Peach Improvement on Profinet-DCP for Industrial Control System Vulnerability Detection

Abstract

With the development of ICS, PLC and SCADA systems are interconnected with Ethernet and directly connected to internet, which greatly improve the efficiency of data sharing and introduced in security threats at the same time. Once crack fault occurrence of critical infrastructure will result in casualties and great economic loss. Peach Fuzzer is an advanced and extensible fuzzing platform and is restricted to those with TCP/UDP-based protocols on Windows Platform, the PN-DCP would not be supported without publisher to send PDU correctly. So it is urgent to develop an additional publisher for PN-DCP. In this paper, we propose a novel Peach improvement on Profinet-DCP for industrial control system vulnerability detection. We analyze the importance of vulnerability detecting for PN-DCP with Peach Fuzzer. Then, introducing the Peach Framework, the hierarchy of Profinet-DCP and the PitFile of Profinet-DCP. We also evaluate our approach through experiments, the results can fully satisfy the requirement of vulnerability detecting of PN-DCP on Peach platform.