CNR Institutional Research Information System

The ever-increasing adoption at the factory field level of COTS (commercial off-the-shelf) hardware and software to host both real-time control tasks and a general-purpose operating system on the same machine is profoundly influencing the extent of threats that a factory network and computing infrastructure shall be prepared to deal with. In fact, these machines share with their office automation counterparts the same kinds of vulnerabilities and, being often interconnected to computers providing services to the public, are prone to cyber-attacks. In this paper, the architecture and use of a software tool able to analyse a factory network for vulnerabilities are described. Automating the analysis is of outmost importance because, as the complexity of the network grows, the problem rapidly becomes hard to tackle by hand due to the subtle interactions that may occur among apparently unrelated vulnerabilities.

On the Analysis of Vulnerability Chains in Industrial Networks

M Cheminod;I Cibrario Bertolotti;L Durante;A Valenzano

2008

Abstract

The ever-increasing adoption at the factory field level of COTS (commercial off-the-shelf) hardware and software to host both real-time control tasks and a general-purpose operating system on the same machine is profoundly influencing the extent of threats that a factory network and computing infrastructure shall be prepared to deal with. In fact, these machines share with their office automation counterparts the same kinds of vulnerabilities and, being often interconnected to computers providing services to the public, are prone to cyber-attacks. In this paper, the architecture and use of a software tool able to analyse a factory network for vulnerabilities are described. Automating the analysis is of outmost importance because, as the complexity of the network grows, the problem rapidly becomes hard to tackle by hand due to the subtle interactions that may occur among apparently unrelated vulnerabilities.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno
	
				2008
			
	Strutture organizzative
	
				Istituto di Elettronica e di Ingegneria dell'Informazione e delle Telecomunicazioni - IEIIT
			
	Lingua/e
	
				Inglese
			
	Titolo del convegno
	
				7th IEEE International Workshop on Factory Communication Systems (WFCS 2008),
			
	Da pagina
	
				215
			
	A pagina
	
				224
			
	Numero di pagine
	
				10
			
	Codice ISBN
	
				978-1-4244-2349-1
			
	Codice DOI
	
				https://dx.doi.org/10.1109/WFCS.2008.4638740
			
	URL
	
				http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4638740
			
	Nome Editore
	
				IEEE-Institute Of Electrical And Electronics Engineers Inc.
			
	Città Editore
	
				Piscataway
			
	Nazione Editore
	
				STATI UNITI D'AMERICA
			
	Referee
	
				Sì, ma tipo non specificato
			
	Periodo del Convegno
	
				21-23 Maggio 2008
			
	Luogo del Convegno
	
				Dresden
			
	Parole chiave
	
				industrial networks
security
automated analysis
vulnerabilities
software tools
			
	Codice Scopus
	
				2-s2.0-56349103283
			
	Numero autori
	
				4
			
	Fulltext
	
				none
			
	Tutti gli autori
	
						Cheminod, M; Cibrario Bertolotti, I; Durante, L; Valenzano, A
					
	Tipologia Login Miur
	
				273
			
	Tipologia
	
				info:eu-repo/semantics/conferenceObject
			
	Tipologia
	
				04 Contributo in convegno::04.01 Contributo in Atti di convegno
			
	Appare nelle tipologie:
	
				04.01 Contributo in Atti di convegno

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/67825

Citazioni

ND

11

ND

social impact