Netinfo Security ›› 2019, Vol. 19 ›› Issue (4): 47-54.doi: 10.3969/j.issn.1671-1122.2019.04.006

Previous Articles     Next Articles

Research on Hardware Vulnerabilities Mining Method for Industrial Control Device Based on Dynamic Taint Analysis

Bin DUAN1(), Lan LI1,2, Jun LAI1,2, Jun ZHAN2   

  1. 1. Information Engineering School, Xiangtan University, Xiangtan Hunan 411105, China
    2. Hunan Ulitech Automation System Co., Ltd., Changsha Hunan 410205, China
  • Received:2018-11-22 Online:2019-04-10 Published:2020-05-11

Abstract:

In recent years, security events of industrial control system have occurred frequently. The vulnerabilities statistics of CNNVD and CVND show that the number of vulnerabilities in industrial control hardware is increasing year by year. Therefore, the research on exploiting vulnerabilities in industrial control hardware is of great significance to improve the safety of industrial control system. This paper chooses PLC firmware as the object of vulnerability mining and presents a method of hardware vulnerability mining of industrial control equipment based on dynamic stain analysis. This paper gives the taint propagation rules and the sensitive field quantization rules based on risk weight, which are used to generate guidance information to construct fuzzy test cases. This paper designs and implements a PLC_Taint Fuzzer vulnerability mining system. By setting up fuzzy test contrast experiment, this paper proves the efficiency of the method in vulnerability mining of industrial control equipment such as PLC.

Key words: PLC, guided fuzzy test, risk weight, vulnerability mining

CLC Number: