Fuzzing ICS Protocols: Modbus Fuzzer Framework

Fuzzing ICS Protocols: Modbus Fuzzer Framework

Paper in proceedings (conference paper)

Traditionally, industrial control systems were very isolated and industrial control systems operated with very consistent data traffic. Along with the trend of Industry 4.0, their isolation is decreasing and industrial systems are much more connected to other networks. Specifically for these systems, there is a strong focus on their reliability, but also on cyber security. This paper focuses on the widely used industrial Modbus protocol, its security aspects and its structure. A tool for fuzzing testing of this protocol is presented in order to detect possible vulnerabilities in Modbus devices. The architecture of the proposed fuzzer is described in detail. The capabilities of the fuzzer are then demonstrated on a testbed.

Traditionally, industrial control systems were very isolated and industrial control systems operated with very consistent data traffic. Along with the trend of Industry 4.0, their isolation is decreasing and industrial systems are much more connected to other networks. Specifically for these systems, there is a strong focus on their reliability, but also on cyber security. This paper focuses on the widely used industrial Modbus protocol, its security aspects and its structure. A tool for fuzzing testing of this protocol is presented in order to detect possible vulnerabilities in Modbus devices. The architecture of the proposed fuzzer is described in detail. The capabilities of the fuzzer are then demonstrated on a testbed.

modbus;ICS;SCADA;fuzzing;cyber security

modbus;ICS;SCADA;fuzzing;cyber security

ILGNER, P.; FUJDIAK, R.

2023

26.09.2022

IEEE

978-1-6654-9363-5

2022 IEEE International Carnahan Conference on Security Technology (ICCST)

1

6

6

https://ieeexplore.ieee.org/document/9896405