Abstract
Heavy industrial machinery is a primary asset for the operation of key sectors such as construction, manufacturing, and logistics. Targeted attacks against these assets could result in incidents, fatal injuries, and substantial financial loss. Given the importance of such scenarios, we analyzed and evaluated the security implications of the technology used to operate and control this machinery, namely industrial radio remote controllers. We conducted the first-ever security analysis of this technology, which relies on proprietary radio-frequency protocols to implement remote-control functionalities. Through a two-phase evaluation approach we discovered important flaws in the design and implementation of industrial remote controllers. In this paper we introduce and describe 5 practical attacks affecting major vendors and multiple real-world installations. We conclude by discussing how a challenging responsible disclosure process resulted in first-ever security patches and improved security awareness.
Cite
CITATION STYLE
Maggi, F., Balduzzi, M., Andersson, J., Lin, P., Hilt, S., Urano, A., & Vosseler, R. (2019). A security evaluation of industrial radio remote controllers. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11543 LNCS, pp. 133–153). Springer Verlag. https://doi.org/10.1007/978-3-030-22038-9_7
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
