Research On Fuzzy Testing Method For Industrial Control Protocol

With the rapid development of industrial informationization,the industrial control system has developed from the earliest dedicated computer real-time monitoring system to the comprehensive business system that widely uses Internet information technology.It has also caused serious safety problems while improving the level of system integration.An attacker can make use of the security vulnerabilities in the implementation of industrial control communication protocol to affect the normal operation of the whole system.As one of the main analysis and testing methods for security vulnerabilities,traditional fuzzing has many problems,such as low code coverage,lack of unified description model,weak pertinence of test cases,and too single mutation strategy.In view of the above problems,this thesis studies the fuzzing method for industrial control protocol,which is developed from two aspects of system and network.The main work is as follows:(1)From the system level,on the premise that source code or executable binary files can be obtained,a fuzzing method of industrial control protocol is proposed,which combines dynamic information of the program.The dynamic information of the program is extracted by the protocol,and the test case generation is guided,the code coverage rate is improved,and the probability of finding anomalies is increased.The feasibility of the method is verified by an example.The validity of the method is proved by simulation experiments.(2)From the network level,a grammar-based fuzzing method for industrial control protocol is proposed,which is restricted by the lack of source code.By establishing a grammar description model for industrial control protocol,only a single protocol model is needed to describe different types of message formats,selectively mutate sample data,and fully combine the semantic characteristics of industrial control protocol design.The mutation strategy enhances the pertinence of test cases,and verifies the feasibility of the method by case analysis.The effectiveness of the method is proved by simulation experiments.In view of this,starting from the level of industrial control protocol,it is of great significance to improve the overall security of industrial control system by studying the possible abnormal situation in terminal system components detected by fuzzing.