 Vulnerabilities on the wire: Mitigations for insecure ICS device communicationMichael Hoffman
Cyber Security: A Peer-Reviewed Journal, 2020, vol. 4, issue 2, 160-181 Abstract: Modbus transmission control protocol (TCP) and other legacy ICS protocols ported over from serial communications are widely used in many ICS verticals. Due to extended operational industrial control system (ICS) component life, these protocols will be used for many years to come. Insecure ICS protocols allow attackers to potentially manipulate programmable logic controller (PLC) code and logic values that could lead to disrupted critical system operations. These protocols are susceptible to replay attacks and unauthenticated command execution.1 This paper examines the viability of deploying PLC configuration modifications, programming best practices and network security controls to demonstrate that it is possible to increase the difficulty for attackers to maliciously abuse ICS devices and mitigate the effects of attacks based on insecure ICS protocols. Student kits provided in SANS ICS515 and ICS612 courses form the backdrop for testing and evaluating ICS protocols and device configurations. Keywords: industrial control system (ICS); OT; Protocols; PLC; automation; Modbus (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2020:v:4:i:2:p:160-181 Access Statistics for this article More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.