University of Twente Student Theses


Assessing the Security of IEC 60870-5-104 Implementations using Automata Learning

Kerkers, M. (2017) Assessing the Security of IEC 60870-5-104 Implementations using Automata Learning.

[img] PDF
Abstract:Industrial Control Systems (ICS) that monitor and control (critical) infrastructures have become more connected and therefore easier to reach from the internet. As a result of this, it has become easier for attackers to perform an attack on an ICS from a remote location. A protocol, that is used in such an ICS for the control of power distribution, is IEC 60870-5-104. In this thesis, a tool is presented that can be used to infer automata, i.e. finite state machines, from implementations of this protocol. This tool is used to learn automata from three simulators and two real devices that all implement IEC 60870-5-104. These automata are compared with each other and with the specification in the IEC 60870- 5-104 standard. The real devices follow the specification more closely then the simulators. However, for both real devices, specific sequences of messages have still been found that make the implementation deviate from the specification. These differences could be used in attacks against this protocol or to fingerprint devices.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page