Design And Development Of Vulnerability Analysis And Attack Simulation Environment On Industrial Control System

With the combining of Industrialization,informatization,a large number of common IT technologies are introduced into industrial control systems(ICSs).As IT technology facilitating the industrial production management,it also bring IT field security vulnerabilities into the ICSs.These vulnerabilities,once exploited by the attacker,will result in serious accidents,which would result in economic property damage,it may lead to severe accidents ranging from the light damage about economic and property loss to the heavy damage about personal and widespread environmental loss.At present,at home and abroad,a series of work for ICSs vulnerability analysis have been carried out.In this paper,based on the study of industrial vulnerability analysis technology,combined with exploit technology and ICSs attack simulation technology,we analyse the characteristics of attack behavior and providing some simulation examples for the verification of industrial information security protection technology by conducting attack simulation.This paper firstly analyzes the security problem of ICSs,and then designs and develops the vulnerability analysis and attack simulation environment for ICSs in view of the security vulnerability analysis and verification.Vulnerability analysis and attack simulation environment of ICSs is composed of vulnerability analysis system and attack simulation system.The vulnerability analysis system is divided into two parts: known vulnerability scanning and unknown vulnerability discovering.Based on the analysis of the source,status and classification of the vulnerability in ICSs,this paper designs and implements the vulnerability scanning software of ICSs based on the fingerprint information matching of the vulnerability database,and introduces the framework and simulation test case for using the fuzzy testing technology to exploit the vulnerability of ICSs protocol.The implementation of attack simulation system based on ICSs vulnerabilities which is obtained by vulnerability scanning and vulnerability discovering system.Based on the ICSs network attack classification description system which is oriented by attack process,this paper proposes an approach of constructing intrusion attack process based on attack path automatic planning,designs and implements the ICSs attack simulation software.Finally,combined with the existing experimental examples of industrial security information simulation,this paper has carried out the experiment of vulnerability analysis and attack simulation experiment.The experimental results show that the vulnerability analysis and attack simulation environment designed in this paper have the ability to discover the vulnerability in the ICSs and launch the attack simulation.