|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Security Analysis of Industrial Control Systems
If you have a question about this talk, please contact Wei Ming Khoo.
Industrial Control Systems (ICS), often referred to as SCADA (Supervisory Control And Data Acquisition) Systems, have gained the increasing attention of IT-Security researchers. This talk introduces the terminology and background of ICS and exposes the reasons why it is difficult to secure ICS . Moreover, the talk will present security analysis guidelines for ICS devices. These guidelines can be applied to many ICS devices and are mostly vendor-independent. Furthermore, based on Scapy, a Modbus/TCP interactive packet manipulation program was developed for assessing critical infrastructures and ICS devices.
In the second half of the talk, I will describe a security analysis performed on a real device – an ICS democase containing current products in use in ICS . Besides known security issues, the analysis shows how the data visualized by the Human Machine Interface (HMI) can be altered and modified without limit. Secondly, physical values read by sensors, such as temperatures, can be altered within the Programmable Logic Controller (PLC). Thirdly, input validation also represent critical security issues in the ICS world. Lastly, existing security solutions for securing current ICS are briefly presented.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsHigh Energy Physics Seminars Cambridge Next Generation Sequencing Bioinformatics Day II Biological Anthropology Michaelmas Term Seminars 2012
Other talksValidity unpacked Our research on power conversion at Queensland Geothermal Energy Centre of Excellence State-of-the-Art Tests of Lepton Number Violation and Seesaw Mechanisms Early Career Conversations for Women Tbc Understanding RNA virus evolution: from sequence to information