Automatic vulnerability detection plugin generation method and system for industrial control system

A technology for industrial control systems and vulnerability detection, which is applied in the direction of instruments, electrical digital data processing, platform integrity maintenance, etc. It can solve problems that may take ten minutes or even ten hours, verification time is uncontrollable, and restart time and problems Problems such as poor control can be achieved to improve the efficiency of vulnerability mining, reduce the time required for recurrence, and reduce the time for vulnerability mining

Inactive Publication Date: 2018-11-30
ELECTRIC POWER RES INST OF STATE GRID ZHEJIANG ELECTRIC POWER COMAPNY +1
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] 1) A single Fuzzing takes a long time, and the problem verification time is uncontrollable;
[0008] 2) A comprehensive fuzzing test on the target system may take tens of minutes or even ten hours;
[0009] 3) The scanning problem may be affected by other uncertain factors. If you want to reproduce the problem, it is difficult to control the time and problem points from the beginning;
[0010] 4) When verifying the same type of different devices with identified problems, Fuzzing again will take time and effort;
[0011] 5) Vulnerability detection can only trigger verification and cannot effectively use POC;
[0012] 6) When non-destructive scanning verification is performed on different devices of the same type with identified problems, there is a lack of powerful POC

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic vulnerability detection plugin generation method and system for industrial control system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] This embodiment provides a method for generating an industrial control system automation vulnerability detection plug-in, such as figure 1 As shown, it includes the Fuzzing test link, the vulnerability replay link and the vulnerability collection link.

[0036] The steps of the Fuzzing test link (that is, the vulnerability mining link) are as follows: construct a data source and store the data; obtain the data source, start the Fuzzing scan, and mine the vulnerability; monitor the mining process; if all the data sources are polled, there is no problem If triggered, the mining process will end; if there is a problem triggered, the data source node ID will be obtained and enter the loophole playback link;

[0037] The steps of the vulnerability playback link are as follows: generate a data source and obtain node information; obtain the data source and start Fuzzing scanning; verify that there is no problem, then end, if there is a problem, then enter the vulnerability col...

Embodiment 2

[0047] This embodiment provides a plug-in generation system for automatic vulnerability detection of an industrial control system, which includes a vulnerability mining module, a vulnerability playback module and a vulnerability collection module.

[0048]The working process of the vulnerability mining module is as follows: constructing a data source and storing the data; obtaining the data source, starting Fuzzing scanning, and mining the vulnerability; monitoring the mining process; if all the data sources are polled and no problem is triggered, the mining is ended process; if a problem is triggered, obtain the data source node ID and enter the vulnerability playback module;

[0049] The working process of the vulnerability playback module is as follows: generate a data source and obtain node information; obtain the data source and start Fuzzing scanning; verify that there is no problem, then end, if there is a problem, then enter the vulnerability collection module;

[0050...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an automatic vulnerability detection plugin generation method and system for an industrial control system. A current industrial control system vulnerability mining technology Fuzzing can find vulnerability but can not perform further processing on a vulnerability plugin. The method disclosed by the invention comprises a Fuzzing test link, a vulnerability playback link and avulnerability collecting link, the Fuzzing test link comprises the following sequential steps: constructing data sources and performing data storage; acquiring the data sources, starting to perform Fuzzing scanning, and mining vulnerability; monitoring a mining process; if all the data sources are completely polled and no problem is triggered, finishing the mining process; if a problem is triggered, acquiring node IDs of the data sources, and entering the vulnerability playback link; and the vulnerability playback link comprises the following sequential steps: generating the data sources andacquiring node information; acquiring the data sources, and starting to perform the Fuzzing scanning; and if no problem exists after verification, finishing, and if a problem exists, entering the vulnerability collecting link. The method disclosed by the invention can automatically generate a vulnerability detection plugin, converts unknown vulnerability into known vulnerability and improves vulnerability mining efficiency.

Description

technical field [0001] The invention relates to the field of industrial control systems, in particular to a method and system for generating an automatic loophole detection plug-in for an industrial control system. Background technique [0002] In an industrial control system, whether it is a primary system or a secondary system, as well as a bay layer or a process layer, business continuity and health are crucial, especially for the core monitoring of petrochemical, electric power, transportation, nuclear industry, water conservancy and other industries ,production system. However, due to its long-term closed and independent characteristics, the industrial control system has caused a lack of security construction, and does not have more fault-tolerant processing, such as the processing of abnormal instructions, and does not have high-pressure processing, such as fast data transmission and access. Wait. [0003] In the face of new industrial control security threats, super...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 孙歆戴桦汪自翔卢新岱姚影李霁远吕磅李沁园李景韩嘉佳王刘旺孙昌华周辉
Owner ELECTRIC POWER RES INST OF STATE GRID ZHEJIANG ELECTRIC POWER COMAPNY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap