Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.2.245

An Empirical Study on the Vulnerability of the Modbus Protocol Suitable for the SMEs Manufacturing Enterprises in Korea  

Yoo, Jung-hoon (The University of Suwon)
Bae, Chun-sock (The University of Suwon)
Goh, Sung-cheol (The University of Suwon)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.2, 2021 , pp. 245-262 More about this Journal
Abstract
Although smart manufacturing innovation announced by the Ministry of SMEs and Startups is set as the government's core national task and is pushing to distribute 30,000 smart factories by 2022, security issues of Modbus protocol still remain. Accordingly, the current status of exposure to Modbus at home and abroad and the status of vulnerabilities through major security information sites are investigated. In this paper, the experimental environment of Modbus/TCP was constructed in Cell/Area Zone and the risk of the control system was confirmed by referring to the PERA model for the purpose of confirming that the attack of the industrial control system that exploited the investigated Modbus vulnerability is possible. For the purpose of solving these threats, risk factors and countermeasures for each class were presented, and practicality was confirmed through a group of experts. Through this, it is expected that in domestic SMEs, the computer manager can use the security checklist as a security countermeasure for proactive prevention.
Keywords
ICS Protocol; Modbus protocol; CIP; Industrial Control System; ICS Security Checklist;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jong-Joo Lee.Seog-Joo Kim.Dong-Joo Kang, "A SCADA Testbed Implementation Architecture for Security Assessment", Journal of the Korean Institute of IIIuminating and Electrical Installation Engineers, vol. 24(4), pp. 50-56, Jan. 2010.   DOI
2 Yoo, Hyunguk, Yun, Jeong-Han, Shon, Taeshik, "Whitelist-Based Anomaly Detection for Industrial Control System Security", The Journal of Korea Information and Communications Society, vol. 38B(8), pp. 641-653, Aug. 2013.
3 Hyun-Seok Kim.Dong-Gue Park "Implementation of abnormal behavior detection system based packet analysis for industrial control system security", Journal of the Korea Academia-Industrial, vol.19(4). pp. 47-56, Apr. 2018.
4 Modbus Organization, "MODBUS Application Protocol Specification V1.1b3", pp.2, Apr. 2012.
5 Boannews, "The control facility network is no longer a "safe zone" https://www.boannews.com/media/view.asp?idx=45439, Mar. 2015.
6 Boannews, "[OT Security Report-3] Concentrated Dissection of Cyber Security Solutions in Smart Factory" https://www.boannews.com/media/view.asp?idx=93087&kind=3, Dec. 2020.
7 Jae-gu Song, Sungmo Jung, Seoksoo Kim, Taihoon Kim, Dong-Ju Kang, Seok Ju Kim, "Design of Hacking Test System for Modbus based SCADA", Korean institute of information Technology, vol. 7, no. 5, pp. 183~190, Oct. 2009.
8 Purdue Enterprise Reference Architecture, https://en.wikipedia.org/wiki/Purdue_Enterprise_Reference_Architecture, Feb. 2020.
9 Dailysecu, "Deadly loopholes in the SCADA system revealed... Easily hacked" https://www.dailysecu.com/news/articleView.html?idxno=992, Nov. 2011.
10 KISA, "Smart Factory Cyber Security Guide", Dec, 2019
11 ITWORLD, "ICS weaknesses revealed by protocol gateway flaws... Trend Micro Presentation at Black Hat Conference" https://www.itworld.co.kr/t/63417/%EC%82%AC%EB%AC%BC%EC%9D%B8%ED%84%B0%EB%84%B7/160645, Aug. 2020.
12 ISA, "Quick Start Guide: An Overview of the ISA/IEC 62443 Standards", https://gca.isa.org/blog/download-the-new-guide-to-the-isa/iec-62443-cybersecurity-standards, Jun. 2020.
13 Shodan ICS Radar, https://ics-radar.shodan.io, Feb., 2020
14 ISO/IEC 27002, "Information Technology-Security Techniques-Code of practice for information security controls", Second edition, Oct, 2013.
15 Smart Manufacturing Standardization Forum, "Smart Factory Minimum Security Guide",http://smartforum.or.kr/policy/policy_read.html?seq=46&page=1, Sep, 2016.
16 I. N. Fovino, A. Carcano, M. Masera and A. Trombetta, "Design and implementation of a secure modbus protocol," Critical Infrastructure Protection III, Springer Berlin Heidelberg, vol. 311, pp. 83-96, 2009.
17 wikipedia, "modbus" https://en.wikipedia.org/wiki/Modbus,Dec. 2020.
18 Ministry of SMEs and Startups, https://www.mss.go.kr/site/smba/ex/bbs/View.do?cbIdx=86&bcIdx=1009410&parentSeq=1009410, Dec. 2018.
19 National Vulnerability Database, "modbus" https://nvd.nist.gov/vuln/search, Feb. 2020.
20 Mitre CVE, "modbus" http;//https://cve.mitre.org/data/downloads/index.html, Feb. 2020.
21 IBMX-force Exchange, "modbus" https://exchange.xforce.ibmcloud.com, Feb., 2020.
22 P. Huitsing, R. Chandia, M. Papa, and S. Shenoi, "Attack taxonomies for the Modbus protocols," International Journal of Critical Infrastructure Protection, vol. 1, pp. 37-44, Dec. 2008.   DOI