• DocumentCode
    785895
  • Title

    Detecting Chains of Vulnerabilities in Industrial Networks

  • Author

    Cheminod, Manuel ; Bertolotti, Ivan Cibrario ; Durante, Luca ; Maggi, Paolo ; Pozza, Davide ; Sisto, Riccardo ; Valenzano, Adriano

  • Author_Institution
    Nat. Res. Council, IEIIT, Torino
  • Volume
    5
  • Issue
    2
  • fYear
    2009
  • fDate
    5/1/2009 12:00:00 AM
  • Firstpage
    181
  • Lastpage
    193
  • Abstract
    In modern factories, personal computers are starting to replace traditional programmable logic controllers, due to cost and flexibility reasons, and also because their operating systems now support programming environments even suitable for demanding real-time applications. These characteristics, as well as the ready availability of many software packages covering any kind of needs, have made the introduction of PC-based devices at the factory field level especially attractive. However, this approach has a profound influence on the extent of threats that a factory computing infrastructure shall be prepared to deal with. In fact, industrial personal computers share the same kinds of vulnerabilities with their office automation counterparts. Then, their introduction increases the risk of cyber-attacks. As the complexity of the network grows, the problem rapidly becomes hard to tackle by hand, due to the subtle and unforeseen interactions that may occur among apparently unrelated vulnerabilities, thus bearing the focus on the full automation of the analysis. Going into this direction, this paper presents a software tool that, given an accurate and machine-readable description of vulnerabilities, detects whether or not they are of concern and evaluates consequences in the context of a factory network.
  • Keywords
    industrial engineering; operating systems (computers); programmable controllers; software packages; software tools; industrial networks; operating systems; personal computers; programmable logic controllers; software packages; software tool; Automatic analysis tools; chains of vulnerabilities; computer network security; industrial communication systems;
  • fLanguage
    English
  • Journal_Title
    Industrial Informatics, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1551-3203
  • Type

    jour

  • DOI
    10.1109/TII.2009.2018627
  • Filename
    4895710