Abstract:

With the continuous development of automatic control technology, in the combination of industry automation control and computer information technology, more and more widely used, and gradually formed the industrial control system based on automatic control. Hackers have also turned their attention from previous attacks on Web servers to industrial control systems. By attacking the industrial control system not only pose a threat to the network system, and even destroy the industrial infrastructure, endangering personal safety and national security, industrial control system security has been widespread concern. Configuration software is an important part of industrial control system software, and its security will directly affect the safety of the whole industrial control system. This paper summarizes the characteristics of the industrial control system configuration software and the security risks, and to buffer overflow vulnerabilities as examples to analyze causes, attack and harm, and finally puts forward the security building on configuration software business logic, rights management, deployment, enhance the ability of security protection of the industrial control system and configuration software.

Key words: industrial control safety, configuration security, configuration software, buffer overflow