In this talk I will survey the leading communication bus protocols, with a focus on their inherent security vulnerabilities: Modbus and the Siemens protocols in industrial control systems, CAN bus in automotive in-vehicle networks, and ARINC429 in civilian aircraft networks. Power plants, cars and aircraft are not cellphones: they continue to function for 25-50 years! So there is a need to retrofit security mechanisms into the old insecure designs. And then we find that the legacy networks are victims of their own success: Replacing the networking technology with secure alternatives is extremely expensive and slow. Once these isolated systems are connected to the Internet, the old design choices are exposed, and become easy attack surfaces. No defenses against malicious adversaries were designed in. As a result, the communication bus protocols were designed to function well despite natural phenomena such as noise, interference, radiation and so forth. Many important networking systems were designed decades ago, with a "closed environment" as a fundamental invariant: the networking infrastructure in a moving car, a flying aircraft, or a fenced power plant, were implicitly assumed to be isolated. Securing legacy communication buses: industrial control systems, in-vehicle and in-aircraft networks
0 kommentar(er)
