Towards the protection of industrial control systems: conclusions of a vulnerability analysis of profinet IO

Authors:
Andreas Paul;Franka Schuster;Hartmut König
Affiliations:
Computer Networks Group, Brandenburg University of Technology Cottbus, Cottbus, Germany;Computer Networks Group, Brandenburg University of Technology Cottbus, Cottbus, Germany;Computer Networks Group, Brandenburg University of Technology Cottbus, Cottbus, Germany
Venue:
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Year:
2013

Citing 7
Cited 0

Exploring Network Security in PROFIsafe

SAFECOMP '09 Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security
Exploring Security in PROFINET IO

COMPSAC '09 Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 01
Neural network based intrusion detection system for critical infrastructures

IJCNN'09 Proceedings of the 2009 international joint conference on Neural Networks
Introducing security modules in PROFINET IO

ETFA'09 Proceedings of the 14th IEEE international conference on Emerging technologies & factory automation
Intrusion detection in SCADA networks

AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
State-based network intrusion detection systems for SCADA protocols: a proof of concept

CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
N-Gram against the machine: on the feasibility of the n-gram network analysis for binary protocols

RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses

Quantified Score

Hi-index	0.00

Visualization

Abstract

The trend of introducing common information and communication technologies into automation control systems induces besides many benefits new security risks to industrial plants and critical infrastructures. The increasing use of Internet protocols in industrial control systems combined with the introduction of Industrial Ethernet on the field level facilitate malicious intrusions into automation systems. The detection of such intrusions requires a detailed vulnerability analysis of the deployed protocols to find possible attacks. Profinet IO is one of the emerging protocols for decentralized control in the European automation industry which has found wide application. In this paper, we describe as results of a vulnerability analysis of the Profinet IO protocol several possible attacks on this protocol. Thereafter we discuss an appropriate protection of automation networks using anomaly-based intrusion detection as an effective countermeasure to address these attacks.