Supported devices and protocols

Kaspersky Industrial CyberSecurity for Networks analyzes traffic of the following types of devices used for process automation:

Programmable Logic Controllers (PLC):
- ABB™ AC 700F, 800M
- Allen-Bradley® ControlLogix®, CompactLogix™ series
- AutomationDirect DirectLOGIC
- BECKHOFF® CX series
- Emerson DeltaV MD, MD Plus, MQ
- Emerson ControlWave series
- General Electric RX3i
- Honeywell C300 for Experion PKS / PlantCruise control systems
- Honeywell ControlEDGE 900 series
- Mitsubishi System Q E71
- OMRON CJ2M
- Schneider Electric Foxboro FCP270, FCP280
- Schneider Electric Modicon: M580, M340, Momentum
- Siemens™ SIMATIC™ S7-200, S7-300, S7-400, S7-1200, S7-1500
- Yokogawa ProSafe-RS
- Yokogawa AFV10, AFV30, AFV40
- Prosoft-Systems Regul R500
- Devices that support the Allen-Bradley EtherNet/IP protocol
- Devices that support CODESYS V3 protocols
- Devices that support the Siemens S7comm™ and S7comm-plus protocols
- Devices that support PROFINET IO standard protocols
Intelligent electronic devices (hereinafter referred to as IED):
- ABB Relion™ series: REF615, RED670, REL670, RET670
- General Electric Multilin series: B30, C60
- MiCOM C264
- Schneider Electric P545
- Schneider Electric Sepam 80 NPP series
- Siemens SIPROTEC™ 4: 6MD66, 7SA52, 7SJ64, 7SS52, 7UM62, 7UT63
- Relematika TOR 300
- EKRA 200 series, BE2502, BE2704
- Devices supporting the DNP3 protocol
- Devices supporting the Schneider Electric UMAS protocol
- Devices supporting protocols of the IEC 60870 standard: IEC 60870-5-101, IEC 60870-5-104
- Devices supporting protocols of the IEC 61850 standard: IEC 61850-8-1 (GOOSE, MMS), IEC 61850-9-2 (Sampled Values)
- Devices supporting the Modbus TCP protocol
Devices with server software installed:
- FTP server
- OPC DA server
- OPC UA server
- TASE.2 server
- Server with encryption support
Devices categorized as network equipment:
- Moxa NPort series
- I/O devices that support the following protocols: BACnet™, FTP, IEC 60870-5-101, IEC 60870-5-104, Modbus TCP, OPC DA, WMI device interaction protocol, and OPC UA Binary.

For the listed types of devices, Kaspersky Industrial CyberSecurity for Networks analyzes communications over the following application-level protocols:

ABB SPA-Bus
Allen-Bradley EtherNet/IP
BACnet
BECKHOFF ADS/AMS
CODESYS V3 Gateway over TCP and CODESYS V3 Gateway over UDP
DMS for ABB AC 700F devices
DNP3
Emerson ControlWave Designer
Emerson DeltaV
FTP
General Electric SRTP
IEC 60870: IEC 60870-5-101, IEC 60870-5-104
IEC 61850: GOOSE, MMS (including MMS Reports), Sampled Values
Mitsubishi MELSEC System Q
Modbus TCP
OMRON FINS
OPC DA, protocol for interaction of devices over WMI technology
OPC UA Binary
PROFINET IO and RPC for PROFINET IO
Schneider Electric UMAS
Siemens Industrial Ethernet
Siemens S7comm, S7comm-plus
TASE.2
Yokogawa Vnet/IP
Relematika BDUBus
Modification of the Modbus TCP protocol for devices of Ekra 200 series
Protocol for interaction of Foxboro FCP270, FCP280 devices
Protocols for initial configuration and interaction of Moxa NPort series devices
AutomationDirect DirectLOGIC device interaction protocol
MiCOM C264 device interaction protocol
Protocol for initial setup of Prosoft-Systems devices
Protocol for data exchange with Emerson ControlWave series devices
Protocol of devices with Siemens DIGSI 4 system software
Protocols for interaction of devices in Honeywell Experion PKS / PlantCruise control systems
Protocols for detection and interaction of Honeywell ControlEDGE 900 series devices

To analyze traffic and interactions of devices, the application employs modules for processing application-layer protocols. After installation, the application uses the original modules that support the listed types of devices and application-layer protocols.

You can update protocol processing modules by installing updates. When installing updates to the application, new modules that support additional types of devices and/or application-layer protocols may be added.

Page top