Fuzzing Based Approach for Vulnerability Analysis of Industrial Equipment in Communication Gateways

Please enable javascript in your browser.

Raeisi, Zahra | 2023

0 Viewed

Type of Document: M.Sc. Thesis
Language: Farsi
Document No: 57287 (19)
University: Sharif University of Technology
Department: Computer Engineering
Advisor(s): Jahangir, Amir Hossein
Abstract:
Ensuring the security and trustworthiness of industrial equipment is a major concern for manufacturers and users across various industries. Industrial control systems include all equipment, networks, and input-output devices that control and automate the process of collecting data, processing it, and generating commands for actuators. As these systems are widely used and play a crucial role in optimizing the use of industrial tools, this research focuses on them. Our research focuses on presenting a comprehensive and precise method that can test industrial control devices communicating with other devices via the IEC 104 protocol. We use a firmware fuzzing approach to assess system weaknesses and provide users of these systems with the ability to identify vulnerabilities. Furthermore, we have evaluated the effectiveness of this method by developing a tool that can communicate with a remote terminal unit (RTU) via the IEC 104 protocol and perform fuzzing incrementally
Keywords:
Vulnerability ; Firmware ; Dynamic Analysis ; Industrial Protocol ; Weakness ; Fuzzing

No TOC