Security in Industrial Networks
A major trend in the automation and power industries is the transition from closed proprietary network solutions to open TCP/IP protocols running on Ethernet technologies. As these industries converge on an all IP platform, new challenges and requirements on the security level of the devices arise. The introduction of integrated operations in the oil and gas industry has provided many benefits for the industry, but it has also opened up the information flow between Distributed Control Systems (DCS), corporate and subcontractor's networks. These developments increase the posibility of cyber security vulnerabilities and incidents in DCS networks. This thesis focus on information security of DCS devices. We pressent and discuss state of the art technologies for protecting DCS networks. We analyse a DCS protocol and assume the role of an attacker, using this knowledge to direct attacks against the DCS protocol and devices. We also perform vulnerability testing on industrial switches and controllers at ABB's Corporate Research Center in Oslo, using vulnerability scanner and ''hacker'' tools known in the IT world. We identify security vulnerabilities in these devices and propose mitigation paths to remove these vulnerabilities.
Place, publisher, year, edition, pages
Institutt for telematikk , 2007. , 236 p.
ntnudaim:3428, MTKOM kommunikasjonsteknologi, Telematikk
IdentifiersURN: urn:nbn:no:ntnu:diva-18327Local ID: ntnudaim:3428OAI: oai:DiVA.org:ntnu-18327DiVA: diva2:565822
Knapskog, Svein Johan, ProfessorJaatun, Martin GiljeHansen, Kai