White Paper: Analysis of Security Vulnerabilities for Industrial Control System Professionals

March 31, 2011
Earlier this week an Italian researcher published a list of 34 vulnerabilities against four SCADA/HMI products.

Today Joel Langill and Eric Byres are publishing a White Paper that analyzes the vulnerabilities for one of the product families, the ICONICS GENESIS HMI platform.

This White Paper covers:

• Vulnerability Details
• Affected Systems
• Detection and Removal
• Mitigations and Compensating Controls
• Frequently Asked Questions
• References

Although the vulnerabilities are relatively trivial, at a minimum they can be used to crash control system servers, causing a denial-of-service condition and loss of view. A more experienced attacker could exploit them to gain system access and then inject potentially malicious code.

This White Paper provides six measures that ICONICS GENESIS customers can take to protect their system from these vulnerabilities. Operators of other HMI products are advised to consider similar measures.

A blog article is also available about this White Paper:
"Protecting your ICONICS GENESIS SCADA HMI System from Security Vulnerabilities"

Byres Security Inc. - www.tofinosecurity.com

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.

Micro Motion 4700 Coriolis Configurable Inputs and Outputs Transmitter

The Micro Motion 4700 Coriolis Transmitter offers a compact C1D1 (Zone 1) housing. Bluetooth and Smart Meter Verification are available.