PI
Profinet V2.5 enables secure IT/OT-converged networks
The new Profinet V2.5 integrates real-time and TCP/IP communication, enhanced cyber security, and modern Ethernet technologies. All updates are reflected in GSD/GSDX files and test systems.
For over two decades, the Profinet specification has been continuously developed to meet the evolving demands of industry. Its wide adoption across various sectors, combined with backward compatibility, ensures that existing investments are protected. With version V2.5, PI (Profibus & Profinet International) marks another milestone. The update is based on numerous technical contributions within the PI organization as well as close coordination with international committees and associations.
The long-standing collaboration between IEC and IEEE under the IEC/IEEE 60802 standard reaches a significant milestone with the first official specification. PI contributed key expertise, particularly in implementing practical real-time communication alongside parallel TCP/IP traffic. This allows Profinet to be seamlessly integrated into 60802-based networks and supports IT/OT convergence.
In the area of cyber security, conceptual approaches have been translated into concrete specifications. Security Class 1 (SecCl1) devices are already in use, while features for Classes 2 and 3 are still under evaluation. With V2.5, all remaining issues, including certificate distribution, have been resolved, making Profinet effectively ´Security inside´.
A newly defined transport channel enables secure access for use cases such as parameterization, tool access, or firm-ware updates – either with or without security. Thanks to clear layer separation, the channel is suitable for both embedded systems and virtualized, container-based environments.
Additionally, Ethernet-APL and Single Pair Ethernet (SPE) have been integrated. All changes are reflected in the updated GSD/GSDX specifications and are incorporated into the PI test systems to ensure compatibility.
Security Classes 2 and 3 available
Profinet security now offers a scalable approach for various application scenarios. The foundation includes factors such as potential attack vectors, visibility of network components, and appropriate protection measures. While harmonization with IEC 62443 is still in progress, users can already implement protective measures ranging from simple mechanisms to fully integrated cyber security. For particularly critical installations, Security Classes 2 and 3 are available. These secure not only basic use cases such as asset management but also more complex scenarios such as AI-assisted analytics or digital twins. Implementation is supported by plug-fest testing and dedicated test environments. Profinet security also aligns with international regulations, including EU requirements. The continuity with other PI technologies such as IO-Link or NOA ensures consistent solutions from architecture to implementation.
With Profinet V2.5, the specification combines real-time operation, scalable cyber security, modern Ethernet technologies, and flexible transport channels – providing the technical foundation for secure, connected industrial networks.









