Tongxin xuebao (Jun 2024)
Survey on industrial control protocol security research
Abstract
The security of industrial control protocol is the cornerstone to ensure ICS’s stable operation, a large number of industrial control protocols in the design phase ignore the consideration of security, resulting in most of the mainstream industrial control protocols generally having vulnerabilities. Considering the ICS architecture and the developmental characteristics of industrial control protocols, the various vulnerabilities and attack threats commonly faced by industrial control protocols were systematically summarized. At the same time, for the unknown potential vulnerabilities of industrial control protocols, the vulnerability mining techniques of industrial control protocols were analyzed in-depth, including the static symbolic execution-based, code audit-based, and fuzzing-based. The protocol design security protection technology was comprehensively dissected from the three directions of industrial control protocol specification design, communication mechanism, and third-party middleware. In addition, the future development trend of industrial control protocol security was further prospected from the aspects of sandbox development, security protection, and vulnerability mining.
