End-to-End Framework for Identifying Vulnerabilities of Operational Technology Protocols and Their Implementations in Industrial IoT by Matthew Boeding, Michael Hempel, Hamid Sharif

“…Initially, protocol specifications are modeled to identify any vulnerable states within the protocol, leveraging the Construction and Analysis of Distributed Processes (CADP) software (version 2022-d “Kista”, which was created by Inria, the French Institute for Research in Computer Science and Automation, in France). Device characteristics are then extracted through automated real-time network emulation tests built on the OMNET++ framework, and all measured device characteristics are then used as a virtual device representation for network simulation tests within the OMNET++ software (version 6.0.1., a public-soucre, open-architecture software, initially developed by OpenSim Limited in Budapest, Hungary), to verify the presence of any potential vulnerabilities identified in the formal modeling stage. …”
Get full text