Analysis of In-order Packet Delivery Network Policy Enforcement Function

Industrial Control System (ICS) networks face novel challenges in risk management, feature agility, and deployment flexibility. Essential hardware control systems may have a lifetime of decades while the need for business features and the network security landscape evolve on a daily basis. Even the mix of common protocols for network connectivity is likely to undergo significant market disruption over the 50+ year lifetime of a large industrial complex. Given this reality, the University of Houston Networking Lab [4] has embarked upon an effort, facilitated by the Department of Energy CREDC[2] program, to decouple the long development cycles of hardened industrial equipment from the ever-changing realities of both the local and wide-area networks they must use to transport essential sensor data and control messages.