THE OPERATION AND CYBER SECURITY OF INDUSTRIAL CONTROL SYSTEMS AND INDUSTRIAL COMMUNICATION PROTOCOLS: AN EXPLORATORY APPROACH

Abstract

In this thesis, an integrated examination of the operational principles and security aspects of industrial control systems and industrial communication protocols to discover exploitable vulnerabilities are investigated. This study primarily focuses on industrial automation equipment that utilizes industrial Ethernet. Of the many protocols developed by commercial vendors, only PROFINET, EtherNet/IP, EtherCAT, and Modbus TCP were researched. The investigation is based on observation of the principles of operation of these protocols and the functionality of industrial control systems. For this investigation, an environment that emulates a small scale industrial testbed was built utilizing commercial-off-the-shelf equipment. A multi-adaptive software tool, HERMES, was proposed and developed in the C programming language to allow active injection of malformed protocol data units. The result is an integrated platform that can be used for testing several exploitation tools, observing PROFINET communications, and testing the industrial equipment setup under injection of specially crafted packets.