Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Assessing the Security of OPC UA Deployments

 
: Roepert, Linus; Dahlmanns, Markus; Fink, Ina Berenice; Pennekamp, Jan; Henze, Martin

:
Postprint urn:nbn:de:bsz:21-dspace-1004337 (151 KByte PDF)
MD5 Fingerprint: 9249234a56e8d0dccf08b41f677a812b
Erstellt am: 9.6.2020


Menth, Michael ; Univ. Tübingen:
1st ITG Workshop on IT Security, ITSec 2020. Proceedings. Online resource : April 2-3 2020, Germany, online workshop
Online im WWW, 2020
https://publikationen.uni-tuebingen.de/xmlui/handle/10900/98091/browse?type=title
2 S.
Workshop on IT Security (ITSec) <1, 2020, Online>
Englisch
Konferenzbeitrag, Elektronische Publikation
Fraunhofer FKIE ()

Abstract
To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.

: http://publica.fraunhofer.de/dokumente/N-592790.html