White Paper: Analysis of Security Vulnerabilities for Industrial Control System Professionals

March 31, 2011
Earlier this week an Italian researcher published a list of 34 vulnerabilities against four SCADA/HMI products.

Today Joel Langill and Eric Byres are publishing a White Paper that analyzes the vulnerabilities for one of the product families, the ICONICS GENESIS HMI platform.

This White Paper covers:

• Vulnerability Details
• Affected Systems
• Detection and Removal
• Mitigations and Compensating Controls
• Frequently Asked Questions
• References

Although the vulnerabilities are relatively trivial, at a minimum they can be used to crash control system servers, causing a denial-of-service condition and loss of view. A more experienced attacker could exploit them to gain system access and then inject potentially malicious code.

This White Paper provides six measures that ICONICS GENESIS customers can take to protect their system from these vulnerabilities. Operators of other HMI products are advised to consider similar measures.

A blog article is also available about this White Paper:
"Protecting your ICONICS GENESIS SCADA HMI System from Security Vulnerabilities"

Byres Security Inc. - www.tofinosecurity.com

Sponsored Recommendations

From robotic arms to high-speed conveyors, accuracy matters. Discover how encoders transform motor control by turning motion into real-time data?delivering tighter speed control...
Safety in automation goes beyond fences and emergency stops. Learn how functional safety actively monitors and controls motion?delivering smarter protection, greater flexibility...
Inductive Automation offers multiple editions of Ignition created for specific use cases. See what differentiates Ignition, Ignition Edge, Ignition Cloud Edition, and Ignition...
Castle & Key brought new life to a historic Kentucky distillery by blending 140 years of heritage with cutting-edge automation. With help from Gray AES, they replaced outdated...