Security Testing Methods and Techniques of Industrial Control Devices

Zhao, Wei; Xie, Feng; Peng, Yong; Gao, Yang; Han, Xuefeng; Gao, Haihui; Wang, Dejin

doi:10.1109/iih-msp.2013.114

Cited by 5 publications

(3 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to National Institute of Standards and Technology (NIST) guidelines [138]- [139], a welldesigned, reliable, secure, robust and reliable system ensures trust between IoT and CPS based on various multifactors such as safety, security, privacy, consistency, dependability, resiliency, reliability, interaction and coordination. Several CPS testing tools are used to evaluate the protection of the CPSs based on these factors [140]. For example, a testing mechanism suggested by Zhou et al…”

Section: Reasons For Cps Vulnerabilitiesmentioning

confidence: 99%

Cyber-Physical Systems Enabled Transport Networks in Smart Cities: Challenges and Enabling Technologies of the New Mobility Era

et al. 2022

View full text Add to dashboard Cite

show abstract

Section: Reasons For Cps Vulnerabilitiesmentioning

confidence: 99%

Cyber-Physical Systems Enabled Transport Networks in Smart Cities: Challenges and Enabling Technologies of the New Mobility Era

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Devices that are to be evaluated and certified interact with the EPS-ICS testbed via a network interface or TAP device using Layer 2 access. Table 1 shows some common testing devices that can interact with the EPS-ICS testbed [13].…”

Section: Device Evaluation and Certificationmentioning

confidence: 99%

An Industrial Control System Testbed Based on Emulation, Physical Devices and Simulation

Gao

Peng

Dai

et al. 2014

Progress in Pattern Recognition, Image Analysis, Computer Vision, and Applications

Self Cite

View full text Add to dashboard Cite

Part 1: Control Systems SecurityInternational audienceThis paper demonstrates the utility of an industrial control system testbed that incorporates a universal, realistic, measurable, controllable and reusable experimental platform for cyber security research and testing. The testbed has a layered architecture that leverages physical devices and emulation and simulation technologies. The testbed enables researchers to create experiments of varying levels of fidelity for vulnerability discovery, product evaluation and system certification. The utility of the testbed is demonstrated via a case study involving an industrial boiler control system

show abstract

“…The vulnerability of the networked control system has been widely studied and discussed by both academia and industry, mainly including: information management vulnerability [9], operating system and database vulnerability [10,11], embedded control device vulnerability [11][12][13], and industrial communication protocol vulnerability [14][15][16]. As the major communication carrier for different industrial control devices, the industrial communication protocols are always utilized by malicious hackers as a breakout to perform various attacks.…”

Section: Introductionmentioning

confidence: 99%

Content-based deep communication control for networked control system

et al. 2016

View full text Add to dashboard Cite

In smart cities, the networked control system plays a significant role in transportation systems, power stations or other critical infrastructures, and it is facing many security issues. From this point, this paper proposes a content-based deep communication control approach to guarantee its security. Based on the layer architecture, this approach analyzes the interactive content in depth according to different industrial communication protocols, and implements the access control between two distinct enclaves. For OPC Classic, we acquire the dynamic port provided by OPC server, and open a new connection belonging to this port; for Modbus/TCP, we not only analyze the ordinary function codes and addresses, but also check the register or coil values by using the multi-bit Trie-tree matching algorithm. Besides, the white-listing strategy is introduced to satisfy the special requirements of industrial communication. Our experiment results show that, on the one hand the proposed approach pro- vides OPC and Modbus/TCP defenses in depth; on the other hand it has less than 1 ms forwarding latency and 0 packet loss rate when the rule number reaches 200, and all these meet the availability requirements in the networked control system. In particular, this approach has been successfully applied in several real-world petrochemical control systems.

show abstract

Security Testing Methods and Techniques of Industrial Control Devices

Cited by 5 publications

References 1 publication

Cyber-Physical Systems Enabled Transport Networks in Smart Cities: Challenges and Enabling Technologies of the New Mobility Era

Cyber-Physical Systems Enabled Transport Networks in Smart Cities: Challenges and Enabling Technologies of the New Mobility Era

An Industrial Control System Testbed Based on Emulation, Physical Devices and Simulation

Content-based deep communication control for networked control system

Contact Info

Product

Resources

About