TY - GEN
T1 - Security issues and mitigation in Ethernet POWERLINK
AU - Yung, Jonathan
AU - Debar, Hervé
AU - Granboulan, Louis
N1 - Publisher Copyright:
© Springer International Publishing AG 2017.
PY - 2017/1/1
Y1 - 2017/1/1
N2 - Ethernet POWERLINK is an industrial Ethernet protocol created for applications with high degree of determinism, and amongst the closest to real-time (class 3 industrial Ethernet protocol). Consequently, it was developed for efficiency and short cycle times, with no security as it would only slow down the communications. In this paper, we show that most of the common known industrial Ethernet attacks cannot be carried out for Ethernet POWERLINK due to its isochronous real-time characteristics. We also show that it is still possible to perform attacks to affect such a system. We thus present five different attacks: a denial of service, a command insertion for a slave and then for a master, and impersonation of a slave and, finally, of a master. These attacks are afterwards validated on a testbed. We finally present proposals to defend against them without adding any major delay in the cyclic communications, by modifying transitions of the state machines of the protocol.
AB - Ethernet POWERLINK is an industrial Ethernet protocol created for applications with high degree of determinism, and amongst the closest to real-time (class 3 industrial Ethernet protocol). Consequently, it was developed for efficiency and short cycle times, with no security as it would only slow down the communications. In this paper, we show that most of the common known industrial Ethernet attacks cannot be carried out for Ethernet POWERLINK due to its isochronous real-time characteristics. We also show that it is still possible to perform attacks to affect such a system. We thus present five different attacks: a denial of service, a command insertion for a slave and then for a master, and impersonation of a slave and, finally, of a master. These attacks are afterwards validated on a testbed. We finally present proposals to defend against them without adding any major delay in the cyclic communications, by modifying transitions of the state machines of the protocol.
U2 - 10.1007/978-3-319-61437-3_6
DO - 10.1007/978-3-319-61437-3_6
M3 - Conference contribution
AN - SCOPUS:85027063970
SN - 9783319614366
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 87
EP - 102
BT - Security of Industrial Control Systems and Cyber-Physical Systems - 2nd International Workshop, CyberICPS 2016, Revised Selected Papers
A2 - Cuppens-Boulahia, Nora
A2 - Cuppens, Frederic
A2 - Lambrinoudakis, Costas
A2 - Katsikas, Sokratis
PB - Springer Verlag
T2 - 2nd Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2016
Y2 - 26 September 2016 through 30 September 2016
ER -