Fuzzing the SCADA protocol IEC 60870-5-104, Sean Torben Lengling

Sean Torben Lengling

Abstract

The critical infrastructure that we rely on everyday is managed by SCADA systems. These SCADA systems are under threat of outside influences, that is why the security of these systems has been investigated. With the increasing expansion of these systems a complex network of interconnected SCADA systems is formed. In this thesis the SCADA communications protocol IEC 60870-5-104 was investigated, using the insights gained a tool has been developed that may be utilized to attack applications that utilize the IEC 60870-5-104 protocol. By analyzing how and why different types of attacks might target a SCADA system a general need for a reconnaissance and vulnerability discovery tool was identified. This thesis shows various methods that may be utilized in the reconnaissance and vulnerability discovery of SCADA systems that utilize the IEC 60870-5-104 protocol to communicate. With the implementation of the results of this work practical testing of equipment may now take place, this practical testing will improve the overall security of the SCADA system.

Keywords: IT, OT, Exploit, ICS, SCADA