Blog
About
Search
Advanced search

175
views
9
references
 Top references
0
cited by
 Most cited
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
1 collections
    8
    shares
      402
      similar
       All similar
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      SimaticScan: Towards A Specialised Vulnerability Scanner for Industrial Control Systems

      Authors: 1 , 1 , 1 , 1

      Publication date (Print):

      Conference name: 4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)

      Conference theme: Cyber Security Research

      Conference date: 23 - 25 August 2016

      Keywords: industrial control systems, vulnerability scanner, programmable logic controllers

      Read this article at

      ScienceOpen
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Over the years, modern Industrial Control Systems (ICS) have become widely computerised and connected via the Internet and are, therefore, potentially vulnerable to cyber attacks. Currently there is a lack of vulnerability scanners specialised to ICS settings. Systems such as PLCScan and ModScan output pertinent information from a Programmable Logic Controller (PLC). However, they do not offer any information as to how vulnerable a PLC is to an attack. In this paper, we address these limitations and propose SimaticScan, a vulnerability scanner specialised to Siemens SIMATIC PLCs. Through experimentation in a comprehensive water treatment testbed, we demonstrate SimaticScan’s effectiveness in determining a range of vulnerabilities across three distinct PLCs, including a previously unknown vulnerability in one of the PLCs. Our experiments also show that SimaticScan outperforms the widely used Nessus vulnerability scanner (with relevant ICS-specific plugins deployed).

          Related collections

          Most cited references 9

          • Record: found
          • Abstract: not found
          • Article: not found

          Exploiting siemens simatic s7 plcs

           D Beresford (2011)
          Article 0 comments Cited 2 times – based on 0 reviews     Review now
            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Aspfuzz: A state-aware protocol fuzzer based on application-layer protocols

             T. Kitagawa,  M Hanaoka,  K. KONO (2010)
            Article 0 comments Cited 1 times – based on 0 reviews     Review now
              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Design and implementation of fuzzing technology for opc protocol

               T Wang,  Q Xiong,  H. GAO (2013)
              Article 0 comments Cited 1 times – based on 0 reviews     Review now
                Bookmark
                All references

                Author and article information

                Contributors
                Rob Antrobus
                Sylvain Frey
                Benjamin Green
                Awais Rashid
                Conference
                Publication date: October 2016
                Publication date (Print): October 2016
                Pages: 11-18
                Affiliations
                Security Lancaster Research Centre Lancaster University Lancaster LA1 4WA UK security-centre.lancs.ac.uk
                DOI: 10.14236/ewic/ICS2016.2
                Copyright statement: © Antrobus et al. Published byBCS Learning & Development Ltd.Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016

                License:

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                Conference name: 4th International Symposium for ICS & SCADA Cyber Security Research 2016
                Conference acronym: ICS-CSR
                Conference number: 4
                Conference location: Queen’s Belfast University, UK
                Conference date: 23 - 25 August 2016
                Conference sponsor: Electronic Workshops in Computing (eWiC)
                Conference theme: Cyber Security Research
                Product
                Product Information: 1477-9358 BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Series title: Electronic Workshops in Computing

                Data availability:

                ScienceOpen disciplines: Applied computer science, Computer science, Security & Cryptology, Graphics & Multimedia design, General computer science, Human-computer-interaction

                Keywords: industrial control systems, programmable logic controllers, vulnerability scanner

                Comments

                Comment on this article