A major trend in the automation and power industries is the transition from closed proprietary network solutions to open TCP/IP protocols running on Ethernet technologies. As these industries converge on an all IP platform, new challenges and requirements on the security level of the devices arise. The introduction of integrated operations in the oil and gas industry has provided many benefits for the industry, but it has also opened up the information flow between Distributed Control Systems (DCS), corporate and subcontractor's networks. These developments increase the posibility of cyber security vulnerabilities and incidents in DCS networks. This thesis focus on information security of DCS devices. We pressent and discuss state of the art technologies for protecting DCS networks. We analyse a DCS protocol and assume the role of an attacker, using this knowledge to direct attacks against the DCS protocol and devices. We also perform vulnerability testing on industrial switches and controllers at ABB's Corporate Research Center in Oslo, using vulnerability scanner and ''hacker'' tools known in the IT world. We identify security vulnerabilities in these devices and propose mitigation paths to remove these vulnerabilities.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ntnu-18327 |
| Date | January 2007 |
| Creators | Sørensen, Jan Tore |
| Publisher | Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Institutt for telematikk |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0021 seconds