{"title":"Security assessment framework for cyber physical systems: A case-study of DNP3 protocol","authors":"Irfan A. Siddavatam, F. Kazi","doi":"10.1109/IBSS.2015.7456631","DOIUrl":null,"url":null,"abstract":"Industrial control system (ICS) is a critical component in realizing Cyber physical system (CPS). ICS designed with traditional SCADA platforms have a small percentage or no native security, since they were never designed to be operated remotely and over the Internet. Security of these critical systems relies heavily on communication protocols. DNP3 is one of the most widely used protocols by SCADA system to communicate between the master and slave station. IEEE 1815-2012 is the current standard for DNP3 having goal to provide cyber security based on IEC/TS 62351-15. This paper investigates the buoyancy of DNP3 towards attacks as passive Network reconnaissance, Base line response replay, Rogue interloper, Event buffer flooding and TCP veto. Paper concludes by comments on new set of Improper input validation vulnerability.","PeriodicalId":317804,"journal":{"name":"2015 IEEE Bombay Section Symposium (IBSS)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Bombay Section Symposium (IBSS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IBSS.2015.7456631","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15
Abstract
Industrial control system (ICS) is a critical component in realizing Cyber physical system (CPS). ICS designed with traditional SCADA platforms have a small percentage or no native security, since they were never designed to be operated remotely and over the Internet. Security of these critical systems relies heavily on communication protocols. DNP3 is one of the most widely used protocols by SCADA system to communicate between the master and slave station. IEEE 1815-2012 is the current standard for DNP3 having goal to provide cyber security based on IEC/TS 62351-15. This paper investigates the buoyancy of DNP3 towards attacks as passive Network reconnaissance, Base line response replay, Rogue interloper, Event buffer flooding and TCP veto. Paper concludes by comments on new set of Improper input validation vulnerability.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
