Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A Meta Model for a Comprehensive Description of Network Protocols Improving Security Tests

 
: Pfrang, Steffen; Meier, David; Fleig, Andreas; Beyerer, Jürgen

:

Furnell, S. ; Institute for Systems and Technologies of Information, Control and Communication -INSTICC-, Setubal:
6th International Conference on Information Systems Security and Privacy, ICISSP 2020. Proceedings : 25th - 27th February 2020, Valletta, Malta
SciTePress, 2020
ISBN: 978-989-758-399-5
pp.671-682
International Conference on Information Systems Security and Privacy (ICISSP) <6, 2020, Valletta>
English
Conference Paper
Fraunhofer IOSB ()
meta model; network protocols; Packet Structure; Protocol Behavior; security testing; Industrial automation; IACS

Abstract
Modern industrial automation and control systems (IACS) are highly interconnected via Ethernet. Performing security tests to detect possible vulnerabilities in IACS is one of the measures requested by the IEC 62443 series of standards in order to improve their security. However, security testing tools and frameworks which exceed the power of random fuzzing require precise network protocol definitions. Unfortunately, those definitions vary greatly from tool to tool. Additionally, their creation and maintenance is time-consuming and error-prone. In consequence, especially common IACS protocols like Profinet IO or OPC UA are seldom to never implemented. To overcome this issue, this work proposes and implements an approach of a generic meta model for a comprehensive description of arbitrary network protocols. An important use case of this meta model is the export of network protocol definitions for different testing tools.

: http://publica.fraunhofer.de/documents/N-596965.html