Vulnerability Discovery Method Based on Control Protocol Fuzzing for a Railway SCADA System

Kim, Woo-Nyon; Jang, Moonsu; Seo, Jeongtaek; Kim, Sang–Wook

doi:10.7840/kics.2014.39c.4.362

Cited by 2 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At present, the commonly used vulnerability mining techniques are divided into static analysis, dynamic analysis, binary comparison, fuzzy testing, and so on [6][7][8][9][10][11][12]. Fuzzy testing has the advantages of high automation, low system consumption, low false-alarm rate, and being independent of the source code of the object program [7].…”

Section: Introductionmentioning

confidence: 99%

A Test Cases Generation Method for Industrial Control Protocol Test

Shang

Zhang

Wang

et al. 2021

Scientific Programming

View full text Add to dashboard Cite

The coverage of test cases is an important indicator for the security and robustness test of industrial control protocols. It is an important research topic to complete the test with less use cases. Taking Modbus protocol as an example, a calculation method of case similarity and population dispersion based on weight division is proposed in this paper. The method can describe the similarity of use cases and the dispersion degree of individuals in the population more accurately. Genetic algorithm is used to generate and optimize test cases, and individual similarity and population dispersion are used as fitness functions of genetic algorithm. Experimental results show that the proposed method can increase the population dispersion by 3.45% compared with the conventional methods and effectively improve the coverage of test cases.

show abstract

Section: Introductionmentioning

confidence: 99%

A Test Cases Generation Method for Industrial Control Protocol Test

Shang

Zhang

Wang

et al. 2021

Scientific Programming

View full text Add to dashboard Cite

show abstract

“…Fuzzing is used in dynamic stage and has two methods in which the data is entered: randomly and orderly. When choosing the data in regards to the software, it is suggested that the data is chosen by considering the characteristics of the related field and the usage of the software as well as the process [5].…”

Section: Related Workmentioning

confidence: 99%

The Design of Vulnerability Analysis for Secure Coding of Open Source Software

Kim¹,

Jee²,

Lee³

et al. 2016

Advanced Science and Technology Letters

View full text Add to dashboard Cite

Abstract. The number of software that uses open source has been increasing recently. Various kinds of such software have been developing and are getting used in many different fields. However, these kinds of software may have different limitations and vulnerabilities in which the developer may not recognize. They could also put the companies that are using the software at a greater risk. This study strategically analyzes the vulnerabilities of the open source software and provides an analysis platform that is verified. This study also provides the vulnerability analysis result from experimenting and by implementing the main engine module with prototype on the open source software analysis platform.

show abstract

Vulnerability Discovery Method Based on Control Protocol Fuzzing for a Railway SCADA System

Cited by 2 publications

References 8 publications

A Test Cases Generation Method for Industrial Control Protocol Test

A Test Cases Generation Method for Industrial Control Protocol Test

The Design of Vulnerability Analysis for Secure Coding of Open Source Software

Contact Info

Product

Resources

About