Skip to main content
SpringerLink
Log in

Towards the Protection of Industrial Control Systems – Conclusions of a Vulnerability Analysis of Profinet IO

  • Conference paper
Book cover Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7967))

Abstract

The trend of introducing common information and communication technologies into automation control systems induces besides many benefits new security risks to industrial plants and critical infrastructures. The increasing use of Internet protocols in industrial control systems combined with the introduction of Industrial Ethernet on the field level facilitate malicious intrusions into automation systems. The detection of such intrusions requires a detailed vulnerability analysis of the deployed protocols to find possible attacks. Profinet IO is one of the emerging protocols for decentralized control in the European automation industry which has found wide application. In this paper, we describe as results of a vulnerability analysis of the Profinet IO protocol several possible attacks on this protocol. Thereafter we discuss an appropriate protection of automation networks using anomaly-based intrusion detection as an effective countermeasure to address these attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet Dossier, Version 1.4. Symantec Security Response, Cupertino (2011)

    Google Scholar 

  2. W32.Duqu – The precursor to the next Stuxnet, Version 1.4. Symantec Security Response, Mountain View (2011)

    Google Scholar 

  3. Feld, J.: PROFINET - Scalable Factory Communication for all Applications. In: Proc. of the 2004 IEEE Intl. Workshop on Factory Communication Systems (WFCS 2004), pp. 33–38. IEEE (2004)

    Google Scholar 

  4. Jasperneite, J., Feld, J.: PROFINET: An Integration Platform for Heterogeneous Industrial Communication Systems. In: Proc. of the 10th IEEE Intl. Conf. on Emerging Technologies and Factory Automation (ETFA 2005). IEEE (2005)

    Google Scholar 

  5. Kleines, H., Detert, S., Drochner, M., Suxdorf, F.: Performance Aspects of PROFINET IO. Proc. of the IEEE Transactions on Nuclear Science 55, 290–294 (2008)

    Article  Google Scholar 

  6. Antolovic, M., Acton, K., Kalappa, N., Mantri, S., Parrott, J., Luntz, J.E., Moyne, J.R., Tilbury, D.M.: PLC Communication using PROFINET: Experimental Results and Analysis. In: Proc. of the 11th IEEE Intl. Conf. on Emerging Technologies and Factory Automation (ETFA 2006). IEEE (2006)

    Google Scholar 

  7. Åkerberg, J., Björkman, M.: Exploring Security in PROFINET IO. In: Proc. of the 33rd Annual IEEE Intl. Computer Software and Applications Conference (COMPSAC 2009), pp. 406–412. IEEE (2009)

    Google Scholar 

  8. Baud, M., Felser, M.: Profinet IO-Device Emulator based on the Man-in-the-Middle Attack. In: Proc. of the 11th IEEE Intl. Conf. on Emerging Technologies and Factory Automation (ETFA 2006), pp. 437–440. IEEE (2006)

    Google Scholar 

  9. Åkerberg, J., Björkman, M.: Exploring Network Security in PROFIsafe. In: Buth, B., Rabe, G., Seyfarth, T. (eds.) SAFECOMP 2009. LNCS, vol. 5775, pp. 67–80. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  10. Schafer, I., Felser, M.: Topology Discovery in PROFINET. In: Proc. of the 12th IEEE Intl. Conf. on Emerging Technologies and Factory Automation (ETFA 2007), pp. 704–707. IEEE (2007)

    Google Scholar 

  11. Jäger, M., Just, R., Niggemann, O.: Using Automatic Topology Discovery to Diagnose PROFINET Networks. In: Proc. of the 16th IEEE Intl. Conf. on Emerging Technologies and Factory Automation (ETFA 2011), pp. 1–4. IEEE (2011)

    Google Scholar 

  12. Åkerberg, J., Björkman, M.: Introducing Security Modules in PROFINET IO. In: Proc. of the 14th IEEE Intl. Conf. on Emerging Technologies and Factory Automation (ETFA 2009), pp. 1–8. IEEE (2009)

    Google Scholar 

  13. Snort 2.9.4 with ICS protocol support, http://s3.amazonaws.com/snort-org/www/assets/166/snort_manual.pdf

  14. Verba, J., Milvich, M.: Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS). In: Proc. of the IEEE Conf. on Technologies for Homeland Security (THS 2008), pp. 469–473. IEEE (2008)

    Google Scholar 

  15. Carcano, A., Fovino, I.N., Masera, M., Trombetta, A.: State-Based Network Intrusion Detection Systems for SCADA Protocols: A Proof of Concept. In: Rome, E., Bloomfield, R. (eds.) CRITIS 2009. LNCS, vol. 6027, pp. 138–150. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Barbosa, R.R.R., Pras, A.: Intrusion Detection in SCADA Networks. In: Stiller, B., De Turck, F. (eds.) AIMS 2010. LNCS, vol. 6155, pp. 163–166. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  17. Linda, O., Vollmer, T., Manic, M.: Neural Network based Intrusion Detection System for critical infrastructures. In: Proc. of the Intl. Joint Conference on Neural Networks (IJCNN 2009), pp. 1827–1834. IEEE (2009)

    Google Scholar 

  18. Bigham, J., Gamez, D., Lu, N.: Safeguarding SCADA Systems with Anomaly Detection. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 171–182. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  19. Gao, W., Morris, T., Reaves, B., Richey, D.: On SCADA Control System Command and Response Injection and Intrusion Detection. In: Proc. of the Fifth eCrime Researchers Summit (eCrime 2010), pp. 1–9. IEEE (2010)

    Google Scholar 

  20. IEC 61158-6-10 Industrial communication networks - Fieldbus specifications - Part 6-10: Application layer protocol specification - Type 10 elements (2007)

    Google Scholar 

  21. Hadziosmanović, D., Bolzoni, D., Etalle, S., Hartel, P.H.: Challenges and Opportunities in Securing Industrial Control Systems. In: Proc. of the IEEE Workshop on Complexity in Engineering (COMPENG 2012), pp. 1–6. IEEE (2012)

    Google Scholar 

  22. Hadžiosmanović, D., Simionato, L., Bolzoni, D., Zambon, E., Etalle, S.: N-gram Against the Machine: On the Feasibility of the N-gram Network Analysis for Binary Protocols. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 354–373. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  23. Schuster, F., Paul, A., König, H.: Towards learning normality for anomaly detection in industrial control networks. In: Doyen, G., Waldburger, M., Celeda, P., Sperotto, A., Stiller, B. (eds.) AIMS 2013. LNCS, vol. 7943, pp. 62–73. Springer, Heidelberg (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Networks Group, Brandenburg University of Technology Cottbus, Cottbus, Germany

    Andreas Paul, Franka Schuster & Hartmut König

Authors
  1. Andreas Paul
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Franka Schuster
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hartmut König
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute of Computer Science, Computer Security Group, University of Göttingen, Goldschmidtstr. 7, 37077, Göttingen, Germany

    Konrad Rieck

  2. Telekom Innovation Laboratories, Security in Telecommunications, Technische Universität Berlin, Ernst-Reuter-Platz 7, 10587, Berlin, Germany

    Patrick Stewin  & Jean-Pierre Seifert  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Paul, A., Schuster, F., König, H. (2013). Towards the Protection of Industrial Control Systems – Conclusions of a Vulnerability Analysis of Profinet IO. In: Rieck, K., Stewin, P., Seifert, JP. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2013. Lecture Notes in Computer Science, vol 7967. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39235-1_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39235-1_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39234-4

  • Online ISBN: 978-3-642-39235-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation