산업제어시스템을 위한 향상된 보안 프레임워크
Security Enhanced Framework for Industrial Control System
- 주제(키워드) ICS , SCADA , SmartGrid , Fuzzing , Certification , SmartMeter , DCU , Verification
- 발행기관 아주대학교
- 지도교수 손태식
- 발행년도 2016
- 학위수여년월 2016. 2
- 학위명 석사
- 학과 및 전공 일반대학원 컴퓨터공학과
- 실제URI http://www.dcollection.net/handler/ajou/000000022011
- 본문언어 영어
- 저작권 아주대학교 논문은 저작권에 의해 보호받습니다.
초록/요약
Existing industrial control system, in order to increase the reliability of the data, and access control through the separation of external network. However, the current industrial control system tends to increase the efficiency of operations and systematic management, the need for connection to an external network in consideration of economic aspects have increased. These developments are to have vulnerabilities more security than in the past, communications in industrial control systems requires special control method. In this paper, taking into account the domestic environment, it was presented the security authentication technology that was applied to serial DNP3 and TCP / IP-based DNP3, which is mainly used in the Control Center and the Field Device. Presented to security of Certification technology, divided into Resource Robustness Test and Malicious Packet Test for evaluate the safety. Each of the security requirements and evaluation method in proposed technology, is an attempt to present the differentiation of the existing Certification technology. And propose specific methods for Fuzzing tests in the security authentication technique to be proposed and implemented, by testing the actual domestic power control system equipment, and tried to verify compliance.
more목차
1. Introduction 1
2. Related & Background 5
2.1 Related Works for ICS Security Certification 5
2.1.1 Achilles Certification 5
2.1.2 ISASecure Certification Program 7
2.2 Background for ICS Fuzzing based Security Framework 10
2.2.1 Fuzzing 10
2.2.2 Fuzzing for ICS Communication Protocols 11
2.2.3 DLMS/COSEM Communication Protocol 12
3. Proposed Security Enhanced Framework for ICS 16
3.1 Part 1 : Proposed Security Certification Framework 16
3.1.1 The Foundations of Security Certification Structure 16
3.1.2 Security Certification Method 18
3.2 Part 2 : Proposed Fuzzing based Security Framework 28
3.2.1 Data Types 30
3.2.2 Information Gathering Method 30
3.2.3 Generation Fuzzing Data 34
3.2.4 Logging and Monitoring 37
4. Comparison and Experimental Results 39
4.1 Comparative Analysis of Security Certification 39
4.2 Test Environment for Fuzzing Test 41
4.3 Verification Result 41
5. CONCLUSION 48
