VuTAT: Vulnerability Tests of AT Components
Prof. Dr. rer. nat. Stefan Heiss
01.10.2009 bis 31.12.2012
Motivation
By an increasing use of standardized IT technologies in the field of automation, the use of TCP/IP based protocols and applications, which are already used successfully in office environments for many years, becomes possible. Using standard IT technologies and protocols allows the integration of field level components and networks in corporate networks or even the internet. This allows geographic independent command, control and maintenance of such components.
However, through the use of standardized technologies and the advanced interconnectivity, additional threats from malicious software (malware like viruses and worms) endanger the failure-free operation of plants networked in this way. Since the destructive effect of malware is based on the exploitation of vulnerabilities (in SW implementations and/or protocol usages), the use of vulnerability free components becomes very important for a secure and failure-free operation of such a plant.
Project targets
The main target of the project is the development of a framework to analyze and identify vulnerabilities of different AT components, which are using Ethernet based communication protocols. The framework shall allow an easy application by non IT security specialist, in particular by developers and quality assurance personnel during the product development and testing phases. Finally, a PC based test environment shall be developed, which allows an almost automated application of the framework.
Heiko Adamczyk, Tino Döhring, Prof. Dr. rer. nat. Stefan Heiss
Jan-Christopher Brand, B. Sc., Prof. Dr. rer. nat. Stefan Heiss
Jan-Christopher Brand, B. Sc., Tino Döhring, Thomas Werner, Christopher Tebbe, Stefan Hausmann, M. Sc., Prof. Karl-Heinz Niemann, Prof. Dr. rer. nat. Stefan Heiss
Jeetika Kataria
Jeetika Kataria
Ehsan Bagheri
01.10.2011 till 01.02.2012
Patrick Bolduan
26.08.2010 till 26.08.2010
