I will be previewing one S4 2009 paper each week. Digital Bond’s SCADA Security Scientific Symposium is Jan 21-22 in Miami Beach with an advanced control system security course on Jan 20th.

Last week’s preview focused on physical layer vulnerabilities in IEEE 802.15.4, the protocol underlying Zigbee, ISA 100, WirelessHART and other protocols being considered and deployed in control systems. This weeks preview is a companion paper that focuses on IEEE 802.15.4 implementation errors at the data link layer. The two papers lead off S4 Day 2 and should be a very interesting pair.

Low Level Design Vulnerabilities in Wireless Control System Hardware

The IEEE 802.15.4 protocol can suffer from hardware and software implementation vulnerabilities like any other protocol implementation even if the underlying protocol is vetted and considered secure. In this paper the authors, Bradley Singletary and Darren Highfill of EnerNex and Travis Goodspeed of UT/Knoxville, analyze 802.15.4 hardware and firmware implementations for vulnerabilities and resistance to attacks. Since popular hardware and firmware implementations of low layer protocols are often used in multiple vendor implementations, this work could have widespread ramifications.

Topics in the paper and presentation will include design induced vulnerabilities such as the extraction and modification of communications device firmware, man-in-the-middle attacks between chips of a communications devices, circumvention of protection measures, bus snooping, and other attacks. This abstract has me eagerly awaiting the full paper.

Other S4 Previews