Proceedings of the 2015 International Conference on Electrical, Computer Engineering and Electronics

Peach Improvement on Profinet-DCP for Industrial Control System Vulnerability Detection

Authors
Dianbo Zhang, Jianfei Wang, Hua Zhang
Corresponding Author
Dianbo Zhang
Available Online June 2015.
DOI
https://doi.org/10.2991/icecee-15.2015.305How to use a DOI?
Keywords
Peach; Fuzzing; Profinet-DCP; PLC; Industrial Safety.
Abstract
With the development of ICS, PLC and SCADA systems are interconnected with Ethernet and directly connected to internet, which greatly improve the efficiency of data sharing and introduced in security threats at the same time. Once crack fault occurrence of critical infrastructure will result in casualties and great economic loss. Peach Fuzzer is an advanced and extensible fuzzing platform and is restricted to those with TCP/UDP-based protocols on Windows Platform, the PN-DCP would not be supported without publisher to send PDU correctly. So it is urgent to develop an additional publisher for PN-DCP. In this paper, we propose a novel Peach improvement on Profinet-DCP for industrial control system vulnerability detection. We analyze the importance of vulnerability detecting for PN-DCP with Peach Fuzzer. Then, introducing the Peach Framework, the hierarchy of Profinet-DCP and the PitFile of Profinet-DCP. We also evaluate our approach through experiments, the results can fully satisfy the requirement of vulnerability detecting of PN-DCP on Peach platform.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Proceedings
Part of series
Advances in Computer Science Research
Publication Date
June 2015
ISBN
978-94-62520-81-3
ISSN
2352-538X
DOI
https://doi.org/10.2991/icecee-15.2015.305How to use a DOI?
Open Access
This is an open access article distributed under the CC BY-NC license.

Cite this article

TY  - CONF
AU  - Dianbo Zhang
AU  - Jianfei Wang
AU  - Hua Zhang
PY  - 2015/06
DA  - 2015/06
TI  - Peach Improvement on Profinet-DCP for Industrial Control System Vulnerability Detection
PB  - Atlantis Press
SP  - 1622
EP  - 1627
SN  - 2352-538X
UR  - https://doi.org/10.2991/icecee-15.2015.305
DO  - https://doi.org/10.2991/icecee-15.2015.305
ID  - Zhang2015/06
ER  -