Litcius/Paper detail

Missed Opportunities

Markus Dahlmanns, Johannes Lohmöller, Jan Pennekamp, Jörn Bodenhausen, Klaus Wehrle, Martin Henze

2022Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security39 citationsDOIOpen Access PDF

Abstract

The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and authentication, (i) traditional industrial protocols, e.g., Modbus, are retrofitted with TLS support, and (ii) modern protocols, e.g., MQTT, are directly designed to use TLS. To understand whether these changes indeed lead to secure Industrial Internet of Things deployments, i.e., using TLS-based protocols, which are configured according to security best practices, we perform an Internet-wide security assessment of ten industrial protocols covering the complete IPv4 address space.

Topics & Concepts

Computer scienceModbusComputer securityThe InternetMQTTAuthentication (law)IPsecSecurity associationComputer networkCommunications protocolInternet of ThingsWorld Wide WebCloud computing securityCloud computingNetwork Access ControlOperating systemSmart Grid Security and ResilienceIoT and Edge/Fog ComputingAdvanced Malware Detection Techniques
Missed Opportunities | Litcius