SimaticScan: Towards A Specialised Vulnerability Scanner for Industrial Control Systems
نویسندگان
چکیده
Rob Antrobus Security Lancaster Research Centre Lancaster University Lancaster LA1 4WA UK security-centre.lancs.ac.uk [email protected] Sylvain Frey Security Lancaster Research Centre Lancaster University Lancaster LA1 4WA UK security-centre.lancs.ac.uk [email protected] Benjamin Green Security Lancaster Research Centre Lancaster University Lancaster LA1 4WA UK security-centre.lancs.ac.uk [email protected]
منابع مشابه
Using the Nessus Vulnerability Scanner on Control Systems
All too often we hear stories about the IT Department or some consultant running a vulnerability scan that takes down a key control systems server or component with potentially devastating effects on the underlying process. This is usually followed by the statement that SCADA and other control systems should never be scanned. In fact, many experts and training courses recommend that control sys...
متن کاملA SysML Extension for Security Analysis of Industrial Control Systems
The security of Industrial Control Systems (ICS) has become an important topic. Recent attacks have shown that inadequately protecting control systems could have disastrous consequences for society. This paper presents an extension for the Systems Modeling Language (SysML), allowing for the extraction of vulnerabilities from an industrial control system model. After a control system is modeled ...
متن کاملA Survey: An Advanced Key Management Technique with Enhanced Security SCADA System
Modern industrial facilities have command and control systems. These industrial command and control systems are commonly called supervisory control and data acquisition (SCADA).In this paper, we analyze several security issues in SCADA systems. We classify these issues based on key management, vulnerability and survivability. Using this standardized security techniques we can easily compare & c...
متن کاملTHAPS: Automated Vulnerability Scanning of PHP Applications
In this paper we describe the THAPS vulnerability scanner for PHP web applications. THAPS is based on symbolic execution of PHP with specialised support for scanning extensions and plug-ins of larger application frameworks. We further show how THAPS can integrate the results of dynamic analyses, generated by a customised web crawler, into the static analysis. This enables analysis of often used...
متن کاملVmiCVS: Cloud Vulnerability Scanner
Every service that runs in cloud systems comes with its own set of vulnerabilities. It is important to detect and assess those vulnerabilities to provide seamless and secure service to the users. Various scanners such as Port scanner, Network scanner, Web application security scanner, Database security scanner, Host based vulnerability scanner etc provide security assessment. But these scanners...
متن کامل