The Modbus Protocol Vulnerability Test in Industrial Control Systems

“…Partial validation was performed on a test bed, which was a replica of a gas pipeline system and a storage tank. Details regarding the implementation of all 28 attacks were later given in [1], where the so-called Honeypot environment was used for verification. Some of MITM/DoS attacks from [16] were demonstrated in [17], [18], where a real-time simulation test bed was presented for smart power grid cyber security analysis.…”

“…Building on research presented in [1], [11]- [16], this paper gives an updated and extended summary of the reported attacks against Modbus, easily understandable by the ICS community. Detailed analysis of off-the-shelf available IT solutions for ICSs penetration is given as well, the aim being to increase the awareness of existence of such tools.…”

“…Developed in 1979 by Modicon (now Schneider Electric), Modbus communication protocol represents a standard for data exchange in ICSs [2], [10]. Accessibility and flexibility, ease of implementation and relatively simple maintenance when compared with other protocols [1], [10], made this protocol the first choice for many ICS equipment manufacturers. Based on these advantages and the fact that it allows communication between different devices made by different vendors, Modbus protocol (versions TCP and RTU) can today be found as basis for many IoT technologies.…”

“…In the past, an ICS was built to operate in a closed network, hence, industrial equipment and communication protocols were designed without security aspects being taken into account. Nowadays, in order to improve operational efficiency and to reduce costs (in other words, to integrate an ICS into the Internet of Things (IoT)), these closed systems are connected to the internet on a regular basis, making them an easy target for cyber threats [1]- [3]. Although nowadays attacks on ICSs and corresponding protocols are not a new occurrence, in the last decade or so a significant increase in the frequency of such attacks has been recorded [4], [5].…”

Off-the-Shelf Solutions as Potential Cyber Threats to Industrial Environments and Simple-To-Implement Protection Methodology

“…Partial validation was performed on a test bed, which was a replica of a gas pipeline system and a storage tank. Details regarding the implementation of all 28 attacks were later given in [1], where the so-called Honeypot environment was used for verification. Some of MITM/DoS attacks from [16] were demonstrated in [17], [18], where a real-time simulation test bed was presented for smart power grid cyber security analysis.…”

“…Building on research presented in [1], [11]- [16], this paper gives an updated and extended summary of the reported attacks against Modbus, easily understandable by the ICS community. Detailed analysis of off-the-shelf available IT solutions for ICSs penetration is given as well, the aim being to increase the awareness of existence of such tools.…”

“…Developed in 1979 by Modicon (now Schneider Electric), Modbus communication protocol represents a standard for data exchange in ICSs [2], [10]. Accessibility and flexibility, ease of implementation and relatively simple maintenance when compared with other protocols [1], [10], made this protocol the first choice for many ICS equipment manufacturers. Based on these advantages and the fact that it allows communication between different devices made by different vendors, Modbus protocol (versions TCP and RTU) can today be found as basis for many IoT technologies.…”

“…In the past, an ICS was built to operate in a closed network, hence, industrial equipment and communication protocols were designed without security aspects being taken into account. Nowadays, in order to improve operational efficiency and to reduce costs (in other words, to integrate an ICS into the Internet of Things (IoT)), these closed systems are connected to the internet on a regular basis, making them an easy target for cyber threats [1]- [3]. Although nowadays attacks on ICSs and corresponding protocols are not a new occurrence, in the last decade or so a significant increase in the frequency of such attacks has been recorded [4], [5].…”

Off-the-Shelf Solutions as Potential Cyber Threats to Industrial Environments and Simple-To-Implement Protection Methodology

Incident Detection System for Industrial Networks

Dam Control System’s Cybersecurity Testbed