White Paper: Analysis of Security Vulnerabilities for Industrial Control System Professionals

Earlier this week an Italian researcher published a list of 34 vulnerabilities against four SCADA/HMI products.

This content was submitted directly to this website by the supplier.

Today Joel Langill and Eric Byres are publishing a White Paper that analyzes the vulnerabilities for one of the product families, the ICONICS GENESIS HMI platform.

This White Paper covers:

• Vulnerability Details
• Affected Systems
• Detection and Removal
• Mitigations and Compensating Controls
• Frequently Asked Questions
• References

Although the vulnerabilities are relatively trivial, at a minimum they can be used to crash control system servers, causing a denial-of-service condition and loss of view. A more experienced attacker could exploit them to gain system access and then inject potentially malicious code.

This White Paper provides six measures that ICONICS GENESIS customers can take to protect their system from these vulnerabilities. Operators of other HMI products are advised to consider similar measures.

A blog article is also available about this White Paper:
"Protecting your ICONICS GENESIS SCADA HMI System from Security Vulnerabilities"

Byres Security Inc. - www.tofinosecurity.com

More in Control