Vulnerability Remediation in ICS Infrastructure Based on Source Code Analysis

Abstract

The Industrial Control Systems (ICS) and its sub-processes, hardware and software, make possible the management and operation of industrial critical infrastructure and services such as: energy, water, defense, transportation. Nowadays, the biggest vendors on the market started developing for the ICS marketplace new systems with more power, control, stability, but these complex systems are susceptible to different threats such as: insider attack, third-party, technical or physical failure, external attacks. Therefore, is critical to protect ICS assets. Paying attention to the ISA/IEC 62443 standard, this paper is proposing methods for source code analysis using open source tools that can be used in development or testing phase by ICS professionals in order to detect new vulnerabilities and bugs (e.g. weak encryption, code disclosure, clear text passwords) using a vulnerability remediation management tool in order to have a complete view of new and existing security breaches. The purpose of this research paper is providing valuable information to ICS developers to increase security level in the production area with very little effort for the Internet exposed Programmable Logic Controllers (PLC).

https://ieeexplore.ieee.org/document/9324845