Fuzzing the S7 network protocol Methodology for security evaluation of Industrial Control Systemsthrough fuzz testing Programmable Logical Controllersoperating with the Siemens S7 network protocol

Publicerad

Typ

Examensarbete för masterexamen
Master Thesis

Modellbyggare

Tidskriftstitel

ISSN

Volymtitel

Utgivare

Sammanfattning

Industrial control systems (ICS) have recently become targets of malicious agents, as demonstrated by the Stuxnet malware, which targeted Siemens programmable logic controllers (PLCs) operating with the Siemens S7 network protocol and successfully infiltrated more than a dozen industrial plants, causing enormous damage to the operating ICS. In an attempt to bring attention to the problems of ICSs security and to ease vulnerability discovery in ICSs operating with equipment manufactured by Siemens, this thesis aims to evaluate the S7 implementation in PLCs through fuzz testing approaches. The thesis further documents the methodology used, so that it can be applied to similar industrial protocols in the future. The execution results shows that network fuzzing is able to successfully cause unwanted behaviour deviations in the target thus rendering it unstable and potentially causing negative impact on the ICS. Those results further indicate the seriousness of the problem by demonstrating how an attacker could possibly disrupt the normal work of ICS by performing fuzz testing through remote execution towards it, which in a real world scenario can lead to severe economical, social and environmental consequences, depending on the process of which the fuzzed target is in control and the amount of targets being fuzzed. This thesis further aims to urge vendors into actions, as the consequences of a compromised ICS can cause enormous impact on a global scale.

Beskrivning

Ämne/nyckelord

Data- och informationsvetenskap, Computer and Information Science

Citation

Arkitekt (konstruktör)

Geografisk plats

Byggnad (typ)

Byggår

Modelltyp

Skala

Teknik / material

Index

item.page.endorsement

item.page.review

item.page.supplemented

item.page.referenced