Skip to main content
SpringerLink
Log in

Actual Vulnerabilities of Industrial Automation Protocols of an Open Platform Communications Series

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Open Platform Communications (OPC), the interoperability standard for the secure and reliable exchange of data in the industrial automation space, consists of two main types of protocol – classic and unified. The paper reviews a classic set of DA/HDA/A&E protocols, which is based on Microsoft DCOM and RPC technologies. Architectural cyber threats of the classic type of OPC are systematized in this work.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.

Similar content being viewed by others

REFERENCES

  1. Levykin, M.V., New features of self-propagating malware, Sist. Sredstva Inf., 2011, vol. 21, no. 2, pp. 69–72.

    Google Scholar 

  2. The RPC Model. The RPC programming model in the official MSDN documentation. https://docs.microsoft.com/ en-us/windows/desktop/Rpc/microsoft-rpc-model.

  3. Authentication-Level Constants. Description of RPC levels in the official MSDN documentation. https://docs.microsoft.com/en-us/windows/desktop/rpc/authentication-level-constants.

  4. RPC_IF_CALLBACK_FN callback function. Procedure callback function that implements data security checks. https://docs.microsoft.com/ru-ru/windows/desktop/api/rpcdce/nc-rpcdce-rpc_if_callback_fn.

  5. BadLock attack description. https://adsecurity.org/?p=2812.

  6. Siering, P., Badlock—Why the Windows and Samba Vulnerability is Important. https://www.heise.de/ct/artikel/ Badlock-Why-the-Windows-and-Samba-Vulnerability-is-Important-3175176.html.

  7. Impacket Framework. Impacket Source Code. https://github.com/SecureAuthCorp/impacket.

  8. SpoolSample Utility. SpoolSample Source Code. https://github.com/leechristensen/SpoolSample.

  9. NetNTLMtoSilverTicket Utility. Source Code. https://github.com/NotMedic/NetNTLMtoSilverTicket.

  10. Grusho, A.A., Grusho, N.A., Levykin, M.V., and Timonina, E.E., Methods of identifying host capture in distributed metadata-protected computing systems, Inf. Primen., 2018, vol. 12, no. 4, pp. 39–43.

    Google Scholar 

  11. LogonTracer Utility. LogonTracer Source Code. https://github.com/JPCERTCC/LogonTracer.

Download references

Funding

The reported study was funded by RFBR according to the research project no. 18-29-03102.

Author information

Authors and Affiliations

  1. Peter the Great St.Petersburg Polytechnic University, 195251, St. Petersburg, Russia

    D. P. Zegzhda & M. O. Kalinin

  2. Federal Research Center “Computer Science and Control,” Russian Academy of Sciences, 119333, Moscow, Russia

    M. V. Levykin

Authors
  1. D. P. Zegzhda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. O. Kalinin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. M. V. Levykin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to D. P. Zegzhda or M. O. Kalinin.

Ethics declarations

The authors declare that they have no conflicts of interest.

Additional information

Translated by A. Muravev

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zegzhda, D.P., Kalinin, M.O. & Levykin, M.V. Actual Vulnerabilities of Industrial Automation Protocols of an Open Platform Communications Series. Aut. Control Comp. Sci. 53, 972–979 (2019). https://doi.org/10.3103/S0146411619080339

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411619080339

Keywords:

Search

Navigation