Research On Vulnerability Discovery Of Power Industrial Control System Based On Fuzzing Testing

Power industry is one of the pillar industries of the national key information infrastructure.Electricity generation,substation,transmission,distribution,electricity,comprehensive dispatch and other together to constitute the power industry production value chain,each link has a large number of industrial control equipment applications.But the industrial field automation equipment integration is high,the equipment factory is diverse and complex,the industrial control system application development is realized mainly by the function interface without the thorough safety robustness test.which provides convenient conditions for hackers to use,making the electric power industrial control system exposed to information security risks.Due to the lack of relevant industrial control vulnerability detection means timely and effective detection of the security defects in the control system failure has buried hidden dangers for the system after operating.How to detect the security defects of industrial control system before the attackers to promote the application of industrial control system to improve the system,has become a hot topic in the field of industrial control security.In many security technologies,vulnerability mining is an important means to ensure the security of industrial control system.This paper mainly focuses on the power industry industrial control system vulnerability mining technology for related research,the specific research content is as follows:(1)The research of protocol Fuzzing vulnerability mining technology uses Fuzzing technology through the construction of abnormal message method to verify the industrial control system security defects.This paper presents a method of Fuzzing vulnerability mining based on Sulley open source framework,and improves the design of the original Sulley framework.Based on that,to expand the data analysis module and increase data playback,specified data content transmission,error judgment,equipment survival status judgment and other functions to improve the ability of protocol data analysis for specific protocols.(2)Based on the improved Sulley framework system,to study the vulnerability mining of IEC 60870-5-104 protocol and Modbus_TCP protocol,which is widely used in industrial control system of electric power industry.The protocol variation and process tracking of industrial control protocol are carried out by using Fuzzing technology.The Fuzzing test cases of IEC 60870-5-104 and Modbus_TCP are written respectively.(3)To study the Fuzzing method of the related file format in Windows platform,and generate the deformed file based on the file structure.According to the existing File Fuzz open source Fuzzing test software file format vulnerability exploitation research.This paper presents a method of vulnerability exploitation based on Fuzzing technology in the upper computer level.(4)To study how to apply protocol Fuzzing vulnerability mining technology into product application,develop vulnerability mining system which can automatically conduct Fuzzing test,design system structure and system components.Taking the common PLC controller and FTU device in the power industry as test objects,the vulnerability mining test experiment is carried out by using the Fuzzing system which is designed and developed.