Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
Embedded System Vulnerability Analysis Approach Based on Firmware Modification Attacks in Industrial Control Systems
Pour Vali Moghadam, Hamed | 2022
111
Viewed
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 55536 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Jahangir, Amir Hossein
- Abstract:
- A wide range of field devices, including Intelligent Electronic Devices (IEDs) and Remote Terminal Units (RTUs), are used in Industrial Control Systems (ICSs). These devices are embedded systems that are responsible for protecting the power system devices against faults and damage by controlling circuit breakers. Disruptions in command and control can result in accidents and harm. Due to their physical accessibility and the possibility of backdoors, blackout attacks may be designed and implemented on these devices in a manner similar to what has occurred in many countries in recent year.Many vulnerabilities have been reported for Real-Time Operating System (RTOS), firmware, and software of embedded system devices so far. Hence, to improve the security of industrial environment and protect our devices from cyber attacks, a new and safe design is required or, given that they have been deployed in large numbers, hardening or securing them, along with a variety of network interfaces and tools and their configurations, programming, and adjustment methods, must be used.In this research, a solution is presented for analyzing the firmware integrity violation vulnerability by determining hardening priorities and analyzing the vulnerabilities of embedded systems used in ICS. Following the analysis, a firmware modification attack was carried out against the MOXA serial to ethernet converter to modify the firmware. Furthermore, this attack has been successfully carried out on some embedded systems. To prevent these kinds of attacks, we also presented solutions based on software and hardware security extensions
- Keywords:
- Embedded System ; Backdoor ; Industrial Control System ; Reverse Engineering ; Cyber Security ; Firmware
Digital Object List-
محتواي کتاب - view
Bookmark