Abstract
The safety of the Industrial Internet Control Systems has been a hotspot in the information security. To meet the needs of communication, a large variety of proprietary protocols have emerged in the field of industrial control. The protocol field is often trusted in the implementation of industrial control terminal code. If attackers modify the data of these fields using the protocol defect, the operation of the program can be controlled and the entire system will be affected. To cope with such security threats, academia and industry generally adopt fuzz test methods. However, the current industrial control protocol fuzz test methods generally have low code coverage, where unified description models are missing and test cases are not targeted. A method of fuzzification processing combined with dynamic multi-modal sensor communication data is proposed. To track the program execution, the dynamic pollution analysis is used to search for the input fields that affect the execution of the conditional branch and capture the dependencies between the conditional branches to guide the grammar generation of test cases, which can increase the chances of executing deep code. The experimental results show that the proposed method improves the validity and code coverage of test cases to a certain extent and greatly increases the probability of anomaly detection in the protocol implementation.
Highlights
The IIS (Industrial Internet System) was implemented by a variety of automation components to achieve data acquisition, control, monitoring, and other functions
A typical industrial Internet communication architecture generally consists of a three-layer structure, from high to low, respectively, the Enterprise Network, Monitoring Network, and Control System Network [1, 2]
The IIS refers to the system composed by the computer equipment and the industrial production control unit, mainly including the SCADA (Supervisory Control and Data Acquisition), the Distributed control system (DCS), the Process control system (PCS)
Summary
The IIS (Industrial Internet System) was implemented by a variety of automation components to achieve data acquisition, control, monitoring, and other functions. The Mu suite launched by Mu Dynamic Company [28] is applicable to protocols of IEC 61850, Modbus/TCP and DNP3, which constructs abnormal message data with the structured grammar analysis method and can extend the industrial Internet protocols with unknown specifications using the additional function Studio Fuzz. 1.4 Method and principle According to the industrial Internet protocol realization program, the section gets related dynamic multi-modal sensor communication data through dynamic taint analysis to guide the generation of test cases. The test case is used as the new input, in consideration of the expenses caused by program execution, the method proposed does not get the dynamic multi-modal sensor communication data of each conditional branch repeatedly. When there is no applicable test grammar found in DIF(xi), the case data shall be generated through variation with methods like random bit flip, extreme substitution, and boundary value substitution
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
