Towards a modular security testing framework for industrial automation and control systems: ISuTest

Pfrang, Steffen; Meier, David L.; Kautz, Valentin

doi:10.1109/etfa.2017.8247727

Cited by 6 publications

(6 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, this allows for thorough tests, even if information on internal parts of the components is not accessible. We call our approach Smevolution and implement it based on the security testing framework ISuTest ® [6]. We evaluate Smevolution by running different fuzzer configurations against a SUT with artificial vulnerabilities.…”

Section: Contributionsmentioning

confidence: 99%

“…On the one hand, we use a random fuzzer that performs the selection at random and uses the default mutation strategy provided by ISuTest ® . This mutation strategy is based on fixed heuristics crafted for black box network fuzzing [6]. We will refer to this random fuzzer as A_RANDOM in the following.…”

Section: Baseline Fuzzersmentioning

confidence: 99%

“…Note that the goal of our work is to analyze whether the models are able to learn meaningful information and use such fuzzers that are less sophisticated as a baseline. Nevertheless, these baseline fuzzers are based upon mutation heuristics especially developed for the use in black box network fuzzing for ICS [6]. For future work, it would be interesting to compare Smevolution to additional state-of-the-art black box fuzzers for network protocols to analyze their general performance.…”

Section: Baseline Fuzzersmentioning

confidence: 99%

“…ISuTest ® is a framework for security tests against networked devices, which focuses on black box fuzzing via Ethernet [ 6 ]. It enables users to detect formerly unknown vulnerabilities in ICs.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models

Borcherding,

Morawetz,

Pfrang

2023

Sensors

Self Cite

View full text Add to dashboard Cite

Smart production ecosystems are a valuable target for attackers. In particular, due to the high level of connectivity introduced by Industry 4.0, attackers can potentially attack individual components of production systems from the outside. One approach to strengthening the security of industrial control systems is to perform black box security tests such as network fuzzing. These are applicable, even if no information on the internals of the control system is available. However, most security testing strategies assume a gray box setting, in which some information on the internals are available. We propose a new approach to bridge the gap between these gray box strategies and the real-world black box setting in the domain of industrial control systems. This approach involves training an adaptive machine learning model that approximates the information that is missing in a black box setting. We propose three different approaches for the model, combine them with an evolutionary testing approach, and perform an evaluation using a System under Test with known vulnerabilities. Our evaluation shows that the model is indeed able to learn valuable information about a previously unknown system, and that more vulnerabilities can be uncovered with our approach. The model-based approach using a Decision Tree was able to find a significantly higher number of vulnerabilities than the two baseline fuzzers.

show abstract

Section: Contributionsmentioning

confidence: 99%

Section: Baseline Fuzzersmentioning

confidence: 99%

Section: Baseline Fuzzersmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models

Borcherding,

Morawetz,

Pfrang

2023

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…They conclude that none of the investigated tools completely answers industrial systems specificity and propose a new one fulfilling the requirements that they have identified for an ideal IACS fuzzer. The proposed fuzzer is integrated into the ISuTest security testing framework for IACS that was developed by the authors [13] to meet these requirements. This work resembles our approach in that it aims at supporting the security testing of IACS.…”

Section: Related Workmentioning

confidence: 99%

Qualitative Analysis for Validating IEC 62443-4-2 Requirements in DevSecOps

Göttel,

Kabir-Querrec,

Kozhaya

et al. 2023

2023 IEEE 28th International Conference on Emerging Technologies and Factory Automation (ETFA)

View full text Add to dashboard Cite

Validation of conformance to cybersecurity standards for industrial automation and control systems is an expensive and time consuming process which can delay the time to market. It is therefore crucial to introduce conformance validation stages into the continuous integration/continuous delivery pipeline of products. However, designing such conformance validation in an automated fashion is a highly non-trivial task that requires expert knowledge and depends upon available security tools, ease of integration into the DevOps pipeline, as well as support for IT and OT interfaces and protocols.This paper addresses the aforementioned problem focusing on the automated validation of ISA/IEC 62443-4-2 standard component requirements. We present an extensive qualitative analysis of the standard requirements and the current tooling landscape to perform validation. Our analysis demonstrates the coverage established by the currently available tools and sheds light on current gaps to achieve full automation and coverage. Furthermore, we showcase for every component requirement where in the CI/CD pipeline stage it is recommended to test it and the tools to do so.

show abstract

Detecting and preventing replay attacks in industrial automation networks operated with profinet IO

Pfrang

Meier

2018

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Towards a modular security testing framework for industrial automation and control systems: ISuTest

Cited by 6 publications

References 5 publications

Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models

Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models

Qualitative Analysis for Validating IEC 62443-4-2 Requirements in DevSecOps

Detecting and preventing replay attacks in industrial automation networks operated with profinet IO

Contact Info

Product

Resources

About