Critical infrastructure


Nitesh Malviya
February 11, 2020 by
Nitesh Malviya


Foundation Fieldbus was designed to replace analog connections in the refining, petrochemical and nuclear industries. It was first proposed in 1984 and standardized in 1996. Foundation Fieldbus is a digital, bi-directional communication protocol and has been developed by FieldComm Group.

Foundation Fieldbus has been designed specifically for device-to-device communication. (Devices are also called field instruments and the term is used interchangeably.) Thus, during a host system failure, devices can communicate with each other, maintaining continuous and safe operation.

Learn ICS/SCADA Security

Learn ICS/SCADA Security

Explore realistic critical infrastructure scenarios and build your security skills with hands-on labs, on-demand courses and live boot camps.

Foundation Fieldbus provides real-time control between device and host systems. The host system is the system where the software is installed, and it acts as an HMI (Human-Machine Interface). They are usually laptops or any handheld device. Thus, using Foundation Fieldbus, communication can happen between:

  1. Device-to-device: In this, the devices on the fields directly share and exchange data between them
  2. Device-to-host systems: In this, communication happens between device and a host system which has HMI software installed on it

Advantages of Foundation Fieldbus

Foundation Fieldbus has many advantages over other protocols. Some of them are:

  1. Device-to-device communication
  2. Multiple devices can be connected on a single cable
  3. Fewer cable trays and I/O cards (input/output)
  4. Fewer devices
  5. Better and faster commissioning
  6. Better and fast diagnostics
  7.  Easy upgrades and addition of devices
  8. Signal distortion detection and high immunity to noise.

Foundation Fieldbus implementation

To cater to different needs in the environment, Foundation Fieldbus can be implemented in two ways:

  1. Foundation Fieldbus H1: This operates at 31.25 Kbit/s and is used for connecting field devices and host systems. This implementation used twisted-pair wiring for communication and data transfer. H1 is the most common implementation
  2. HSE (high-speed Ethernet): As the name says, it operates at 100/1000 Mbit/s. It is generally used for connecting I/O subsystems, gateways and host systems. It uses IEEE 802.3af PoE (Power over Ethernet) standard

Foundation Fieldbus topology

Foundation Fieldbus supports various topologies for communication between host systems and HMI device:

  1. Bus with spurs technology: In this topology, several devices and spurs are connected directly connected on a single bus. The length of the spur is determined by the number of devices per spur and number of spurs present in the network
  2. Point-to-point topology: This topology is also called daisy chain topology. In this topology, all devices are connected to each other in series on a single fieldbus
  3. Tree topology: It is a combination of bus and star topology. In this, several field devices are connected to coupler/junction boxes
  4. End-to-end topology: In this topology, two devices are directly connected to each other. Either two field devices are connected to each other or a connection is made between field devices and host system
  5. Mixed topology: As the name implies, this topology makes use of a combination of two or more topologies. The setup and structure completely depends upon the number of devices and their connection mechanism

Device connection and communication

Each Fieldbus device has a unique 32-bit hardware address identifier. It constitutes of a 6-byte manufacturer code, 4-byte device code and a serial number. Thus, it becomes easy to identify and distinguish each device from the others. 

The Fieldbus foundation assigns manufacturer code while the rest of the fields are assigned by the manufacturer. The device which is to be connected is assigned a node address by Link Active Scheduler (LAS) and the address is in the range of 0x04 or a series of lower addresses.

Security issues

Foundation Fieldbus usually functions on the physical, data link and application layers. It is possible for any device to be connected over the physical layer and be part of the network. This can be addressed at the application layer by defining access groups and granting those groups usage rights and passwords. There is no security offered at the data link layer, though MAC address filtering can solve data link layer issues.


Foundation Fieldbus is one of the best protocols in the market for integrating field devices and host systems. It is possible to diagnose the devices running on Foundation Fieldbus, thus reducing the overall cost and maintenance headache in setting up and running the plant. 

Because of the salient features and advantages discussed above, if security issues in the protocol are properly addressed, then Foundation Fieldbus can cater to all of the needs required for implementing an integrated automation system.

Learn ICS/SCADA Security

Learn ICS/SCADA Security

Explore realistic critical infrastructure scenarios and build your security skills with hands-on labs, on-demand courses and live boot camps.



  1. FOUNDATION Technology Overview, FieldComm Group
  2. What is FOUNDATION Fieldbus ?, AutomationForum.Co
  3. FOUNDATION Fieldbus, FieldComm Group
  4. Major Difference between Foundation Fieldbus and HART Protocols, Emerson Automation Experts
  5. Foundation™ Fieldbus Blocks,
  6. Albert Treytl, Thilo Sauter and Christian Schwaiger, "Security Measures for Industrial Fieldbus Systems - State of the Art and Solutions for IP-based Approaches," Proceedings of International Workshop on Factory Communication Systems, 2004
Nitesh Malviya
Nitesh Malviya

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog - and Linkedin -