Simulating and Detecting Attacks of Untrusted Clients in OPC UA Networks

Neu, Charles V.; Schiering, Ina; Zorzo, Avelino F.

doi:10.1145/3360664.3360675

Cited by 6 publications

(4 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A study was conducted on an attack simulation for insecure OPC UA security configuration [11]. In addition, Varadarajan [12] focused on three major cyberattacks occurring in the industrial IoT [11]: packet sniffing, MiTM, and DoS. An attack scenario was constructed, and a penetration test was performed through a simulation [12].…”

Section: Opc Ua Security Analysismentioning

confidence: 99%

“…Moreover, studies have demonstrated denial-of-service (DoS) attacks, packet sniffing, and man-in-the-middle (MiTM) attacks through attack simulations on OPC UA networks [8][9][10][11][12][13][14]. However, they focused on the impact assessment of industrial Internet of Things (IoT) systems and verified possible attack types for known security threats specified in the OPC UA system specifications.…”

Section: Introduction 1background and Motivationmentioning

confidence: 99%

See 1 more Smart Citation

Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation

Shin

Kim

Euom

2022

Sensors

View full text Add to dashboard Cite

Recently, as new threats from attackers are discovered, the damage and scale of these threats are increasing. Vulnerabilities should be identified early, and countermeasures should be implemented to solve this problem. However, there are limitations to applying the vulnerability discovery framework used in practice. Existing frameworks have limitations in terms of the analysis target. If the analysis target is abstract, it cannot be easily applied to the framework. Therefore, this study proposes a framework for vulnerability discovery and countermeasures that can be applied to any analysis target. The proposed framework includes a structural analysis to discover vulnerabilities from a scenario composition, including analysis targets. In addition, a proof of concept is conducted to derive and verify threats that can actually occur through threat modeling. In this study, the open platform communication integrated architecture used in the industrial control system and industrial Internet of Things environment was selected as an analysis target. We find 30 major threats and four vulnerabilities based on the proposed framework. As a result, the validity of malicious client attacks using certificates and DoS attack scenarios using flooding were validated, and we create countermeasures for these vulnerabilities.

show abstract

Section: Opc Ua Security Analysismentioning

confidence: 99%

Section: Introduction 1background and Motivationmentioning

confidence: 99%

Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation

Shin

Kim

Euom

2022

Sensors

View full text Add to dashboard Cite

show abstract

“…Neu et al [43] and Polge et al [55] showed the feasibility of DoS attacks by a Rogue Client. They suggest network traffic anomaly detection as a countermeasure.…”

Section: Related Work 71 Security Of Open Source Opc Ua Librariesmentioning

confidence: 99%

Security Analysis of Vendor Implementations of the OPC UA Protocol for Industrial Control Systems

Erba¹,

Müller²,

Tippenhauer³

2022

Proceedings of the 4th Workshop on CPS &Amp; IoT Security and Privacy

View full text Add to dashboard Cite

The OPC UA protocol is an upcoming de-facto standard for building Industry 4.0 processes in Europe, and one of the few industrial protocols that promises security features to prevent attackers from manipulating and damaging critical infrastructures. Despite the importance of the protocol, challenges in the adoption of OPC UA's security features by product vendors, libraries implementing the standard, and end-users were not investigated so far.In this work, we systematically investigate 48 publicly available artifacts consisting of products and libraries for OPC UA and show that 38 out of the 48 artifacts have one (or more) security issues. We show that 7 OPC UA artifacts do not support the security features of the protocol at all. In addition, 31 artifacts that partially feature OPC UA security rely on incomplete libraries and come with misleading instructions. Consequently, relying on those products and libraries will result in vulnerable implementations of OPC UA security features. To verify our analysis, we design, implement, and demonstrate attacks in which the attacker can steal credentials exchanged between victims, eavesdrop on process information, manipulate the physical process through sensor values and actuator commands, and prevent the detection of anomalies. CCS CONCEPTS• Security and privacy → Key management; Usability in security and privacy; Authentication.

show abstract

“…Kim et al [5] indicates that there is an optimum point for the highest transferable data rate with respect to the query interval. Unix, Linux and Windows seem to be equivalently open to the Denial-of-Service attacks (DoS) which have been studied by Neu et al [6] for OPC UA.…”

Section: Validity Of Exponential Distribution For Modelling Inter-failure Arrival Times Of Windows Based Industrial Process Control Data mentioning

confidence: 99%

Validity of Exponential Distribution for Modelling Inter-failure Arrival Times of Windows based Industrial Process Control Data Exchange

YUCESAN¹,

Özkil²,

ÖZBEK³

2021

Journal of Scientific Technology and Engineering Research

View full text Add to dashboard Cite

 Investigates failure arrivals in a Windows Industrial Workshop Communication environment  Among the rare observations for failure arrival times. Exponential can be used with reasonable error that paves way for Markovian Analysis.Using a reliability function with a known classical distribution, at an instance in time, the chances of an activity success can be predicted. Based on this curve, a proper reset period can be appointed. This would help to keep the risk under control. For this purpose, a test bed mimicking the machine to machine (M2M) communication of a Digital Oil Rig is employed. It contains an Embedded Computer Server and an ordinary computer acting as a client querying data from the server. On this testbed, as the communication protocol Open Platform Communications -Unified Architecture (OPC UA) is run. In "most occasions, the arrival processes are assumed as a Poisson Arrival Process. The Question of a concern: "Is this assumption valid in case of an Embedded Computer responding to queries?". Our results indicate that the failure arrivals are independent identically distributed (IID) and can be modeled with an Exponential Distribution by accepting a reasonable error. Figure A. or Table A The name figure or table about given info and results

show abstract

Simulating and Detecting Attacks of Untrusted Clients in OPC UA Networks

Cited by 6 publications

References 15 publications

Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation

Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation

Security Analysis of Vendor Implementations of the OPC UA Protocol for Industrial Control Systems

Validity of Exponential Distribution for Modelling Inter-failure Arrival Times of Windows based Industrial Process Control Data Exchange

Contact Info

Product

Resources

About