Advertisement

Penetration Testing of OPC as Part of Process Control Systems

  • Maria B. Line
  • Martin Gilje Jaatun
  • Zi Bin Cheah
  • A. B. M. Omar Faruk
  • Håvard Husevåg Garnes
  • Petter Wedum
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5061)

Abstract

We have performed penetration testing on OPC, which is a central component in process control systems on oil installations. We have shown how a malicious user with different privileges – outside the network, access to the signalling path and physical access to the OPC server – can fairly easily compromise the integrity, availability and confidentiality of the system. Our tentative tests demonstrate that full-scale penetration testing of process control systems in offshore installations is necessary in order to sensitise the oil and gas industry to the evolving threats.

Keywords

Information Security Process Control Penetration Testing OPC 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    OPC Overview 1.0, OPC Foundation 2008-01-17 (1998), http://www.opcfoundation.org/Downloads.aspx?CM=1&CN=KEY&CI=282
  2. 2.
    Understanding OPC and How it is deployed, Byres Research 2008-01-17 (2007), http://csrp.inl.gov/Recommended_Practices.html
  3. 3.
    DCOM Technical Overview, Microsoft Developer Network 2008-01-17 (1996), http://msdn2.microsoft.com/en-us/library/ms809340.aspx
  4. 4.
    Cheah, Z.b., Faruk, A.B.M.O.: Identifying and Responding to External Threats in a PCS Network. Norwegian University of Science and Technology Project Assignment, Trondheim (December 2007), http://sislab.no/blueteam.pdf
  5. 5.
    Grøtan, T.O., et al.: The SeSa Method for Assessing Secure Remote Access to Safety Instrumented Systems, SINTEF Report A1626, Trondheim (June 2007), http://www.sintef.no/content/page1_16321.aspx
  6. 6.
    Puget, M.B.J.-P., Barillere, R.: IT-CO recommended DCOM settings for OPC, CERN, Geneva (2005)Google Scholar
  7. 7.
    Carter, J., et al.: OPC Security. Digital Bond (2007)Google Scholar
  8. 8.
    Mora, L.: OPC Server Security Considerations. In: SCADA Security Scientific Symposium 2007, Miami, FL (2007)Google Scholar
  9. 9.
    Garnes, H.H., Wedum, P.: Innbruddstesting på prosesskontrollsystemer på oljeplattform, Norwegian University of Science and Technology Project Assignment, Trondheim (December 2007)Google Scholar
  10. 10.
    Zorn, G.: RFC 2759: Microsoft PPP CHAP Extensions, Version 2, The Internet Society (2000)Google Scholar
  11. 11.
    Line, M.B., et al.: Safety vs security? In: Eighth International Conference on Probabilistic Safety Assessment and Management, New Orleans, USA (2006)Google Scholar
  12. 12.
    GAO-07-1036 Critical Infrastructure Protection: Multiple Efforts to Secure Control Systems Are Under Way, but Challenges Remain, United States Government Accountability Office (2007), http://www.gao.gov/htext/d071036.html

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Maria B. Line
    • 1
  • Martin Gilje Jaatun
    • 1
  • Zi Bin Cheah
    • 2
  • A. B. M. Omar Faruk
    • 2
  • Håvard Husevåg Garnes
    • 3
  • Petter Wedum
    • 3
  1. 1.SINTEF ICTTrondheimNorway
  2. 2.Kungliga Tekniska HögskolanStockholmSweden
  3. 3.Google, TrondheimNorway

Personalised recommendations