Assessing the Security of IEC 60870-5-104 Implementations using Automata Learning

Kerkers, M. (2017) Assessing the Security of IEC 60870-5-104 Implementations using Automata Learning.

[img]
Preview
PDF
4MB
Abstract:Industrial Control Systems (ICS) that monitor and control (critical) infrastructures have become more connected and therefore easier to reach from the internet. As a result of this, it has become easier for attackers to perform an attack on an ICS from a remote location. A protocol, that is used in such an ICS for the control of power distribution, is IEC 60870-5-104. In this thesis, a tool is presented that can be used to infer automata, i.e. finite state machines, from implementations of this protocol. This tool is used to learn automata from three simulators and two real devices that all implement IEC 60870-5-104. These automata are compared with each other and with the specification in the IEC 60870- 5-104 standard. The real devices follow the specification more closely then the simulators. However, for both real devices, specific sequences of messages have still been found that make the implementation deviate from the specification. These differences could be used in attacks against this protocol or to fingerprint devices.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:http://purl.utwente.nl/essays/72277
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page