Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Towards the protection of industrial control systems: conclusions of a vulnerability analysis of profinet IO
Paul A., Schuster F., König H.  DIMVA 2013 (Proceedings of the 10th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Berlin, Germany, Jul 18-19, 2013)160-176.2013.Type:Proceedings
Date Reviewed: Dec 26 2013

In current industrial automation systems, it is critical to share information among the different processes. Most automation projects involve complex communication systems. The Internet and the use of Ethernet networks in industrial environments make it possible to integrate management and logistics with production processes from anywhere in the world. This has many advantages, but it also increases security risks. The authors of this paper analyze the vulnerabilities of the Profinet standard.

This work is divided into three main sections. The first is dedicated to the essentials of Profinet and a discussion of how it can be attacked. The authors describe some possible attacks on this protocol, presented in two scenarios: denial-of-service (DoS) attacks and man-in-the-middle attacks. The paper discusses an intrusion detection system (IDS) for industrial control systems that provides appropriate protection from information and communications technology threats. The authors propose a concrete approach for protocol-level attack detection using n-gram analysis. The approach involves two phases: learning normal system behavior and detecting attacks.

This paper shows the vulnerabilities of the industrial Ethernet protocol and asserts the necessity of network-based intrusion detection to protect industrial control systems. I recommend it to automation engineers and students. Readers do not need to be experts to understand the ideas presented.

Reviewer:  Francisco Rodriguez-Diaz Review #: CR141832 (1403-0208)
Bookmark and Share
 
Security and Protection (C.2.0 ... )
 
 
Ethernet (C.2.1 ... )
 
 
Industrial Control (J.7 ... )
 
 
TCP/ IP (C.2.2 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Introduction to data security and controls (2nd ed.)
Edward R. I., QED Information Sciences, Inc., Wellesley, MA, 1991. Type: Book (9780894353864)
Aug 1 1992
Security for computer networks: an introduction to data security in teleprocessing and electronic funds transfer
Davies D., Price W., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471900634)
Oct 1 1985
The development and proof of a formal specification for a multilevel secure system
Glasgow J., Macewen G. ACM Transactions on Computer Systems 5(2): 151-184, 1987. Type: Article
Oct 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy