks. If you are heavily using Ethernet/IP, you may even consider your OT asset discovery problem solved.