Assessing the Security of OPC UA Deployments

DSpace Repositorium (Manakin basiert)

Zur Kurzanzeige

dc.contributor.author Roepert, Linus
dc.contributor.author Dahlmanns, Markus
dc.contributor.author Fink, Ina
dc.contributor.author Pennekamp, Jan
dc.contributor.author Henze, Martin
dc.date.accessioned 2020-05-11T12:51:19Z
dc.date.available 2020-05-11T12:51:19Z
dc.date.issued 2020-05-11
dc.identifier.other 169802035X de_DE
dc.identifier.uri http://hdl.handle.net/10900/100433
dc.identifier.uri http://nbn-resolving.de/urn:nbn:de:bsz:21-dspace-1004337 de_DE
dc.identifier.uri http://dx.doi.org/10.15496/publikation-41813
dc.description.abstract To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors. en
dc.language.iso en de_DE
dc.publisher Universität Tübingen de_DE
dc.rights ubt-podok de_DE
dc.rights.uri http://tobias-lib.uni-tuebingen.de/doku/lic_mit_pod.php?la=de de_DE
dc.rights.uri http://tobias-lib.uni-tuebingen.de/doku/lic_mit_pod.php?la=en en
dc.subject.classification OPC UA de_DE
dc.subject.ddc 004 de_DE
dc.title Assessing the Security of OPC UA Deployments en
dc.type ConferenceObject de_DE
utue.publikation.fachbereich Informatik de_DE
utue.publikation.fakultaet 7 Mathematisch-Naturwissenschaftliche Fakultät de_DE
utue.opus.portal itgsec1 de_DE

Dateien:

Das Dokument erscheint in:

Zur Kurzanzeige