Cargando…
Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation
Recently, as new threats from attackers are discovered, the damage and scale of these threats are increasing. Vulnerabilities should be identified early, and countermeasures should be implemented to solve this problem. However, there are limitations to applying the vulnerability discovery framework...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9460827/ https://www.ncbi.nlm.nih.gov/pubmed/36081035 http://dx.doi.org/10.3390/s22176575 |
| _version_ | 1784786842103578624 |
|---|---|
| author | Shin, Dong-Hyuk Kim, Ga-Yeong Euom, Ieck-Chae |
| author_facet | Shin, Dong-Hyuk Kim, Ga-Yeong Euom, Ieck-Chae |
| author_sort | Shin, Dong-Hyuk |
| collection | PubMed |
| description | Recently, as new threats from attackers are discovered, the damage and scale of these threats are increasing. Vulnerabilities should be identified early, and countermeasures should be implemented to solve this problem. However, there are limitations to applying the vulnerability discovery framework used in practice. Existing frameworks have limitations in terms of the analysis target. If the analysis target is abstract, it cannot be easily applied to the framework. Therefore, this study proposes a framework for vulnerability discovery and countermeasures that can be applied to any analysis target. The proposed framework includes a structural analysis to discover vulnerabilities from a scenario composition, including analysis targets. In addition, a proof of concept is conducted to derive and verify threats that can actually occur through threat modeling. In this study, the open platform communication integrated architecture used in the industrial control system and industrial Internet of Things environment was selected as an analysis target. We find 30 major threats and four vulnerabilities based on the proposed framework. As a result, the validity of malicious client attacks using certificates and DoS attack scenarios using flooding were validated, and we create countermeasures for these vulnerabilities. |
| format | Online Article Text |
| id | pubmed-9460827 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-94608272022-09-10 Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation Shin, Dong-Hyuk Kim, Ga-Yeong Euom, Ieck-Chae Sensors (Basel) Article Recently, as new threats from attackers are discovered, the damage and scale of these threats are increasing. Vulnerabilities should be identified early, and countermeasures should be implemented to solve this problem. However, there are limitations to applying the vulnerability discovery framework used in practice. Existing frameworks have limitations in terms of the analysis target. If the analysis target is abstract, it cannot be easily applied to the framework. Therefore, this study proposes a framework for vulnerability discovery and countermeasures that can be applied to any analysis target. The proposed framework includes a structural analysis to discover vulnerabilities from a scenario composition, including analysis targets. In addition, a proof of concept is conducted to derive and verify threats that can actually occur through threat modeling. In this study, the open platform communication integrated architecture used in the industrial control system and industrial Internet of Things environment was selected as an analysis target. We find 30 major threats and four vulnerabilities based on the proposed framework. As a result, the validity of malicious client attacks using certificates and DoS attack scenarios using flooding were validated, and we create countermeasures for these vulnerabilities. MDPI 2022-08-31 /pmc/articles/PMC9460827/ /pubmed/36081035 http://dx.doi.org/10.3390/s22176575 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Shin, Dong-Hyuk Kim, Ga-Yeong Euom, Ieck-Chae Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation |
| title | Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation |
| title_full | Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation |
| title_fullStr | Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation |
| title_full_unstemmed | Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation |
| title_short | Vulnerabilities of the Open Platform Communication Unified Architecture Protocol in Industrial Internet of Things Operation |
| title_sort | vulnerabilities of the open platform communication unified architecture protocol in industrial internet of things operation |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9460827/ https://www.ncbi.nlm.nih.gov/pubmed/36081035 http://dx.doi.org/10.3390/s22176575 |
| work_keys_str_mv | AT shindonghyuk vulnerabilitiesoftheopenplatformcommunicationunifiedarchitectureprotocolinindustrialinternetofthingsoperation AT kimgayeong vulnerabilitiesoftheopenplatformcommunicationunifiedarchitectureprotocolinindustrialinternetofthingsoperation AT euomieckchae vulnerabilitiesoftheopenplatformcommunicationunifiedarchitectureprotocolinindustrialinternetofthingsoperation |